[Windows - Console] 24kpwn tutorial [Untethered]

Discussion in 'iPod touch 2G Jailbreak: redsn0w, 24kpwn, etc.' started by Joeyl10, Mar 11, 2009.

  1. Joeyl10

    Joeyl10 New Member

    Joined:
    Dec 5, 2008
    Messages:
    129
    Likes Received:
    0
    Device:
    2G iPod touch
    iPod touch 2G - Pure FW -> Jailbreak tutorial
    Manual Version

    Preparation:
    First of all, end any process in task manager that has anything to do with Apple, iTunes, or iPod. This will ensure that none of these programs interfere with the jailbreaking process.

    Requirements:
    iPod touch 2G Jailbreaking Pack - Download
    Note: This package contains all the important tools used in manual jailbreaking. I do not own / have made / have any kind of link to these programs, and are owned by their respectful owners.
    A 32-bit Windows system (Preferably running XP or Vista, but 2000 or 7 will work too)
    iPod touch 2G version 2.2.1 firmware files - These can not be legally distributed by me. Google search "ipod firmware download" if you wish to find them.
    And, if you're having problems with bspatch not creating a firmware file, try downloading this into your working directory.

    Creating the custom firmware
    Now, extract the contents of the Jailbreaking package into an empty work folder so we can have a clean workspace.

    Once complete, shift click on the "XPwn" folder and select Open Command Prompt Here. (If on Windows XP, goto Start > Run > and type in "cd <xpwndir>" where <xpwndir> is the place you extracted your XPwn folder. Example: "C:\Documents and Settings\MrUser\My Documents\WorkDir\XPwn")

    A black window will pop up if done correctly.

    Now, find your firmware files that you downloaded / copied or whatever, and paste them into the XPwn directory.

    Go back to the black window, and copy and paste (right click on black window, and hit paste to paste into command prompt) the following:
    Code:
    ipsw <ipodfirmware> customfirmware.ipsw -s 700 bundles\Cydia.tar bundles\Installer.tar
    Where <ipodfirmware> is your Firmware file, then press enter.

    The window should be outputting huge amounts of text, and eventually create a file called customfirmware.ipsw in the XPwn directory.
    Copy this file into your work directory (should be one above the XPwn directory) so we can work with this file.

    Once again, go back into the black window, and type in this:
    Code:
    cd .. & rename customfirmware.ipsw customfirmware.zip
    You custom firmware file will turn into a ZIP archive, allowing you to modify the files inside it.

    Open it up with your favorite compression software (I use 7zip, however any good archive manager should be able to open it without issues), and navigate to \Firmware\all_flash\all_flash.n72ap.production\

    Extract the file named LLB.n72ap.RELEASE.img3 into our work directory.

    Here comes a rather tricky part, we're going to patch this file with the bspatch program included in the jailbreaking package.

    Go back into the black window, and copy and paste the following:
    Code:
    bspatch LLB.n72ap.RELEASE.img3 newllb.img3 LLB.n72ap.RELEASE.patch & del LLB.n72ap.RELEASE.img3 & rename newllb.img3 LLB.n72ap.RELEASE.img3
    This will have made the old LLB into a new patched one.

    Go back into your ZIP manager, and overwrite the old LLB.n72ap.RELEASE.img3 with the new one in our work directory.

    Close your archive manager.

    Go back into the black window, and copy and paste this:
    Code:
    rename customfirmware.zip customfirmware.ipsw
    Your firmware ZIP file should now be back to a firmware file now.

    Congrats, you're done part 1!

    Preparing iPod for jailbreak

    Now that we've got our firmware ready, we have to get our iPod ready to accept their new change without setting Apple's alarms off. Thanks to the iPhone Dev Team, this is quite easily achieved.

    Open a command prompt into the iRecovery directory of the work folder.

    Plug your iPod into your computer and put your iPod into DFU mode. To do this: hold both Power button and Home buttons for 10 seconds, and let go of the power button, but continue holding the Home button for around another 10 seconds.

    Now, execute the file "LibUSB - Win32 Setup" and follow the instructions to get it installed. This is needed for proper functionality of iRecovery, the next program we're going to use.

    Once installed, go back into the black window again, and run this:
    Code:
    irecovery -f ibss.dfu
    You should see some stuff be outputted about sending packets.

    Now, once completed, unplug your iPod, then plug it back into the computer.

    Once again, go back into the black window and run this command:
    Code:
    irecovery -s
    Go back into the iRecovery directory, and open the file "exploit.txt" and using the edit menu, select all, then copy.

    Open the black window again, and paste the commands in.

    If completed successfully, your iPod is now ready to be jailbroken.

    Installing your jailbreak

    Your iPod is now ready to be jailbroken through iTunes. You can now close every window that we were working with, and open iTunes.

    FIRST: I MUST STRESS THIS. END ANY PROCESSES THAT INVOLVE ANYTHING APPLE-ISH. THIS INCLUDES IPOD, APPLE, ITUNES, ECT. OTHERWISE, YOU'LL GET AN ERROR AND HAVE TO RESTART FROM PART 2

    iTunes should find your iPod in "recovery mode". Goto the information page for your iPod, and hold shift and click on "Restore".

    An open file window should appear. Navigate to our Work Directory, and select our customfirmware.ipsw

    Your iPod should now be being jailbroken by iTunes. Get some popcorn, and go watch some TV while you wait.

    Now, if done CORRECTLY, and iTunes isn't being dumb (sometimes it just doesn't work the first time, just try again), your iPod is now jailbroken!

    oh god, done at last. that was long.
  2. Legendairy

    Legendairy New Member

    Joined:
    Feb 1, 2009
    Messages:
    379
    Likes Received:
    0
    Device:
    2G iPod touch
    Great work!

    This is exactly what I did when the untethered came out yesterday

    Please Register or Log in to view images


    I can support that this will work if you do it properly.
  3. vinnyg

    vinnyg New Member

    Joined:
    Jul 29, 2008
    Messages:
    2
    Likes Received:
    0
    Device:
    2G iPod touch
    im having a problem, im running it on windows and when i get to the part where i have to run the XPwn folder, it doesnt work. "cd C:\Ipod stuff\iPt2G Jailbreaking Pack\XPwn" that is what i type in, and that is the folder its in. maybe im missing something? any help is appreciated
  4. Skribblez

    Skribblez New Member

    Joined:
    Mar 8, 2009
    Messages:
    65
    Likes Received:
    0
    This tutorial doesn't need iTunes right?
  5. David.

    David. Active Member

    Joined:
    Feb 24, 2009
    Messages:
    2,565
    Likes Received:
    1
    Device:
    4G iPod touch
    Can you undo this jailbreak by restoring to original firmware?
  6. Chrisschulz

    Chrisschulz New Member

    Joined:
    Jan 20, 2009
    Messages:
    892
    Likes Received:
    0
    Device:
    2G iPod touch
    you can always undo a jailbreak and return to a non jailbroken pod
  7. claylj

    claylj New Member

    Joined:
    Sep 22, 2008
    Messages:
    26
    Likes Received:
    0
    Move the opening quote. cd "C:\Ipod stuff\iPt2G Jailbreaking Pack\XPwn"
  8. ben200345

    ben200345 New Member

    Joined:
    Feb 1, 2009
    Messages:
    12
    Likes Received:
    0
    Device:
    2G iPod touch
    Here's what you should do. type in cmd prompt cd press space, and then drag the XPwn directory into cmd prompt.
  9. vinnyg

    vinnyg New Member

    Joined:
    Jul 29, 2008
    Messages:
    2
    Likes Received:
    0
    Device:
    2G iPod touch
    thanks guys, i kept searching and i found an easier method. thanks for the advice though. my ipod is now jailbroken

    Please Register or Log in to view images

  10. claylj

    claylj New Member

    Joined:
    Sep 22, 2008
    Messages:
    26
    Likes Received:
    0
    I am having an interesting problem. When I do the command to patch the LLB.n72ap.RELEASE.img3 file, the newllb.img3 file never gets created so there is nothing to rename to LLB.n72ap.RELEASE.img3 after the patch.

    I tried the command without the del and rename parts and still no newllb.img3 file.

    "bspatch LLB.n72ap.RELEASE.img3 newllb.img3 LLB.n72ap.RELEASE.patch"

    Any ideas?

Share This Page