- My 3GS legit activated via iTunes
- Safari & Mail work
- iCloud, Multitasking, iMessage, push etc. all work
- My iPhone is NOT registered on ANY dev account
- I'm gonna share the knowledge :)
This method is nothing new. No exploits. Just pure awesomeness. And we call it UDIDead (n.b. this will hopefully be wrapped into a sexy tool in the future but we need kernel patches and other cr*p so my team are not gonna release anything like that any time soon). Please note that this guide is for educational purposes only and is intended to teach you about some of the inner workings of iOS betas
Step 1
First things first - get the prerequisites:
- The iOS5b3 IPSW. Get this from your Apple dev friend. I never condone piracy of any kind. Sure if you wanna torrent it I can't stop you but Apple employees work VERY hard on this stuff. For beta 3 the build number is 9A5259f
- Any iPhone 3GS, iPhone 4, iPod touch 3G (32 or 64 gig version), iPod touch 4, iPad (NOT iPad 2 because there is no public exploit for this above user land level and NOTHING for iOS5)
- Redsn0w 0.9.8b3 (latest public version) from http://blog.iphone-dev.org/redsn0w-iOS5
- Windows or Mac
- iTunes 10.5beta3 from Apple. Same rules about the IPSW in Step 1 apply
- My custom bundle that removes the dev check - http://cl.ly/8MEe (if Safari unzips it to a .tar from a .tar.gz this is okay)
- A FULL backup of your iDevice in iTunes. Restoring and general tinkering is involved. Please note that I take no responsibility for the consequences incurred by following this guide
Okay so you've got that stuff now? Fantastic. Time for Phase 2
Step 2
- Restore your iPhone / iPod / iPad to iOS5 beta 3 in iTunes by holding shift (windows) or alt/option (mac) and kicking restore. Choose the beta 3 IPSW downloaded in Step 1. Please note this WILL update your baseband if you're on an iPhone / iPad so make sure you don't need an unlock (i.e. ultrasn0w before doing this)
- Once it is restored and you get the 'Unable to complete your activation' message, close iTunes
Step 3
So you're on iOS5 and you can't activate? FUN TIME!
- Fire up command prompt on Windows or Terminal on mac and type the following:
- cd /path/to/extracted/zip/file
- If you're on Mac type EXACTLY:
- open ./redsn0w.app --args -S
- If you're on Windows, however, type
- redsn0w.exe -S
- Now select the IPSW downloaded in Step 1 in redsn0w and press Next. Uncheck 'Install Cydia' and Check 'Install custom bundle'. Choose my bundle downloaded in Step 1
- Now press 'Next' and follow the instructions to put your iDevice into DFU mode. Let the jailbreak run
- If your iPhone comes up with lots of 'Please wait...'s on the screen THAT'S FINE. It did it for ~2 mins for me once. If it does it for more that 5 mins hold home+power for ten secs and do this step again
- the jailbreak will be quick once the running pwnapple comes up because stashing is DISABLED :D
- Once your iDevice reboots you have pwned the UDID check and installed AFC2 and the fstab patch (so enjoy iPhone explorer / iFunBox etc) :D:D:D
Step 4
- Fire up iTunes again. You will then get 'iPhone', 'iPod' or 'iPad' on the screen for a few seconds. Once it asks you if you want to set up as a new device or restore from backup you have activated it!
- Slide to set up on your iDevice and follow the steps until it asks what you want to do for data. Either set up as a new device, restore from iCloud (if you've backed up but the servers may have been purged since then) or tap restore from iTunes. Then go to iTunes and restore your backup, sync your stuff and enjoy iOS5!
- REMEMBER!! This is BETA SOFTWARE! It may be buggy - HENCE BETA!
~Christopher (@blackthund3r)
EDIT / NOTE 1: Yesterday iOS5b4 was released to developers. Those who used this guide (or redsn0w generally), since the RootFS has been patched even a slight bit, will NOT be able to update OTA. Update to iOS5b4 in iTunes instead with an IPSW of 5.0b4 (build 9A5274d) from Apple (this works even if you've jailbroken. If you get issues just enter recovery mode yourself). Make sure you:
1) Sync / backup in iTunes b3 / iOS5b3
2) Update iTunes to 10.5b4 (b60 internally)
3) Restore to iOS5b4 (WARNING: THIS WILL UPDATE YOUR BASBEBAND HERE BE DRAGONSSS!!!). Your iDevice will not activate if you have not got your UDID registered
4) Download the new redsn0w beta (0.9.8b4) from http://blog.iphone-dev.org/redsn0w-iOS5
5) Download my b4 bundle from http://cl.ly/8gxc
6) Open redsn0w as described above (with the -S argument)
7) Check ONLY install custom bundle, choose iOS5b4redsn0wbundle.tar.gz from step 6
8) Jailbreak with the bundle
9) Restore data from backup and sync in iTunes (which will be on b4 from step 2)
~blackthund3r (Christopher)
P.S. I've noticed that iOS5b4 is far better performance-wise and I highly recommend you update to it from iOS5b3 if you can
EDIT / NOTE 2:
iOS5b5 was seeded to developers a few days ago. With this release I have done the honours and packaged up another redsn0w bundle for the firmware. iOS5b5 is predominantly bug fixes. The bundle is available at http://cl.ly/9GMf - just follow the standard procedure and let me know in the comments how it goes :) Oh, and a new beta of redsn0w was released for iOS5b5 too which is available at http://blog.iphone-dev.org/redn0w-iOS5 along with a new beta of iTunes (10.5b5) to support the new version of iOS5
My iPhone is restoring now - I'll edit once done to let y'all know how it goes :)
EDIT: UDIDead worked a treat for the fifth time in a row and my iPhone 3GS is now restoring from backup on iOS5 beta 5 :) so full routine is:
EDIT 6: iOS5b7 has been seeded to developers today. Jailbreaking this version of iOS is possible with redsn0w 0.9.8b7 (by pointing at the beta 6 IPSW). The OTA update, although is offered to UDIDead'd phones, will not install (and will just come up with an error after downloading). You will need (downloaded):
1) iTunes 10.5 beta 7 (from Apple)
2) iOS5b6 IPSW
3) iOS5b7 IPSW
4) redsn0w 0.9.8b7 (http://blog.iphone-dev.org/redsn0w)
5) My beta 7 bundle: http://cl.ly/9nl8
6) AN iDEVICE COMPATIBLE WITH iOS 5 :D
EDIT / NOTE 1: Yesterday iOS5b4 was released to developers. Those who used this guide (or redsn0w generally), since the RootFS has been patched even a slight bit, will NOT be able to update OTA. Update to iOS5b4 in iTunes instead with an IPSW of 5.0b4 (build 9A5274d) from Apple (this works even if you've jailbroken. If you get issues just enter recovery mode yourself). Make sure you:
1) Sync / backup in iTunes b3 / iOS5b3
2) Update iTunes to 10.5b4 (b60 internally)
3) Restore to iOS5b4 (WARNING: THIS WILL UPDATE YOUR BASBEBAND HERE BE DRAGONSSS!!!). Your iDevice will not activate if you have not got your UDID registered
4) Download the new redsn0w beta (0.9.8b4) from http://blog.iphone-dev.org/redsn0w-iOS5
5) Download my b4 bundle from http://cl.ly/8gxc
6) Open redsn0w as described above (with the -S argument)
7) Check ONLY install custom bundle, choose iOS5b4redsn0wbundle.tar.gz from step 6
8) Jailbreak with the bundle
9) Restore data from backup and sync in iTunes (which will be on b4 from step 2)
~blackthund3r (Christopher)
P.S. I've noticed that iOS5b4 is far better performance-wise and I highly recommend you update to it from iOS5b3 if you can
EDIT / NOTE 2:
iOS5b5 was seeded to developers a few days ago. With this release I have done the honours and packaged up another redsn0w bundle for the firmware. iOS5b5 is predominantly bug fixes. The bundle is available at http://cl.ly/9GMf - just follow the standard procedure and let me know in the comments how it goes :) Oh, and a new beta of redsn0w was released for iOS5b5 too which is available at http://blog.iphone-dev.org/redn0w-iOS5 along with a new beta of iTunes (10.5b5) to support the new version of iOS5
My iPhone is restoring now - I'll edit once done to let y'all know how it goes :)
EDIT: UDIDead worked a treat for the fifth time in a row and my iPhone 3GS is now restoring from backup on iOS5 beta 5 :) so full routine is:
1) Sync / backup in iTunes b4 / iOS5b4
2) Update iTunes to 10.5b5
3) Restore to iOS5b5 (WARNING: THIS WILL UPDATE YOUR BASBEBAND SO IF YOU NEED AN UNLOCK DON'T BE FEARLESS ABOUT THIS iTUNES DOESN'T CARE IF YOU WERE THE HOLIDAY LIMBO WINNER / BUILT A BUSINESS FROM A LOAF OF BREAD / DRINK LEMONADE VIA YOUR NOSE IT JUST DOES IT K?!?!). Your iDevice will not activate if you have not got your UDID registered (which is why you are reading this)
4) Download the new redsn0w beta (0.9.8b5) from http://blog.iphone-dev.org/redsn0w-iOS5
5) Download my b5 bundle from http://cl.ly/9GMf
6) Open redsn0w as described above (with the -S argument)
7) Check ONLY install custom bundle, choose iOS5b5Redsn0wBundle.tar.gz from step 5
8) Jailbreak with the bundle WITHOUT installing Cydia (this means Safari / Mail will work but obv. if you want jailbreak features go ahead but the JB is tethered and UDIDead cannot fix this =/)
9) Restore data from backup and sync in iTunes (which will be on b5 from step 2)
10) Comment and tell me how b5 is and how you got on :)
~blackthund3r (Christopher)
EDIT / NOTE 3:
Apple seeded iOS5b6 to developers today. This update is available OTA to registered devs but for those of us on UDIDead, we must restore with iTunes again to this new IPSW :(
Apple seeded iOS5b6 to developers today. This update is available OTA to registered devs but for those of us on UDIDead, we must restore with iTunes again to this new IPSW :(
As of yet, the iPhone dev team have not released a build of redsn0w for beta 6 but if you point redsn0w at the beta 5 IPSW with the new beta 6 bundle you should have success. Let me know how it goes :) So procedure is:
1) Sync / backup in iTunes b5 / iOS5b5
2) Update iTunes to 10.5b6
3) Restore to iOS5b6 (WARNING: THIS WILL UPDATE YOUR BASBEBAND SO IF YOU NEED AN UNLOCK DON'T BE FEARLESS ABOUT THIS iTUNES DOESN'T CARE IF YOU WERE THE HOLIDAY LIMBO WINNER / BUILT A BUSINESS FROM A LOAF OF BREAD / DRINK LEMONADE VIA YOUR NOSE IT JUST DOES IT K?!?!). Your iDevice will not activate if you have not got your UDID registered (which is why you are reading this)
4) Download the redsn0w beta for iOS5b5 (0.9.8b5) from http://blog.iphone-dev.org/redsn0w-iOS5. If 0.9.8b6 is out by the time you read this use that instead
5) Download my b6 bundle from http://cl.ly/9RBa
6) Open redsn0w as described above (with the -S argument). If you are using the beta for iOS5b5 point redsn0w at the iOS5b5 IPSW. If a beta is out for b6 (probably 0.9.8b6) point it at the beta 6 IPSW.
