Pwnage

Sep 18, 2012 iPhone Dev team has just released a new version of Redsn0w and PwnageTool, which includes Rocky Racoon and untethered iOS 5.1.1 jailbreak developed by pod2g and planetbeing that was used in Absinthe 2.0.x jailbreak. Pwnage is focused on delivering innovative products, services & experiences for the gaming community. Life's a Game, Pwn it! (General Sporting Terms) (tr) slang (esp in online gaming) to defeat (an opponent) in conclusive and humiliating fashion C21: altered from own Collins English Dictionary – Complete and Unabridged, 12th Edition 2014 © HarperCollins Publishers 1991, 1994, 1998, 2000, 2003, 2006, 2007, 2009, 2011, 2014. Could this be the greatest wireless gaming mouse ever made? Pwnage website: https://pwnage.com/products/ultra-custom-wireless-ergoIndiegogo.

PwnageTool is an iOSjailbreak tool for Mac OS X that jailbreaks by creating a custom IPSW. You are allowed to change boot logos and add pre-installed packages to the IPSW. After an IPSW is created you can use it for restore using iTunes.

  • 2Exploits Used
  • 4Versions

Credit

Exploits Used

Version 1.0

Pure Pwnage

Version 2.0

Version 4.0

Pwnage
  • Bootrom exploit (used by limera1n and greenpois0n)

Models Supported

Pwnage
ModelSince
iPhone 3G19 Jul 2008
iPod touch (2nd generation)2 Oct 2009
iPhone 4 (iPhone3,1)20 Oct 2010
iPod touch (3rd generation)20 Oct 2010
iPod touch (4th generation)20 Oct 2010
iPad20 Oct 2010
Apple TV (2nd generation)20 Oct 2010

Please note that the iPad 2 and the iPhone 4S are not supported, as there is no publicly available bootrom exploit (like Pwnage, Pwnage 2.0, limera1n) for the A5-Processor.

Versions

PwnageTool was released 3 April 2008 but largely unused until version 2.0 was released 19 July 2008.The following versions that are shown here are not beta, alpha, or in development.

1.x: First release of PwnageTool

VersionRelease DateFeatures
1.03 Apr 2008
  • Initial release
  • Supports iPod touch and iPhone.
  • Includes 2 modes: iPwner and custom .ipsw
  • Uses Ramdisk Hack+Pwnage in iPwner then creates the firmware.
1.117 Apr 2008
  • Jailbreaks 1.1.4 firmware
  • Supports iPod touch and iPhone.
  • Custom boot logos can now be added
  • Added Bootneuter integration
  • Still uses iPwner and custom .ipsw

2.x: Second major release of Pwnagetool

VersionRelease dateFeatures
2.019 Jul 2008
  • Added iPhone 3G support [1]
  • Jailbreaks 2.0 Firmware
  • Change boot logos
  • Adds Cydia by default
2.0.14 Aug 2008
  • Jailbreaks 2.0.1 firmware
  • Works for 2.0 and 2.0.1.
2.0.221 Aug 2008
  • Jailbreaks 2.0.2 firmware [2]
  • Works for 2.0, 2.0.1, and 2.0.2.
  • Bug fixes - for when it doesn't go to the next page when you click on something.
2.0.325 Aug 2008
  • Jailbreaks 2.0.2 firmware
  • Works for 2.0, 2.0.1, and 2.0.2.
2.113 Sep 2008
  • Jailbreaks 2.1 firmware
  • Removed backwards compatibility
  • Download packages from a valid Cydia source, and add them onto your custom IPSW.
2.221 Nov 2008
  • Jailbreaks 2.2 firmware
2.2.530 Jan 2009
  • Jailbreaks 2.2.1
  • Not updated by iPhone Dev Team but made official.

