Jailbreak iOS 4 iPhone 3GS (New BootRom) with Sn0wBreeze 1.7 - iPhoneHeat

Jailbreak iOS 4 iPhone 3GS (New BootRom) with Sn0wBreeze 1.7

Sn0wbreeze 1.7 to jailbreak iPhone 3GS new bootrom on iOS 4.0 is now available for download. With this release, you can jailbreak iPhone 3GS with new bootrom if it’s on OS 3.1.2 or you’ve SHSH blobs saved for OS 3.1.2. In order to create a custom iOS 4 and go for 4.0 firmware successfully you Must be on OS 3.1.2 + jailbroken.

Jailbreak iPhone 3GS new bootrom

UPDATE: *** Comex has released the All iDevices jailbreak. Check the Update at the bottom. ***

Sn0wBreeze 1.7 Supports:

  • iPhone 3GS (New & Old BootRom)
  • iPhone 3G
  • iPod Touch 3G
  • iPhone Touch 2G (MC & non-MC)


  • iPhone 3GS with New BootRom users MUST be on firmware 3.1.2 or have SHSH blobs saved for it (needed for downgrade). Otherwise you’re still out of Luck. The exploit used in this hack has been patched in OS 3.1.3 so firmware 3.1.2 is a MUST. [How to Check iPhone 3GS BootRom]
  • If you’re not on 3.1.2 firmware or don’t have saved SHSH blobs for it, you’ll have to wait for the Spirit jailbreak update which is almost ready. I think they are waiting for the next firmware update (iOS 4.1 or iOS 4.01).
  • For iPhone 3GS New BootRom users it’s a Tethered jailbreak. For those who don’t know, a tethered jailbreak device once turned off/Reboot/run out of battery, you need to connect it to computer and execute a tool to boot up the device.

This guide is NOT for regular Windows users. So, proceed with precaution and follow the guide at your own risk. Here are the step by step instructions to jailbreak iPhone 3GS New BootRom to iOS 4 from the official source:


Jailbreak iOS 4 on iPhone 3GS New BootRom

This tutorial assumes that you are already on 3.1.2!

What You Will Need

STEP A : Pwning iBoot

  1. Download this easy tool here — Payload Pwner-r6 // It will help you create the payload.
  2. Extract it to a directory and run Pwner.exe

**Save the Payload where iBooty is.**

STEP B : Making a Custom IPSW

  1. Download sn0wbreeze V1.7 from here — sn0wbreeze V1.7
  3. In General, Checkmark “Disable NOR Flash” <– THIS IS ESSENTIAL!!!!
  4. Build it. It will be on your Desktop.


*Mac Users : PwnageTool does not have this option. I don’t think it will ever be in there. Use a Windows Virtual Machine or friends PC to create your firmware.*

STEP C: iBooty Prep.

Most of you know of the utility “iBooty” that I made for Aki_nG. It will work as long as you place all of the correct files there.

  1. Download iBooty GUI here — iBooty V1.5 and Extract it.
  2. Extract your Custom IPSW created by sn0wbreeze with 7-Zip or another un-archiver.
  3. Grab the kernelcache and bring it into the same folder as ibooty.
  4. Also grab iBEC from the folder “Firmware\dfu”.
  5. Aswell as DeviceTree from the folder “Firmware\all_flash\all_flash.n88ap.production\DeviceTree.n88ap”
  6. Rename your Kernel 4.0-Custom to “kernel.40”
  7. Rename your iBEC 4.0-Custom to “ibec.40”
  8. Rename your DeviceTree 4.0-Custom to “devtree.40”

Your folder should look like this:

– iboot.payload <– Created with Payload Pwner.
– devtree.40 <– Grabbed from Custom IPSW made by sn0wbreeze.
– ibec.40 <– Created with Payload Pwner.
– bspatch.exe <– Comes with iBooty.
– iBooty.exe <– Comes with iBooty.
– kernel.40 <– Grab from Custom IPSW made by sn0wbreeze.
– sn0w.img3 <– Comes with iBooty.
– wait.img3 <– Comes with iBooty.

