untethered jailbreak tutorial

Discussion in 'iPod touch 2G Jailbreak: redsn0w, 24kpwn, etc.' started by michaelsipod, Mar 11, 2009.

  1. michaelsipod

    michaelsipod New Member

    Jan 26, 2009
    Likes Received:
    LLB patch file: http://www.[PIRACY.mf].com/?ntyym30nzmu

    first off i want to thank jfb392 for helping me do the tethered jailbreak with his great guide. most of this is from jfb392's guide. jfb please pm me if you want me to take this down.

    What you'll need:
    redsn0w lite
    iRecovery and libusb
    2.1.1 IPSW
    2.2.1 IPSW

    XPwn does not include Installer by default, but if you want to build a custom IPSW that includes Installer.app, save this package to your XPwn-0.5.7-win32\bundles\ folder.
    Do not extract the .tar, leave it as is!

    64-bit users: There is currently no way to jailbreak using a 64-bit version of Windows.
    However, progress has been made and I will edit in the steps you need to take to get libusb working when they become available.

    All users: If you experience weird errors while running iRecovery (side-by-side configuration errors, etc.), install this.

    Important but obvious note: Backup your iPod using iTunes (right click on it's name, then select backup); you'll be able to recover all of your data after jailbreaking by selecting to restore form this backup.

    1.) Extract redsn0w lite and XPwn to your Desktop.

    2.) Save (or move) the 2.2.1 IPSW into the XPwn folder.

    3.) Copy the rslite\FirmwareBundles\iPod2,1_2.2.1_5H11.bundle folder into your XPwn-0.5.7-win32\FirmwareBundles\ folder.
    Copy the whole folder, not just the included files.

    4.) Open up a Command Prompt (type cmd in the Search bar if on Vista).

    5.) Type the following:


    cd C:\Users\yourusername\Desktop\XPwn-0.5.7-win32\
    ipsw "iPod2,1_2.2.1_5H11a_Restore.ipsw" "iPod2,1_2.2.1_5H11a_Custom_Restore.ipsw" -s 700 bundles\Cydia.tar

    If you wish to include Installer.app, your syntax will be different.
    Please be sure you have the Installer tarball in your bundles folder; if you do not have this, it is explained above.
    However, your syntax would be:


    cd C:\Users\yourusername\Desktop\XPwn-0.5.7-win32\
    ipsw "iPod2,1_2.2.1_5H11a_Restore.ipsw" "iPod2,1_2.2.1_5H11a_Custom_Restore.ipsw" -s 700 bundles\Cydia.tar bundles\Installer.tar

    If you're running XP, your location will be a bit different (should be C:\Documents and Settings\yourusername\Desktop\).

    Also, if you're running XP (with PowerToys), Vista, or 7, you can easily navigate to folders in a Command Prompt without using cd.
    Simply hold shift, then right click on a folder (here, for example, you'd shift and right click on XPwn-0.5.7-win32), then select Open Command Window here.
    This can be done with any other part of this tutorial that involves cd. Thanks, MatthewH12!

    6.) Wait for XPwn to finish, it should only take a few minutes.

    7.) Extract all files in the iRecovery RAR to your Desktop and open the iRecovery folder, there should be an installer for libusb located here.
    If you haven't already installed libusb, please do so now.
    If you're running Vista or 7, please right click the .exe and select Properties, then click the Compatibility tab, then select Windows XP (Service Pack 2) from the drop-down menu.
    After install, a restart may be required.

    8.) Open another Command Prompt (or use the one you used before, if it is still up) and type the following:


    cd C:\Users\yourusername\Desktop\iRecovery\iRecovery_SVN

    Again, your location will be different if you're on XP, see above.

    9.) Extract your 2.1.1 iBSS and 2.2.1 iBSS and iBoot.
    To do so, right click your 2.1.1 IPSW and select Open with > WinRAR archiver.
    Navigate to the Firmware\dfu directory, then drag iBSS.n72ap.RELEASE.dfu into your iRecovery_SVN folder.
    Rename it iBSS211.dfu.
    Now, open up your custom 2.2.1 IPSW using WinRAR.
    First, navigate to the Firmware\dfu folder and drag iBSS.n72ap.RELEASE.dfu into your iRecovery_SVN folder.
    Rename is iBSS221.dfu.
    Now, navigate to the Firmware\all_flash\all_flash.n72ap.production folder.
    Extract iBoot.n72ap.RELEASE.img3 to your iRecovery_SVN folder.
    Rename it iBoot221.img3.

    10.) Put your iPod into DFU mode.
    If you're unfamiliar with DFU mode, you can put your iPod into it by holding the power button, then sliding to power off.
    Hold both the home and power buttons for 10 seconds (count in your head, it should be fine if you're off by a few seconds).
    After 10 seconds, release the power button and continue holding the home button for 15-25 seconds.
    Your screen shouldn't turn on, but your device should be recognized by iTunes as being in recovery mode.
    If at any point Windows claims that the device is unrecognized, be very exact with your timing and you should be able to enter DFU mode.

    Bring up your Command Prompt again and execute the following:


    iRecovery -f iBSS211.dfu

    Your iPod's screen should turn white.
    If it doesn't, unplug your iPod and wait 10 seconds, then plug it back in.

    11.) In the same Command Prompt, enter the following:

    iRecovery -s
    mw 0x9000000 0xe59f3014
    mw 0x9000004 0xe3a02a02
    mw 0x9000008 0xe1c320b0
    mw 0x900000c 0xe3e02000
    mw 0x9000010 0xe2833c9d
    mw 0x9000014 0xe58326c0
    mw 0x9000018 0xeafffffe
    mw 0x900001c 0x2200f300

    Just to clarify, you will hit enter after each of these commands.

    12: open your tethered ispw file with winrar.
    13: Put the llb file provided into the

    \Firmware\all_flash\all_flash.n72ap.production folder in the ispw

    14: restore your ipod touch 2g with the ispw(the tethered one you put the llb file in)

    hope this helped =D post any questions on this thread

    once again most of this has just been copy and pasted from jfb392's tutorial
    much credit to him

    Please Register or Log in to view images

Share This Page