*sleepfix* Pwning 4.0 on New Bootrom 3G[S] w/3.1.2
**BEFORE PROCEEDING, ENSURE THAT YOU HAVE YOUR PHONE BACKED UP!**
THIS TUTORIAL ASSUMES YOU ARE ALREADY ON 3.1.2!
-------
WHAT YOU WILL NEED:
* An iPhone 3G[S] -- new bootrom
* 3.1.2 already installed or 3.1.2 installed via SHSH blobs. <-- Broken blackra1n'd devices will work. (Especially if Spirit messed you up!).
* Payload Pwner-r3 for the 3GS.
* sn0wbreeze V1.7
* iBooty V1.3
* LibUSB (64-Bit users read carefully!!!)
* 3.1.2/4.0 3GS firmware downloaded.
-------
*NOTE : IF YOU HAVE THE SLEEP ISSUE, YOU WILL NEED TO RESTORE BACK TO 3.1.2 FIRST.*
STEP A : Installing LibUSB for iRecovery
Run this mini tool to detect your O/S + Arch. -- Windows + Arch. Detector
*********
WARNING : IF LIBUSB IS NOT INSTALLED PROPERLY, YOUR USB MIGHT NO LONGER WORK!
*********
Windows XP Users download this installer -- LibUSB Installer
*********
Windows Vista/7 users RUNNING 32-Bit:
* Download the installer and run it in compatibility mode for Windows XP.
*********
If you are a 64-Bit user, follow this tutorial -- LibUSB 64-Bit Tut
*********
Once LibUSB is installed iRecovery should be able to function now.
-------
STEP B : Pwning iBEC + iBoot
I : Download this easy tool here -- Payload Pwner-r3 for 3GS // It will help you create the payload + iBEC.
**SAVE THE PAYLOAD + iBEC WHERE iBooty is.**
-------
STEP C : Making a Custom IPSW
I : Download sn0wbreeze V1.7
II : USE EXPERT MODE!
III : In General, Checkmark "Disable NOR Flash" <-- THIS IS ESSENTIAL!!!!
IV : Build it. It will be on your Desktop.
**CUSTOM BOOT LOGOS THAT ARE MADE IN sn0wbreeze WILL NOT WORK ON NEW BOOTROMS!**
*Mac Users : PwnageTool does not have this option. I don't think it will ever be in there. Use a Windows Virtual Machine or friends PC to create your firmware.*
-------
STEP D: iBooty Prep.
Most of you know of the utility "iBooty" that I made for Aki_nG.
It will work as long as you place all of the correct files there.
I : Download iBooty GUI here -- iBooty for 3GS and Extract it.
II : Extract your Custom IPSW created by sn0wbreeze with 7-Zip or another un-archiver.
III : Grab the kernelcache and bring it into the same folder as ibooty.
Also grab the iBEC from the folder "Firmware\dfu\iBEC.n88ap.RELEASE.dfu"
Aswell as DeviceTree from the folder "Firmware\all_flash\all_flash.n88ap.production\Dev iceTree.n88ap"
IV :
* Rename your Kernel 4.0-Custom to "kernel.40"
* Rename your iBEC 4.0-Custom to "ibec.40"
* Rename your DeviceTree 4.0-Custom to "devtree.40"
======
Your folder should look like this :
- iboot.payload <-- Created with Payload Pwner.
- devtree.40 <-- Grabbed from Custom IPSW made by sn0wbreeze.
- ibec.40 <-- Grabbed from Custom IPSW made by sn0wbreeze.
- irecovery.exe <-- Comes with iBooty.
- readline5.dll <-- Comes with iBooty.
- iBooty.exe <-- Comes with iBooty.
- kernel.40 <-- Grab from Custom IPSW made by sn0wbreeze.
- sn0w.img3 <-- Comes with iBooty.
- wait.img3 <-- Comes with iBooty.
======
-------
STEP E: Restoring to 4.0 + Booting
-------
*MAKE SURE YOU ARE ON 3.1.2 WHEN DOING THIS*
I : Run iBooty and Select "Prepare Device for Custom Firmware". Run the Process and if you see the image, you can proceed!
II : Now open iTunes and restore to the custom ipsw.
***WHEN DONE, YOUR DEVICE WILL GO INTO RECOVERY MODE. IT WONT BOOT.***
-------
STEP F : Booting
I : Just Re-Run iBooty and select "Boot It". If all goes well it will boot!
0 comments:
Post a Comment