[TUTORIAL] (1G Only!) 3.0b3 jailbreak w/ unofficial_QuickPWN

Discussion in 'iPod touch Firmware 3.0 Jailbreak' started by jfb392, Apr 14, 2009.

  1. jfb392

    jfb392 New Member

    Joined:
    Oct 20, 2007
    Messages:
    2,512
    Likes Received:
    21
    Device:
    iPod touch
    This guide assumes you aren't a total newbie to jailbreaking your iPod.
    It also assumes you have a copy of the iPod1,1 3.0 beta 3 firmware, a copy of the unofficial QuickPwn for beta 2, and WinRAR.

    Anything that hasn't been linked I will not be providing because of their legality.
    I am only using the unofficial QuickPwn to make things easier on myself (I haven't tested older ones, nor do I want to this late at night).

    Also, no support is provided, so use at your own risk!

    And finally, quickpwn.com and any other losers, you are not allowed to credit me if you steal this. I don't want my name affiliated with your site. It sucks. Thanks.

    Of course, this wouldn't be possible without the work of the Dev Team.
    If you guys read this, sorry I'm recommending that people use an unofficial copy of your software.
    If I go back and test an older copy, I'll probably take that requirement out.

    1.) Right click your unofficial QuickPwn and choose "Extract to QuickPwn/".
    I recommend moving this folder to the Desktop.

    2.) Download this bundle and extract it to "QuickPwn\Data\PwnmetheusBundles\".

    3.) If you aren't already on 3.0b3, restore to it in iTunes.

    4.) After the restore is complete, open up QuickPwn.exe in the QuickPwn folder you extracted, not the original executable.

    5.) Go through the steps as usual, I recommend not checking activation (it will replace your lockdownd binary with one that expires soon) and don't check custom logos (they use dumb ones, feel free to throw your own in).

    6.) When you reach the DFU helper section of QuickPwn, follow it. When your device's screen turns purple, unplug your device quickly.
    Do not close QuickPwn!

    7.) Open up a Windows Explorer window.
    Type %TEMP% in the address bar and hit enter.
    Copy the "restore" folder located here to your desktop.
    You can now close this folder and QuickPwn.
    Plug your device back in!

    8.) Download and extract the files contained within this .zip to the folder "restore" located on your Desktop.

    9.) Right click on your 3.0 beta 3 IPSW and select "Open With > WinRAR".
    Highlight the "kernelcache.release.s5l8900x" file inside WinRAR and extract it to the "restore" folder on your Desktop.
    If asked whether or not to replace it, select "Yes".
    Do not extract all files from the IPSW, just the kernelcache is needed.

    10.) Open the "restore" folder, then run "patch.bat".
    If any security dialogs pop up (they may just for me since I have bzip libraries in my system directory), OK them.
    After the command window closes, run "cleanup.bat" to get rid of the excess files.

    11.) While still in the "restore" folder, highlight all files.
    Your highlighted files should include the "Firmware" folder, "018-4911-4.dmg" "kernelcache.release.s5l8900x", "Restore.plist" and nothing else.
    With all of these highlighted, right click on one of them and select "Add to archive..."
    In the resulting WinRAR dialog, check ".zip" on the left side.
    Compression should be set to "Normal" (this should be like this already).
    In the "Archive Name" space, type "30b3.ipsw" or something similar to that, as long as it ends in .ipsw.

    12.) Open iTunes, then shift-restore and select the "30b3.ipsw" file you created from your "restore" folder on the Desktop.
    Wait a bit and QuickPwn should show up on your iPod's screen.
    When this happens, open Task Manager and kill iTunes.
    After your device resets, you will be jailbroken.
  2. hotfuzz

    hotfuzz Member

    Joined:
    Feb 9, 2009
    Messages:
    369
    Likes Received:
    0
    Device:
    2G iPod touch
    First post xD

    Good job, unfortunately i don't have a 1G...