STEP D: Restoring to 4.0 + Booting

*Make sure your are on 3.1.2 when doing this*

  1. Run iBooty and Select “Prepare Device for Custom Firmware“. Run the Process and if you see the image, you can proceed!
  2. Now open iTunes and restore to the custom ipsw.

***When done, your device will go into recovery mode. It won’t boot.***

STEP E : Booting

Just Re-Run iBooty and select “Boot It”. If all goes well it will boot!

Enjoy! Hopefully iH8Sn0w can get a tool out there that will make all of this much easier.

If you have an iPhone 3GS old BootRom, you can jailbreak using Sn0wBreeze 1.6, PwnageTool 4 and then unlock iOS 4 on baseband 05.12.01, Baseband 05.13.04 and 05.11.07 using UltraSn0w 0.93.

If you want to jailbreak iPod Touch 3G iOS 4 follow the guide linked below:

How to: Jailbreak iPod Touch 3G iOS 4 with Sn0wBreeze 1.7

Update 1: iPhone 4 Jailbreak by GeoHot

Update 2: iPhone 4 Unlocked

Update 3:

Update 4

Also check out:

Download Sn0wBreeze (All versions New & Old)

85 comments… add one
WaitingFor3GS4.0JB July 6, 2010, 6:50 pm

This is no help to those 3GS with new bootrom and ios 4.0 and are not already jailbroken or have no SHSH boobs or blobs wtfreak it is?!?!

GET A STRAIGHT JB for us GUYS! We all know you can do it!!

GeoHot was hot till he could do it, DevTeam were Devs till they could do it, anybody is somebody ill they can do it. SO JUST DO IT!!!!!!!!!!!!!!!!!!!!!!

TarekElmalah July 7, 2010, 2:02 am

are you sure you dont work for Nike ?
i mean damn you should get paid for your ads 😉

Yakirmanz July 6, 2010, 8:42 pm

will it work if im already updated the 3gs to 4 and downgrade back to 3.1.3 and its jailbroken with spirit ?
im on OLD BOOT with SIMFREE device.

ps – what can we do if we cant go back to 3.1.2 ??
ps2 – did it work for anyone with the new boot ?

waha999 July 7, 2010, 2:22 am

hey i am on ios 4 in iphone 3gs ..not jailbroken………now how can i jailbreak my iphone 3gs

iPhoneHeat July 7, 2010, 3:57 pm

downgrade to 3.1.2 if you have shsh blobs saved

bountyhunter July 9, 2010, 12:02 pm

What if you dont have it saved?

Catalony July 11, 2010, 5:53 pm

Wait for a miracle

Dhruv July 13, 2010, 7:04 pm

its very tuff..giv some easy way plz ..im also on 4.o..

Magivs July 7, 2010, 11:51 am

I wonder can this jailbreak enable multitaking or custom wallpaper on iPod touch 2g MC model like redsn0w .

Chitturi Sagar July 7, 2010, 7:20 pm

my 3gs is in DFU mode..!!! when i connect it to my system..its showing ur phone is in recovery mode…!! but my phone screen is blank…!!n when i restore wid ios4…Showing verifying wid apple n i ll get white screen n it ll show unknow error 28 🙁 n i tried to downgrade to 3.1.3 and 3.1.2 it shows unknow error 3194 🙁

invalid July 8, 2010, 6:23 pm

Can i jailbreak my iphone on ios4

iphone 3gs 3.1.3
new bootrom
05.12.01 baseband
jailbroken using spirit

iPhoneHeat July 9, 2010, 8:34 am

only if you have shsh blobs saved for 3.1.2

Taleb July 10, 2010, 2:49 pm

hi everyone
I have 3gs new bootrom upgraded to ios 4 with no shsh
how long do you think we need to wait before someone comes
up with a solution for jailbreaking our tools?

iPhoneHeat July 10, 2010, 6:02 pm

hopefully, soon after the iOS 4.01 or 4.1

AfRoo July 10, 2010, 4:11 pm

hi, I want to know when will new apple firware out??

Brian July 10, 2010, 5:59 pm

when is the spirit JB for 3GS new BT on iso4.0 update?

iPhoneHeat July 10, 2010, 6:04 pm

as soon as the iOS 4.01 or 4.1 goes live

AfRoo July 10, 2010, 7:15 pm

Umm can we know about new fw date or not yet

Brian July 10, 2010, 8:23 pm

will it happen in July?

George July 10, 2010, 8:11 pm

can you unlock it with this jailbreak aswell?

i_hate_2_wait_without_soln July 12, 2010, 12:35 pm

plz, can anyone answer me..
i have iphone: 3gs “newbootrom”, firmware:4.0
is there any jailbreak,
i dont have any SHSH blobs

iPhoneHeat July 13, 2010, 12:46 am

nope.. not possible ATM

sha8210 July 13, 2010, 9:39 am

My iphone 3gs with firmware 3.1.3 with baseband 5.13.02..Now i jailbraked it with Espirit and now using as an ipod .what should i do to unlock it any suggestions please

sha8210 July 13, 2010, 9:43 am

also mine is 3gs with new bootroom

iPhoneHeat July 13, 2010, 6:50 pm

Use UltraSn0w 0.93 from Cydia

sha8210 July 23, 2010, 8:39 am

I jailborked my iphone 3gs newbootroom with Espirit…Still i can unlock using Ultrasnow 0.93??

iPhoneHeat July 23, 2010, 3:52 pm

Correct! Ultrasn0w 0.93 can unlock all basebands up to 05.13.04. In near future, it’ll also unlock iPhone 4

nishant25788 August 2, 2010, 12:55 pm

hi i wanna jb my new iphone 3gs with new bootrom 4.0 os. can u please help me.

orys July 13, 2010, 4:04 pm


i have Iphone 3GS (new bootrom) and i’m on 3.1.2 jailbroken with blackra1n. My SHSH blobs at Cydia are 3.1.3. Can i do the above jailbreak since the phone firmware is 3.1.2 ?


iPhoneHeat July 14, 2010, 1:24 am


Trixa July 14, 2010, 11:23 am

I have a iphone 3gs with ios 4 and baseband is 05.13.04 i think it have new bootrom. It never been jailbreak before
can this jailbreak it?

Juanex July 14, 2010, 11:04 pm

IPHONE HEAT… I have a iphone 3Gs with iOs 4.0 and new bootrom. It was previously done jailbreak in 3.1.2….


iPhoneHeat July 16, 2010, 12:53 am

install UltraSn0w 0.93 after jailbreak

mr_sanpablo July 15, 2010, 3:35 am

can i jailbreak and unlock my iphone 3gs 4.0 old bootrom even without the saved blobs? can you give me a link to it. thanks a lot

iPhoneHeat July 16, 2010, 1:03 am

hopefully soon

Taleb July 27, 2010, 1:08 pm

hi there yes you can, first downgrade then jailbreak
if you are interested in reading the details
read my post in the jailbreaking section

kellen July 17, 2010, 10:13 am

Ive noticed that the kernel n82 is with the 4.0 software and the n88 is with the 3.1 Was this a typo?

Mrta July 17, 2010, 1:57 pm

where is ibec?
i cant find it!

Mrta July 17, 2010, 2:03 pm

where is “firmware” folder?

Mrta July 17, 2010, 6:37 pm

what is “kernel” and where is it?

ez July 22, 2010, 9:07 am

Hi iphoneHeat, got some question for you to answer.
My iphone is 3gs 32gig last version is 3.0 updated to 4.0.1
now it’s on simcard lock.

I now know that i’m on a new bootrom. How do i know cydia have my 3.0 shsh file save? Can i do a downgrade to older version if now i’m on ios4.0.1? The firmware now is 5.13.04. Before the update i did backup it on itunes. so is there any hope for me?

Or should i wait till there’s another method for the new bootrom jailbreak/unlock?

iPhoneHeat July 22, 2010, 5:30 pm

a new jailbreak will be out soon.
you can download your saved blobs (if any) from Cydia using tinyumbrella using advanced options


caltang01 July 24, 2010, 3:29 am

I have iphone: 3gs “old bootrom”, my friend updated offical firmware:4.0 from itunes for my iphone by mistake, now my iphone 3gs version: 4.0(8A293)
is there any jailbreak,
i dont have any SHSH blobs
Can anyone tell me how to jailbreak my phone?

iPhoneHeat July 24, 2010, 3:59 am

a new jailbreak is on its way.. wait for a few days

jacksipencuri July 24, 2010, 10:21 am

when it’s out?
my iphone 3gs ios4.0 new bootroom and never jailbreak before,and i just save SHSH ios4.there’s chance i can jailbreak my iphone?

jacksipencuri July 24, 2010, 10:22 am

when it’s out?
my iphone 3gs ios4.0 new bootroom and never jailbreak before,and i just save SHSH ios4.there’s chance i can jailbreak my iphone?

PJ July 26, 2010, 9:27 pm

I recently got i phone 3gs with firm ware 4.0.1 and new bootrom. I don’t have anythings saved i.e. ssh files etc and stuff and very new to this world of jailbreak. Is there any solution ?

May be even if by some mean i can down grade my firm ware and than get it unlocked.

iPhoneHeat July 27, 2010, 1:32 am

save SHSH for OS 4.0.1 and wait for a few days.. jailbreak is on its way

PJ July 27, 2010, 2:06 am

Thats what I ahve been hearing for past 3 weeks . Man getting restless.
Btw, buddy how can i save my 4.0.1 SSH files ? I dont have cydila installed. Wold appreciate if some one can provide me details steps.

iPhoneHeat July 27, 2010, 4:20 am
dear_vvr August 8, 2010, 9:57 pm

Still waiting for JB for 3GS from redsn0w for 4.0.1; Can we get may be next month!!

dear_vvr August 8, 2010, 9:58 pm

I saved my SHSH both 3.0 and 4.0.1 on Cydia; Will the later get overwrites my old 3.0 ??

Zythyr July 29, 2010, 8:40 am

Does the iPhone 3GS New Bootrom have to be already jailbroken on 3.1.2 in order to use this method? Also, since for the 3gs new bootrom this is a tethered jailbreak, if I DO restart/turnoff phone, which program do I have to use in order to reboot the iphone?

apex July 29, 2010, 10:38 am

hai iphone heat.i am a new user for iphone 3gs with iso 4.0.can i know how can i jailbreak my phone.thanks alot

iPhoneHeat July 30, 2010, 1:07 am

wait for the comex’s jailbreak to come out

aljouharh July 30, 2010, 11:29 pm

Please help me

I am doing every step but

I can’t see the image in this step at the link


aljouharh July 31, 2010, 12:12 am

Please? help me

I am doing every step but

I can’t see the image in this step at the time 7:12

Jacksdad August 26, 2010, 12:56 am

I’ve got the same problem. Everything goes well until STEP D “Run the Process and if you see the image, you can proceed!”. No image appears. Any suggestions??

saied August 1, 2010, 1:12 am

can i use this method right now? cause 4.0.1 is out and this is for 4.0
i’m on 3.1.2 but mistakenly use sprit over blackra1n

3gs new bootrom

iPhoneHeat August 1, 2010, 12:13 pm

wait for the Comex’s jailbreak

jpfogarolli August 1, 2010, 6:01 am

i tried to jailbreak my iphone 3gs following this tutorial but after the restore itunes said “the sim card inserted in this iphone does not appear to be suported”
can you help me??

iam1simpleguy August 7, 2010, 10:56 pm

Beware..i have newbootrom.. 3gs and was on 3.1.2 …i have reached until i saw custom logo on iphone but when it comes to restore it just didn’t work.I was lucky i have shsh saved on cydia and now i am back on track 🙂

Leave a Comment