IPhone 3GS Hacking

From ivc wiki
Revision as of 21:15, 26 July 2009 by Ivc (talk | contribs)
Jump to navigationJump to search

This the the third revision Apple has made to the to the iPhone. It mainly improves the processor speed, system memory, camera, and adds compass functionality. Although it seems like a minor update it certainly has an effect. The device operates more like it should and feels very responsive, almost no waiting opening applications or performing tasks.

Jailbreaking

Jailbreaking the 3GS is different from the former models. The 3GS incorporates a new encrypted system security model.

I jailbroke the 3GS on a Mac in a two step process, first acquiring the iBEC and iBSS encryption files, then jailbreaking it using purplera1n.

Capture iBEC and iBSS (done on a Mac):

  • Download the v3.0 firmware for the 3GS in Firefox (Safari will extract the image if not set up properly)
  • Backup the 3GS, it has to be restored next
  • Open a Finder window, select the Go menu, and select 'Go to Folder', paste this path '/Users/<USERNAME>/Library/Caches/Cleanup At Startup' (replace with your username)
  • With the window open in the background, turn off the 3GS and connect it to the Mac
  • Hold the power button for 3 seconds, then hold both the power and home button for 10 seconds, and at last relase the power button, this will make it enter DFU Mode
  • iTunes will respond and say it found an iPhone in restore mode, which is what we need
  • Now, in iTunes alt+click the restore button and select the v3.0 ipsw file downloaded previously
  • Switch back to the window opened earlier and wait until the extraction is done in iTunes, once done copy the entire folder to your desktop
  • Let the restore process complete and in the meanwhile go to the 'Apple Software/DFU/' folder and you will see two files starting with iBEC and iBSS. Copy these files to a safe place. These will allow the iPhone to be jailbroken at anytime in the future as it includes the security keys to patch and talk to the 3GS.

Jailbreaking using purplera1n (done on a Mac):

  • Setup a Wifi connection if the iPhone was restored previously
  • Download the purplera1n application from purplera1n.com
  • Connect the 3GS and execute the application
  • Click 'Make it ra1n' and wait for the 3GS to reboot
  • The payload will be uploaded to the iPhone and once done a new application called 'Freeze' will show up on the 3GS
  • Open the 'Freeze' application and tap 'Install Cydia', wait for it to complete
  • Reboot the 3GS and open 'Freeze' once again and 'Install Cydia' once more
  • Now Cydia should be properly installed and the 3GS is now jailbroken!

References