Dev-Team has released the PwnageTool 4.1 to jailbreak iOS 4.1 on Apple TV 2G, iPhone 4, iPhone 3GS, iPhone 3G, iPod touch 4G, iPod touch 3G and iPad (iOS 3.2.2). PwnageTool allows you to restore to a custom firmware (.ipsw) file without updating the baseband of your iPhone so that you can unlock it using ultrasn0w. But this is possible only if you haven’t updated your iPhone to Official iOS 4.1.

Follow the step-by-step guide to jailbreak and unlock your iPhone 4, iPhone 3GS and iPhone 3G with PwnageTool 4.1:

1. Download iOS 4.1 for your iPhone: (Download the file using Firefox or Chrome browser as Safari auto-extracts it)

2. Download PwnageTool 4.1 from here.

3. Mount the downloaded PwnageTool 4.1 by double clicking the file.

4. Run the PwnageTool app.

5. A warning will appear click the OK button if you want.

6. Now select Expert Mode from the top bar.

7. Select iPhone from the list of iDevices and click the blue arrow button to continue.

8. Now you have to browse to the firmware file download in the first step. Click the Browse for IPSW button.

9. A popup window will appear select the firmware file and click the Open button.

10. Now a menu with several choices will appear. Select General and click the blue arrow button.

11. Using General settings you can set the partition size and can select if you want to carrier unlock your iPhone. Check the Activate the phone if you want to use your iPhone with the any carrier of the world.

12. Now select Cydia settings to manage sources and packages. Select the Download packages tab, click the Refresh button to display all the available packages. Now double click the package you want to download. After downloading completes they will appear in the Select Packages tab.

13. Check the the package you want and click the blue arrow button to continue.

14. Now select the Build button and click the blue arrow.

15. PwnageTool will ask you to save your custom firmware (.ipsw) file. Save the file at the location you want. e.g Desktop etc.

16. Now PwnageTool will build your custom firmware (.ipsw) file. The process will take about 10 minutes.

17. If you are asked, enter your admin password and click OK.

18. When your custom ipsw will be build completely you will have to connect your iPhone to the Mac. PwnageTool will auto-detect your device and will guide you to put your iPhone into DFU mode. Follow the onscreen instructions to put iPhone into DFU mode.

  • Press and hold Pwer and home buttons for 10 seconds.
  • Release the power button while keep holding the home button for 10 seconds.

19. When your iPhone will enter DFU mode, PwnageTool will ask you to launch iTunes.

20. Now run the iTunes and select your iPhone.

21. While holding the Alt/Option (Keyboard key) click the Restore button.

22. Now select the custom firmware (.ipsw) file you created with PwnageTool and click the choose button.

23. Now iTunes will restore the pre-jailbroken iOS 4.1 to your iPhone within 10 minutes.

24. Enjoy the jailbroken device.

Update 1: Fix FaceTime and No Cellular Data after unlocking iOS 4.1 with ultrasn0w, guide posted here.

For live updates follow us on Twitter or like us at Facebook.

Thanks to Hadi from for this guide.



We're not around right now. But you can send us an email and we'll get back to you, asap.


Log in with your credentials

Forgot your details?