3.x: Third Major Release of PwnageTool

VersionRelease dateFeatures
3.019 Jun 2009
  • Jailbreaks 3.0 firmware
  • DFU mode instructions included
3.115 Sep 2009
  • Jailbreaks 3.1 firmware for iPhone and iPhone 3G
  • Jailbreaks 3.1.1 firmware for iPod touch
3.1.32 Oct 2009
  • Support for iPhone 3GS with Bootrom 359.3 bootrom and iPod touch (2nd generation) with Bootrom 240.4 bootrom (these devices need to be pwned from 3.0/3.0.1)
3.1.413 Oct 2009
  • Jailbreaks 3.1.2 firmware for iPhone, iPhone 3G, 3GS with Bootrom 359.3 bootrom, iPod touch, iPod touch (2nd generation) with Bootrom 240.4 bootrom
  • iPod touch (3rd generation) not supported.
3.1.57 Feb 2010
  • Jailbreaks 3.1.3 firmware for devices supported in 3.1.4.

4.x: Fourth Major Release of PwnageTool

Pwnage
VersionRelease dateFeatures
4.022 Jun 2010
  • Jailbreaks iOS 4.0 for devices supported in 3.1.4.
4.0123 Jun 2010
  • Fixes iBooks issue.
4.120 Oct 2010
  • Jailbreaks iOS 4.1 for Apple TV (2nd generation), iPad, iPhone 3G, iPhone 3GS (both bootroms), iPhone 4, iPod touch (3rd generation), and iPod touch (4th generation).
4.1.122 Oct 2010
  • Fixes issues with Leopard.
4.1.222 Oct 2010
  • Fixes more issues with Leopard.
4.1.328 Nov 2010
  • Enables installing the 06.15.00 baseband on the iPhone 3G and iPhone 3GS
4.215 Feb 2011
  • Support for iOS 4.2.1 on every device that is compatible, except for the iPod touch (2nd generation).
4.33 Apr 2011
  • Support for iOS 4.3.1 on every device that is compatible, except for the iPad 2.
4.3.227 Dec 2011
  • Support for iOS 4.3.2 on every device that is compatible, except for the iPad 2.
4.3.38 Jun 2011
  • Support for iOS 4.3.3 on every device that is compatible, except for the iPad 2.
4.3.3.18 May 2011
  • includes a fix for the iPhone 3GS / iPhone 4 side switch vibration issue (only for 4.3.3)

5.x: Fifth Major Release of PwnageTool

VersionRelease dateFeatures
5.0.127 Dec 2011
  • Jailbreaks iOS 5.0.1 for non-A5 devices.
5.1.14 Jun 2012
  • Jailbreaks iOS 5.1.1 for non-A5(X) devices.

Creating the Firmware

PwnageTool takes the IPSW file and patches it, creating a custom version. This enables a lot more features such as pre-installed packages, BootNeuter (iPhone software unlock), custom packages and boot logos. This method is usually less secure than the quick exploits such (redsn0w, QuickPwn, purplera1n, blackra1n, etc.).

Pwnage

How to create Custom Firmware Bundles

Main article: Making PwnageTool Bundles


Problems

This method does have negative aspects. The most common errors are the 16xx range of errors, which mean that the either the firmware file is corrupt or you didn't put it in the right mode (Recovery, DFU Mode). Sometimes the problems could just be a computer problem such as the memory is full or the USB port is broken. The most common error is Error 1604 which means that the firmware file is corrupted.

Pwnage

Windows

PwnageTool is expected to remain exclusive to Mac OS X. As of October 2009, iH8sn0w, et. al. has announced that they made a project that will bring PwnageTool's functionality to Windows, called sn0wbreeze. [3]

License

PwnageTool is freeware.

See also

Pwnage Mouse Software

External Links

Retrieved from 'https://www.theiphonewiki.com/w/index.php?title=PwnageTool&oldid=113510'

Pwnage Guide

Author: BigBoss

Updated June 2, 2010.

Note: Pwnage is MAC only. Pwnage does not work on the following devices:

iPhone 3gs later than week 40 2009 manufacturing date (look at your serial number. Digit 3 is the year, digits 4 and 5 are the weeks. xx940xxxxxx serial means 2009 week 40. xx002xxxx means 2010 week 2.

iPod touch 2nd/3rd generation devices cannot be pwned currently.

Use spirit for the above devices.

Pwnage 3.1.5 is out. This guide is for the MAC version of pwnage. Here are the steps to pwning your phone. Pwnage for the MAC can be downloaded from here. The required bootloader files can be found here.

Pwnage Wireless Mouse

Step 1: If your firmware is lower than 1.1.4 or you have not jailbroken your device before, restore a fresh 3.1.2 (or 3.1.3 for 2g users). If you are already at 3.1.2 or you have already pwned or jailbroken your device on an older firmware, this is not necessary. You can follow the restore guide for help on restoring in iTunes. Note: you may see “Preparing iPhone software for restore” for a very long time. Could be 10 minutes. This is normal. Don’t panic and stick with it. Note 2: If you get error 1600 you may try restore mode instead of DFU mode. It can be finicky. Try going back and forth from restore to DFU mode.

Pwnage Download

Step 2: Install the pwnage from the DMG by dragging it to your applications folder. Extract the rar file for the bootloaders and put that in your Documents folder. Load up the pwnage tool. You will see this screen so click away the warning. Note: some folks having problems loading the pwnage tool and the icon just sits there bouncing. You may try clearing your cache by deleting the {your name}/Library/Caches folder and/or /Library/Caches and reboot. You may also try booting into safe mode.

Step 3: At the top, select “Simple Mode” and click the phone or iPod that matches your device.

Step 4: Select the firmware you used to restore your phone in step 1 and click the blue next arrow.

Step 5: (2g unlockers only. 3g/3gs/ipod skips to step 7) Select your bootloaders that you downloaded from step #1. You will be presented a screen asking you if you wish to search the web for the bootloaders. Select NO.

Pwnage Robotics

Step 5a: Now select YES you wish to browse for the 3.9 bootloader.

Step 6: Repeat steps 5 for the 4.6 bootloader files.

Step 7: You will be prompted to create a custom FW image now. Select YES unless you have already done so in which case you can select NO. For first time users select YES. If you select NO, you will skip to step 10.

Step 8: You are asked “Are you legit iPhone”. This means do you need to unlock and activate (NO) or do you have a contract carrier like AT&T (YES). Select NO to unlock, YES to not unlock. (Note: if you do not unlock and you do not have a contract carrier, you will be stuck at connect to iTunes screen and will need to repeat this tutorial again). Note: on 2.0.2, this asks if you have a valid contract instead. The premise is the same. If you have a 3g you always want to say “yes” to this since there is no way to unlock. The exception is if you are intending to use a sim adapter.

Step 9: Wait for custom IPSW / custom restore image to be generated. This takes a few minutes. Also, be prepared to enter your password as part of the process.

Step 10: If your iPhone has been pwned before, say YES. Otherwise say NO. Note: if you have restored a generic image, you should say NO. Only say yes if you have pwned and your iPhone boots with the pineapple or custom boot image. If you pwned 1.1.4 or higher or are already jailbroken, you do not have to pwn again. This will pwn your phone. There is no harm in pwning your phone again, so if you’re in doubt go ahead and say NO. Note: if you say “YES” skip to step 13.

Step 11: You are now instructed how to get into DFU mode. These steps are identical to my steps here. Follow the steps and you will be fine. If you get lost or behind just click my link and do it manually. Remember, DFU mode means you will not see anything on your iPhone screen. It will appear as it if is turned off but the computer will see the phone. Note: if you have a new macbook released in 4th quarter 2008, you probably cannot get into DFU mode as Apple prevents this. You have some the easiest is to hook your iPhone to a USB hub and plug that into the mac. The same occurs if you’ve updated to Leopard 10.5.6. You can also try to replace adriver, IOUSBFamily.kext with one from 10.5.5 (instructions to do this are beyond scope of this tutorial).

Step 12: Restore your custom firmware in iTunes. Remember you need to use Option-Restore to select your custom firmware file.

Step 13: Wait for iTunes to finish its restore. This takes a while. Be patient.

Step 14: If you selected “NO” to a legit phone, wait for bootneuter to run and do its thing.

Congratulations. You have a freshly pwned phone. Enjoy Cydia. For a recommendation on what to install, check out this.