Thursday, May 8, 2008

How to Unlock Your iPhone With WinPwn [Updated] [Windows XP/Vista]

These are detailed instructions on how to unlock your iPhone using WinPwn. This tutorial will also show you how to create custom payloads/packages and customize your boot images.

2008-05-08: This tutorial has been updated to reflect the latest beta of WinPwn. There is no longer a need to install BootNeuter through Installer.app!

Step One
Download the WinPwn to your Desktop from
Rapidshare.

Step Two
Download the iTunes DLLs to your Desktop from
Prodigy60, MegaUpload.

Step Three
Download the .Net 2.0 Framework from
here.

Step Four
Double click the downloaded .Net 2.0 Framework(dotnetfx.exe) on your Desktop and install it. You may not have to do this if its already part of your system (ie Vista).
Step Five
Extract the WinPwn zip (winpwn_0.99.2.19.zip) you just downloaded to your Desktop. Now double click the extracted exe (winpwn_0.99.2.19.exe).

WinPwn will open an installation helper. Click the Next button to begin.
Choose whether you would like Desktop Shortcuts created then click the the Next button.
Enter a destination folder to install WinPwn to. ie c:\program files. Click the Next button to continue.
Once Installation is finish click the Finish button.
Step Six
Extract the itunesdll.zip you download earlier to the folder you installed WinPwn to. In my example this would be c:\program files\winpwn
Step Seven
Download the firmware you would like to pwn. You can find links to the released firmware files here

Step Eight
Launch WinPwn by double clicking its icon on the Desktop.
Step Nine
Click the Browse .ipsw button.
Step Ten
Select the firmware you would like to Pwn and click the Open button.
Step Eleven
WinPwn will then check if your firmware is valid. Attach your iPhone to the computer. Now click the iPwner button on the left side of the window.
Step Twelve
WinPwn will then attempt to put your iPhone into recovery mode. If it does not succeed then you will have to do this manually. Hold down the Sleep/Wake and Home buttons until the iPhone reboots and the Apple logo appears. Once you see the Apple logo release the Sleep/Wake button and keep holding down the Home button until your see the iTunes logo and the dock connecter displayed on screen.
Step Thirteen
You will then be notified that your iPhone is being Pwned. Please wait until your iPhone reboots.
Step Fourteen
WinPwn will then inform you that your iPhone has been Pwned! Now click the IPSW Builder icon on the left.
Step Fifteen
The IPSW Builder will open to the Applications tab. You can easily add your own sources by entering the source address and clicking the Add Source button.
Use the Categories list on the right to select the packages you would like to have installed on your iPhone. Double click a package name to have it added to the Install list. Notice the indicator will let you know how much space you have left for installed applications.
Step Sixteen
Click to select the Custom Images tab. Then click to select the Use Custom Pictures checkbox.

You can now click the Boot Logo and Restore Logo buttons to select your own custom images. Use the Search online button to find images done by others.
NOTE***: There are stringent requirements for these files. They must be 24bit PNGs, 100KB or less, have an alpha layer, RGB or Greyscale, and 320x480 or less in size.

HINT***: If you want to use a solid image as your background. Create a new transparent image in photoshop just slightly bigger then your original image. Copy your original image onto the new transparent image you just created. Make sure you can see some of the transparency layer on the sides. Then select Save for Web from the File Menu. Make sure you save it as PNG24 with transparency enabled!


Step Seventeen
Click to select the Advanced tab. From this window select the checkboxes next to the tasks you would like perform. If you would like to unlock your iPhone most likely you should check: Activate Phone, Enable Baseband update, Neuter Bootloader, and Unlock Baseband.
You will now need to provide IPSW Builder with access to the 3.9 and 4.6 bootloader files. Download bootloaders.rar from here onto your Desktop. Double click this to extract its contents.

Click the Bootloader 3.9 file ... button for the bootloader 3.9 image and select BL-39.bin file from your Desktop.
Click the Bootloader 4.6 file ... button for the bootloader 4.6 image and select BL-46.bin file from your Desktop.
Step Eighteen
Click the Build .ipsw button
Select a location to save the customized firmware to and click the Save button.
Step Nineteen
A dialog box will popup when your ipsw file has been successfully built. Click the OK button.
Step Twenty
Open iTunes by launching it from your Programs.
Step Twenty One
Select your iPhone from the list on the left. Hold down Shift and click the Restore button.
Step Twenty Two
Select the custom firmware file (iPhone1,1_1.1.4_4A102_Custom_Restore.ipsw) we just created and click the Open button.
Step Twenty Three
iTunes will then restore to our new custom firmware.
Step Twenty Four
Once iTunes restore is complete your iPhone will reboot and autolaunch BootNeuter. BootNeuter will then proceed to Flash Bootloader and Flash Baseband. Do not interrupt this process. Once BootNeuter is done it will reboot the iPhone on its own and your Pwnage process will be complete!

2 comments:

Nachi said...

the custom .ipsw file is not working.... error unknown file............ now wht i can do??????????????????

dillon said...

hi, i accidently updated my iPhone to 2.0 and im stuck on step 13 & the winpwn wont recognised that it is in recovery mode (the USB with the arrow above it pointing to the iTunes symbol). I did have it working in DFU mode a while ago but it wouldnt say it has been pwned. can u please help me???