    Hotfuzz
  3. andybno2

    andybno2 New Member

    Joined:
    Mar 25, 2009
    Messages:
    469
    Likes Received:
    0
    Device:
    iPhone 3G (Black)
    good guide I will have to try this when I get home tonight.
  4. jfb392

    jfb392 New Member

    Joined:
    Oct 20, 2007
    Messages:
    2,512
    Likes Received:
    21
    Device:
    iPod touch
    Good, I see you have a 2G and didn't ask why I wasn't releasing a 2G method, thank you.
    I was dreading that, so it's a relief.

    The reason why is a.) I don't have a 2G to test on b.) it's even more complicated than this and shouldn't be automated c.) it's tethered.

    So yeah, just to get that out of the way..

    Hopefully it works for you.
    I tried it after I posted it, just to double check and it did.

    The key is that your device has the purple screen, that means it's ready for exploited code.
  5. bwilking

    bwilking New Member

    Joined:
    Feb 28, 2008
    Messages:
    94
    Likes Received:
    0
    Device:
    iPod touch
    I cant get this to work... on the last step QuickPwn never shows up on my screen.

    itunes is "Preparing ipod for restore" for about 5 minutes and then errors out. The ipod is on a lit black screen the entire time. Any idea what might be going on?
  6. ZunePod

    ZunePod Banned

    Joined:
    Aug 28, 2008
    Messages:
    1,340
    Likes Received:
    0
    Device:
    iPhone 3G (Black)
    @jfb392: Check your PMs.

    and is there a Mac Guide?
  7. jfb392

    jfb392 New Member

    Joined:
    Oct 20, 2007
    Messages:
    2,512
    Likes Received:
    21
    Device:
    iPod touch
    Well, you must have compressed the firmware wrong.
    Your iPod should show "Downloading jailbreak data" like QuickPwn normally does, and iTunes doesn't matter after it has sent the Device Tree, kernel, and ramdisk.
    That's why I said to kill it with Task Manager or it will just sit there for awhile.

    Are you sure your screen was pink/purple before restoring to it, and are you sure you used ZIP format with normal compression?

    And, another thing that can go wrong is your kernel.
    If you don't use a stock copy, it could lead to problems.

    You can do this on a Mac, all it uses are XPwn utilities and bspatch.
    Look in "patch.bat" for exactly what I do.
  8. Nburnes

    Nburnes Well-Known Member

    Joined:
    Jan 3, 2009
    Messages:
    9,022
    Likes Received:
    767
    Device:
    OnePlus One
    This is a very informative walkthrough, if only i had a 1g hahaha
  9. jfb392

    jfb392 New Member

    Joined:
    Oct 20, 2007
    Messages:
    2,512
    Likes Received:
    21
    Device:
    iPod touch
    Also, for anyone wanting to check the validity of their final IPSW, my MD5 is as follows:
    03f67751a87d765a7634302f21154bdd 30b3.ipsw

    I'm not sure how timestamps play into the hash (it's really annoying that they do, because whenever I post SHA1 hashes, timestamps seem to also play into them).

    If you do get a matching one though, let me know and I'll include it in the first post.

    Edit: Timestamps do play a role in it, so disregard this.
    Stupid things.

    Edit again: Since I can't be here all the time, hopefully someone gets it to work without my help.
    If it shows the "Downloading jailbreak data" on your iPod, everything should go fine (unless you didn't replace the patched kernel with a stock one, before patching it once again, it leads to problems I think).
    When you restore, your screen should be pink!

    Good luck everyone.
  10. QuickPWN

    QuickPWN New Member

    Joined:
    Jan 25, 2009
    Messages:
    20
    Likes Received:
    0
    It worked! jfb392, at first I removed my iPod Touch from the computer when the pink screen came on the iPod Touch. I followed the instructions in your guide and made the custom 30b3.ipsw file. I tried restoring through iTunes but it didn't work! So I just opened QuickPWN and let it stay on the pink screen and it went straight to Downloading Jailbreak data. It showed the Pineapple logo and everything got uploaded. When the iPod Touch rebooted it was jailbroken!

    So I think the jailbreak works by just replacing the bundle with the new one, but I'm not sure. Can anyone confirm this?

    Please Register or Log in to view images



    Thanks jfb392.

    Please Register or Log in to view images

    Attached Files:

Share This Page