Jailbreak iOS 4 Firmware with PwnageTool 4.0 - iPhoneHeat

Jailbreak iOS 4 Firmware with PwnageTool 4.0

Dev-team has released PwnageTool 4.0 to jailbreak iOS 4. You can jailbreak iPhone 3GS (Old BootRom), iPhone 3G and iPod Touch 2G (Non-MC) running iOS 4 with PwnageTool while preserving the baseband so you can unlock with UltraSn0w 0.93. In this guide you’ll learn how to jailbreak iOS 4 with PwnageTool 4.0.

jailbreak ios 4 pwnagetool 4.0

iPhone 3G and iPod Touch 2G (non-MC) users can also user RedSn0w 0.9.5 b5-3 to jailbreak iOS 4.


We strongly recommend you to read PwnageTool 4.0 release notes posted here first and then proceed.

PwnageTool 4.0 supports:

  • iPhone 3GS (Old BootROM only + Already jailbroken NOT with Spirit jailbreak) [How to: check iPhone 3GS BootRom]
  • iPhone 3G
  • iPod Touch 2G (Non-MC)
  • Mac OS X only

*** iPod Touch 3G and iPod Touch 2G (MC) are NOT supported with PwnageTool 4.0. iPhone 2G and iPod Touch 1G does NOT support iOS 4.0***

Disclaimer: This guide is for testing and educational purposes only. Use it at your own risk. We cannot be held responsible if anything goes wrong.

Let’s jailbreak iOS 4.0 on iPhone 3Gs, iPhone 3G and iPod Touch 2G with PwnageTool 4.0.

How to Jailbreak iOS 4.0 with PwnageTool 4.0

All the required stuff is linked at the bottom. Download and put everything in a folder named Pwnage on your desktop for quick access.

Step 1

Download and install iTunes 9.2. (Download Link below) Connect your iPhone, iPod Touch to iTunes and backup your stuff.

Step 2

Double click on PwnageTool 4.0.dmg to mount it. (Download link below)

pwnagetool 4.0 ios 4

Click and drag the PwnageTool icon to Pwnage Folder you created and then open it from there.

Warning Box will Popup. Just hit the OK button.

pwnagetool 4.0 ios 4

Make sure you select Expert Mode from Top menu

Step 3

Select your device (iPhone or iPod Touch). A big Green check mark will appear on the selected device.
Now hit the big Blue Arrow button at bottom right to proceed.

On the next page, PwnageTool will automatically find the IPSW file. If not found then click “Browse for IPSW” button and select the downloaded IPSW iOS 4 file from the Pwnage folder. A check mark will appear next to it.

Step 4

Then hit Blue Arrow Button to proceed.

Steps 5

Then Select General and Hit next again.

pwnagetool 4.0 ios 4

This is the most important step. Please read carefully about selecting activate the phone option.

  • Activate the iPhone: Click activate the phone (only if you’re on unofficial carrier). Deselect Activate the phone option if you are on official carrier.
  • Re0enable functionality: (for iPhone 3G and iPod Touch 2G users only) Check mark this option if you want to enable multitasking, wallpaper and battery percentage on iOS 4.0. These options are disabled in stock firmware.
  • Root Partition Size: You can decide your Root Partition Size where OS resides. For the iOS 4 firmware you may have to increase the size of your root partition slightly for the IPSW build to be successful. I like 1GB.

pwnagetool 4.0 ios 4

The next screen will show the Cydia settings menu. It allows you to create custom packages so you do not have to manually install them later.

<a href=

Go to Download packages tab and hit the Refresh button to display all the available packages. Double click your desired package, it will be downloaded and will be available under the Select Packages tab.

<a href=

***Please make sure that your desired package is compatible with iOS 4.0***

When you have downloaded your desired packages, go back to Select Packages tab and check mark the ones you want.

pwnagetool 4 iOS 4

then hit the Blue Arrow Button to proceed.

Custom Packages Settings. Leave these settings as is for now. Just click the Blue Arrow Button to proceed.

pwnagetool 4 iOS 4

On the next Custom Logos Settings menu, you’ll be able to add your own images as boot logos. Click the Browse button to select your Boot logo and Recovery logo. I just use defaults so deselected all options.

pwnagetool 4 iOS 4

Step 6

Now you are  ready to build your custom firmware. Click the build button to select it, then click the blue arrow button to proceed.

pwnagetool 4 iOS 4

You will be asked to Save your custom .ipsw file. Save it into the same Pwnage folder.

pwnagetool 4 iOS 4

PwnageTool will start building your custom firmware. Wait until it’s done.

pwnagetool 4 iOS 4

If prompted enter your Administrator password and click the OK button.

pwnagetool 4 iOS 4

When prompted if your iPhone has been Pwned before, Click No. It allows for a more thorough restore.

pwnagetool 4.0 iOS 4.0

pwnagetool 4.0 iOS 4.0

Step 7

NOTE: If you’re already jailbroken (Other than Spirit) simply put your iPhone into recovery mode. (How to: put iPhone into recovery mode)

Please make sure you are restoring to the custom IPSW, not the stock one from Apple!

