IPhone 3GS Hacking

From ivc wiki
Jump to navigationJump to search

This the the third revision Apple has made to the to the iPhone. It mainly improves the processor speed, system memory, camera, and adds compass functionality. Although it seems like a minor update it certainly has an effect. The device operates more like it should and feels very responsive, almost no waiting opening applications or performing tasks.

Jailbreaking

Jailbreaking the 3GS is different from the former models. The 3GS incorporates a new encrypted system security model.

I jailbroke the 3GS on a Mac in a two step process, first acquiring the iBEC and iBSS encryption files, then jailbreaking it using purplera1n.

Capture iBEC and iBSS (done on a Mac):

  • Download the v3.0 firmware for the 3GS in Firefox (Safari will extract the image if not set up properly)
  • Backup the 3GS, it has to be restored next
  • Open a Finder window, select the Go menu, and select 'Go to Folder', paste this path '/Users/<USERNAME>/Library/Caches/Cleanup At Startup' (replace with your username)
  • With the window open in the background, turn off the 3GS and connect it to the Mac
  • Hold the power button for 3 seconds, then hold both the power and home button for 10 seconds, and at last relase the power button, this will make it enter DFU Mode
  • iTunes will respond and say it found an iPhone in restore mode, which is what we need
  • Now, in iTunes alt+click the restore button and select the v3.0 ipsw file downloaded previously
  • Switch back to the window opened earlier and wait until the extraction is done in iTunes, once done copy the entire folder to your desktop
  • Let the restore process complete and in the meanwhile go to the 'Apple Software/DFU/' folder and you will see two files starting with iBEC and iBSS. Copy these files to a safe place. These will allow the iPhone to be jailbroken at anytime in the future as it includes the security keys to patch and talk to the 3GS.

The files aren't required for the next step, purplera1n will extract it by itself. It's for future reference.

Jailbreaking using purplera1n (done on a Mac):

  • Setup a Wifi connection if the iPhone was restored previously
  • Download the purplera1n application from purplera1n.com
  • Connect the 3GS and execute the application
  • Click 'Make it ra1n' and wait for the 3GS to reboot
  • The payload will be uploaded to the iPhone and once done a new application called 'Freeze' will show up on the 3GS
  • Open the 'Freeze' application and tap 'Install Cydia', wait for it to complete
  • Reboot the 3GS and open 'Freeze' once again and 'Install Cydia' once more
  • Now Cydia should be properly installed and the 3GS is now jailbroken!

If the iPhone has been updated to v3.0.1 software, purplera1n will fail. Try to use redsn0w v0.8 or later, same functionality and restore is not required. Remember to use the v3.0 ipws for v3.0.1 jailbreaking.

References

Raising the display

On my unit the display is a bit sunk into the body of the unit. When moving my finger across the edges I can feel the rough edge of the chrome bezel.

A way to fix this would, obviously, to raise the display from behind. As I discovered, both the 3G and 3GS are really easy to open compared to the 2G. Place a suction cup on top of the screen near the home button and lift with a fair amount of pull.

I cut 6 strips of 50.0x5.0 mm regular A4 paper and placed them on each side of the screen (long side). The reason for this is that the mid-point on the display will otherwise be pressing against the back of the touch-glass (pressure-rings can be seen then).

After this modification the electrical features inside the is still true and the edge of the bezel is smooth and not rough to the touch.

Install Installous

The Installous repository has a lot of cool utilities for the iPhone.

  1. Open Cydia, go to Manage and Sources
  2. Add http://cydia.hackulo.us to the list

Enable tethering

Take a look at the tips and tricks page: