How to jailbreak and unlock iPhone 3GS IOS 4.2.1, old baseband

{% raw %}
After wasting my evening working out a jailbreak/unlock for an old version of IOS, I discovered a side note in a devteam blog update that gave me clues on how to jailbreak and unlock my phones for the latest version of IOS.  So I spent another evening working on that.

I haven't seen complete instructions anywhere yet, so here they are.  How to update your iPhone 3GS to 4.2.1, jailbreak, and unlock it for multiple carriers.  (for Mac)


  1. Download the IOS 4.2.1 firmware, either over P2P or using iTunes.  To download using iTunes, accept it's prompt to get the latest firmware, but "download only."  This firmware file will be called iPhone2,1_4.2.1_8C148a_Restore.ipsw , and you can find it using your computer's find utility.  On a Mac, it will be in ~/Library/iTunes/iPhone Software Updates  (~ is shorthand for your home folder. Click the blue happy face in the bar on the bottom of your screen if you are confused).
  2. Download and install the latest version of Pwnagetool (4.1 as of this writing) from the devteam blog . 
  3. Pwnagetool does not yet have a framework for working with the 4.2.1 firmware.  To add that framework, first download it from iphwn.org.   Extract this file to get a .bundle , which is what pwnagetool needs to work with this IOS version. 
  4. Right click on your pwnagetool "app" in OSX and choose "Show Package Contents."  Look in Contents > Resources > FirmwareBundles .  See all those .bundle files, named for each version of IOS?  That's where you should put the 4.2.1 .bundle you just downloaded.

  5. Now start up Pwnagetool, select "expert" mode, and browse for your vanilla 4.2.1 firmware that you downloaded from iTunes.  Before compiling your custom firmware, hit the button for "General" options, and uncheck the box for "activate."  Sorry, activation has to be done in a separate step.  Now go ahead and build that custom firmware!
  6. Follow Pwnagetool's instructions to get your iphone into DFU mode, and then use iTunes to restore to your custom firmware.  If you haven't done this before, you have to Option+click the "restore" button, then browse to the new custom firmware, which should be named something like iPhone2,1_4.2.1_8C148a_Custom_Restore.ipsw .

    Some of you may ask, but if we aren't activating via Pwnagetool, then what's the difference?  The custom firmware only includes the 4.2.1 SYSTEM.  It doesn't include the new, hack-proof baseband.  The baseband is the part of your phone that actually communicates with the cellular network.  Think of it like your modem firmware, it's pretty close. 
  7. Now you have to activate your phone!  Download and install the latest version of Redsn0w.  I found the devteam link was broken, so I got it from here.
  8. Run Redsn0w.  When it asks you for your firmware ipsw, browse to the VANILLA version of 4.2.1 that you got through iTunes.  Make sure you check the box for "Install Cydia" when prompted, and follow the instructions closely!  This will activate your phone.  Now all we have to do is unlock!
  9. On your iphone, connect to a wireless network and start the Cydia application.  Go to the "Manage" tab along the bottom, and tap the big "Sources" button.  Add a new source, at URL http://repo666.ultrasn0w.com .  Now go to the search tab, and search for ultrasn0w.  Install it, and restart your iphone.
Voila!  One bona fide, jailbroken, unlocked, activated iphone 3GS on 4.2.1!  Now, don't come crying to me when your battery starts running down.
{% endraw %}
comments powered by Disqus