7) Check ONLY install custom bundle, choose iOS5b6Redsn0wBundle.tar.gz from step 5
8) Jailbreak with the bundle WITHOUT installing Cydia (this means Safari / Mail will work but obv. if you want jailbreak features go ahead but the JB is tethered and UDIDead cannot fix this =/)
9) Restore data from backup and sync in iTunes (which will be on b6 from step 2)
10) Comment and tell me how b6 is and how you got on :)
~blackthund3r (Christopher)
EDIT / NOTE 4: Many websites have publicised this method of jailbreaking iOS5b6 though many people have caused their devices to enter a recovery mode loop requiring a fresh restore to exit. Even I will be waiting for an announcement from the iPhone Dev Team. This error is caused by, for the nerds, uploading an older (i.e. beta 5) iBSS / iBEC / kernel on a newer firmware (i.e. beta 6). I do not understand why this is but it caused the device (in my case an iPhone) to almost 'freak out' and a restore is needed. In this state communicating with the device is difficult via iRecovery and it's not possible to boot the device. This is new in iOS5. Although the patches in all the betas are the same (literally basic sig checks and in the kernel execution patches too) the device requires corresponding files to be uploaded (i.e. iOS5b5 MUST have only an iOS5b5 iBSS / iBEC / kernel or it will cause it to fail and need a restore). I discovered why the restores are needed the hard way. You're more than welcome to try the redsn0w 0.9.8b5 method but be prepared to re-restore. I take no responsibility for your equipment
EDIT / NOTE 5: redsn0w for iOS5b6 has been release by the dev team. New instructions:
1) Sync / backup in iTunes b5 / iOS5b5
2) Update iTunes to 10.5b6
3) Restore to iOS5b6 (WARNING: THIS WILL UPDATE YOUR BASBEBAND SO IF YOU NEED AN UNLOCK DON'T BE FEARLESS ABOUT THIS iTUNES DOESN'T CARE IF YOU WERE THE HOLIDAY LIMBO WINNER / BUILT A BUSINESS FROM A LOAF OF BREAD / DRINK LEMONADE VIA YOUR NOSE IT JUST DOES IT K?!?! EVEN IF YOU SAY 'DO YOU KNOW WHO I AM?!?!'). Your iDevice will not activate if you have not got your UDID registered (which is why you are reading this)
4) Download the redsn0w beta for iOS5b6 (0.9.8b6) from http://blog.iphone-dev.org/redsn0w-iOS5.
5) Download my b6 bundle from http://cl.ly/9RBa
6) Switch your iDevice off using 'Slide to Power Off' with the cable connected (v. important
7) Open redsn0w as described above (with the -S argument). Select the b6 IPSW
7) Check ONLY install custom bundle, choose iOS5b6Redsn0wBundle.tar.gz from step 5
8) Jailbreak with the bundle WITHOUT installing Cydia (this means Safari / Mail will work but obv. if you want jailbreak features go ahead but the JB is tethered and UDIDead cannot fix this =/)
9) Restore data from backup and sync in iTunes (which will be on b6 from step 2)
10) Comment and tell me how b6 is and how you got on :)
~blackthund3r (Christopher)
1) iTunes 10.5 beta 7 (from Apple)
2) iOS5b6 IPSW
3) iOS5b7 IPSW
4) redsn0w 0.9.8b7 (http://blog.iphone-dev.org/redsn0w)
5) My beta 7 bundle: http://cl.ly/9nl8
6) AN iDEVICE COMPATIBLE WITH iOS 5 :D
1) Sync / backup in iTunes b6 / iOS5b6
2) Update iTunes to 10.5b7
3) Restore to iOS5b7 (
4) Download the redsn0w beta for iOS5b5 (0.9.8b7) from http://blog.iphone-dev.org/redsn0w-iOS5.
5) Download my b7 bundle from http://cl.ly/9nl8
6) Switch your iDevice off using 'Slide to Power Off' with the cable connected (v. important)
7) Open redsn0w with the -S command line argument (open Command Prompt and type redsn0w.exe -S or type (in terminal) open redsn0w.app --args -S)
8) Check ONLY install custom bundle, choose iOS5b7Redsn0wBundle.tar.gz from step 5
9) Jailbreak with the bundle WITHOUT installing Cydia (this means Safari / Mail will work but obv. if you want jailbreak features go ahead but the JB is tethered and UDIDead cannot fix this =/)
10) Restore data from backup and sync in iTunes (which will be on b7 from step 2)
11) Comment and tell me how b7 is and how you got on :)
~blackthund3r (Christopher)
EDIT 7: The iPhone dev team released redsn0w 0.9.8b7b today. This 'half-release' brings an untethered jailbreak to iPhone 3GS owners with the old bootrom. It also allows jailbreaking b7 without pointing to the b6 IPSW. Should be easy enough for you guys to figure out what to do :)
~blackthund3r
EDIT 7: The iPhone dev team released redsn0w 0.9.8b7b today. This 'half-release' brings an untethered jailbreak to iPhone 3GS owners with the old bootrom. It also allows jailbreaking b7 without pointing to the b6 IPSW. Should be easy enough for you guys to figure out what to do :)
~blackthund3r