If it’s the first time you’re jailbreaking your iPhone, Be ready to follow directions to get into DFU Mode. (Click the DFU button in PwnageTool)

pwnagetool 4.0 iOS 4.0

  • You will be asked to Turn your device OFF.
  • Hold the home button and the power button for 10 seconds.
  • Then, you will have to release the power button and hold the home button for 10-30 seconds to enter DFU.

pwnagetool 4.0 iOS 4pwnagetool 4.0 iOS 4pwnagetool 4.0 iOS 4

If you failed to follow the instruction, it will show you a message asking if you want to retry?. Click Yes.

pwnagetool 4.0 iOS 4

Unplug the iPhone from the USB. Turn it OFF, then turn it back ON. Reconnect it to USB and turn OFF the iPhone when prompted.

When followed correctly, PwnageTool will display a message telling you that it has successfully entered DFU mode. iTunes will also pop-up.

pwnagetool 4.0 iOS 4

pwnagetool 4.0 iOS 4

Step 8

In iTunes, hold the Alt/Option key and hit Restore. From the popup window, browse to the Pwnage Folder and select you custom .ipsw file that you just created and click Open Button.

pwnagetool 4.0 iOS 4

iTunes will now restore the firmware on your iPhone. This can take up to 10 minutes.

When done, you have successfully Jailbreak iOS 4.0 firmware with PwnageTool 4.0.


Fix error 1604, 16xx, 29 During Custom Firmware Restore

You may encounter error error 1604, 1600, 1601, 1602, 1603, or 29 during custom firmware restore. We have compiled possible solutions to this error here:

Unlock iOS 4.0

You can unlock iPhone 3GS and iPhone 3G with UltraSn0w at any baseband. Follow the guide linked below to unlock iPhone:

Have fun with iPhone iOS 4 and don’t forget to leave your comments.

Update 1

You can follow us on Twitter, Join us at Facebook, and also Subscribed to RSS Feed to receive latest updates on iPhone 4, iPod Touch and iPad jailbreak and UltraSn0w and other unlock stuff and iOS.

33 comments… add one
Rodrigo June 23, 2010, 5:09 am

And The new Boot Rom ??????? Unlock+JailBreak+Activation is not possible ?

Kaizoku June 23, 2010, 6:18 am

Can you upload already ipsw file? Thanks 🙂

James June 23, 2010, 6:33 am

Stupid question: how can you tell if I used spirit or blackra1n? I bought it already jailbroken and not sure what tool they used. I’m running old bootrom 3gs

Kylie June 23, 2010, 2:17 pm

it’s most likely to be Blackra1n if you’re running old bootrom cause i believe Spirit was only released since 3.1.3. correct me if i’m wrong =)

waseem4u June 24, 2010, 2:53 am

i made custom ipsw with pwange tool 4.01 on mac. Everything seems to be ok, phone was restored with this custom firmware using itunes 9.2. But the cydia is not working. as soon as i tap on cydia icon it tries to start but crashes. I’ve tried many time to build the custom firmware and restore but the problem is there. I couldn’t start cydia to install ultrasn0w to unlock my iphone 3Gs with old boot rom. I forgot to mentioon that the phone was previously jailbroken with custom restore ipsw having 3.1.3 and was unlocked with ultrasnow. My base band is 04.26.08
Please help.

iPhoneHeat June 24, 2010, 4:30 am

There’s something wrong with the Servers .. so try again later

ian passmore June 24, 2010, 8:44 am

Hi there i have done all this above to my uk 3g which was previosly jailbroken and unlocked so i could use tmobile usa. Turned it off went into dfu mode then restored etc, now on my iphone display shows me the symbol to connect to computer and wont let me do anything else???? Then on itunes it says the sim card does not seem to be supported???? Please help!!!! all i wanted to do was jailbreak 4.0 then unlock and now i cant do anything!

iPhoneHeat June 24, 2010, 10:41 am

Iphone 3G right?
make sure you check mark Activate iPhone option when building custom IPSW
or you can also use RedSn0w and then UltraSn0w 🙂

ian passmore June 24, 2010, 11:35 am

Hi thanks and yes i did activate iphone but im guessing its because the phone is from the uk and i originally had an 02 contract and sim then i jailbroke it like 8 months ago then unlocked it so i could use tmobile. But now that i have restored it and upgraded to ox4 and re jailbroke it i think it needs the original simcard to reboot??? because right now all i can see on the phone is the usb and itunes symbol. Please advise?

iPhoneHeat June 24, 2010, 11:54 am

Then jailbreak your iPhone 3G with redSn0w and then unlock with UltraSn0w

Kylie June 24, 2010, 9:04 pm

i’ve just done jailbreaking my 3gs, but it won’t open Cydia for to unlock. help please.

Jolbol June 27, 2010, 12:27 am

ive done everything you told me to do put it into recovery mode choose the custom file to restore from but then it pops up with an error?????

NoF34R July 11, 2010, 4:12 pm

Hey i was wondering if you can jail break ipod 2nd gen iOS4 if it is MC model cuz none of these do MC

risingtiger July 18, 2010, 10:34 pm

Awesome. I followed the tutorial and it worked perfectly. Sweet, sweet breaking from Jail–what a feeling!

mashera July 22, 2010, 6:37 pm

Hi, I’m not sure if I need to activate or not. I’m factory unlocked but still using the original provider’s sim.

iPhoneHeat July 23, 2010, 6:06 am

not activated

achangyeh July 28, 2010, 9:39 pm

Can this jailbreak method work on my iphone connected to a pc?

Leave a Comment