iPhone 3G/3GS owners who found themselves stuck with version 05.11 of the baseband (either by accident or because they bought it that way) are now in luck!  geohot was able to turn the already-public at+xemn crash into an injection vector, which can be used to inject his version of the unlock.  The blacksn0w unlock is available for free via Cydia by adding the repository http://blackra1n.com in the Manage->Sources panel.  Congratulations, geohot!

Those of you who are already unlocked at 3.1.2 because you kept your 04.26 baseband now have an extra cushion of comfort, and more choices: ultrasn0w, purplesn0w, and now blacksn0w (and of course the original yellowsn0w too if you’re still back at FW 2.x).   Whether or not you choose to update your baseband solely to use the new unlock is a personal choice, but so far there are no advantages to doing so (and remember you can’t come back to 04.26 after you’ve gone to 05.11).

As with all the unlocks, it will probably very soon be re-sold through scam sites that charge you money for what is offered to the community for free.  Please stay vigilant for these scam sites and steer your friends away from them.

Update: Some commenters are reporting a lingering problem with WiFi while using blacksn0w.  Some are able to solve it with a single “Reset Network Settings” but others say they need to do that periodically.  So far there seems to be no pattern to those affected or the best way to fix it.

No, this is not a release post!  Just wanted to wish iPhone and iPod touch users everywhere a Happy Halloween!

This next one obviously isn’t a pumpkin but who can pass up on laser art by marcan!

If you have an iPhone or Apple related pumpkin photo you’d like to share, send it on in to blog@iphone-dev.org or tweet it to MuscleNerd :)  The first pumpkin with our dev team pwnapple logo is MuscleNerd’s and for credit on the others, just click on them.

Here are some details on our latest version of PwnageTool 3.1.4 for Mac OS X which supports the 3.1.2 release of the iPhone software for iPhone 2G/3G/3GS and iPod Touch 1G/2G.

If you’re already jailbroken (by whatever means), you don’t need to mess around with DFU mode at all.  Just create (or get from a friend) your custom IPSW and Option-Restore (Shift-Restore on Windows) to it via iTunes.  Don’t enter DFU mode at all.  Please make sure you are restoring to the custom IPSW, not the stock one from Apple!  For best results, use the latest iTunes (9.0.1) — which includes a nice new application organizer.

This release allows your baseband to remain unlocked at 3.1.2, but it does not unlock a new baseband put there by restoring to official 3.1.x.  It is super important that people who need the unlock to understand they can keep it only by starting at 3.0 (or earlier) and updating solely to custom IPSWs that don’t update the baseband.  For those who have been onboard the “unlock train”, simply install ultrasn0w via Cydia once you’ve restored to your custom IPSW.  Don’t forget to turn off the “3G” setting in Settings->General->Network if you use T-Mobile in the U.S.A.

Note for 3GS users not already jailbroken and stuck at 3.1.x: this version of PwnageTool has a side feature to jailbreak your 3GS.  It uses a simple implementation of the usb control msg hole found by chronicdev, geohot, and our very own gray.  (Update: please make sure iTunes and iTunesHelper are not running when PwnageTool asks you if your 3GS is already jailbroken/pwned).  Now that the hole is public and in use, we expect Apple to close it by the next major firmware update. That’s why 3GS users need to get their ECID hashes for 3.1.x now, and need to stay onboard the “jailbreak train” in all future updates.  For more details on what this means, please see our earlier posts or ask in our comments section (moderated by the always helpful @angie and @confucious!).

For the early adopters who ran blackra1n and are having problems with mobilesubstrate, winterboard, diskaid, or ifunbox, you can install a custom .ipsw from PwnageTool to fix these issues.  That’s because all jailbroken devices accept a custom .ipsw created by PwnageTool.  (However, if you ran blackra1n on a 3G or 3GS that means you updated to stock 3.1.x, and the carrier unlock is now out of reach.  We’ll continue to work on a carrier unlock for the latest basebands, but the timeframe for such an unlock is unknowable.)

Note: If you use internet tethering on a carrier that doesn’t officially support it, you’ll lose it by going to 3.1.x.  Stay back at 3.0 until a hack for that is developed.

SUMMARY:

• The iPhone 3GS is now supported out of the box in PwnageTool 3.1.4 (or if you have upgraded to 3.1.x in iTunes)
• The iPod 2G is still supported in PwnageTool 3.1.4 but you must already be jailbroken (we’ll update this if there’s a big demand from non-jailbroken ipt2G owners)
• The iPod touch 3G is NOT supported

DETAILS:

1. GOLDEN RULE: If you are using a iPhone 3G or iPhone 3G(S) with ultrasn0w and rely on ultrasn0w to obtain cellular service then you should only update your device with an .ipsw that is made with the new PwnageTool. There are no second chances with this. You need to remember that PwnageTool will provide an upgrade path to newer versions of the iPhone software in the future.
2. Please read all parts of this post before downloading and using these tools.
3. Read items 1, 2 and 3 again and again.
4. At the bottom of this post are the bittorrent files for the 3.1.4 capable version of PwnageTool.
5. PwnageTool will work for the iPhone 3GS
6. PwnageTool will work for the iPod touch 2G
7. PwnageTool WILL work for Original iPhone (1st Generation), the iPhone 3G and iPhone 3G(S) and the iPod touch (1st Generation and 2nd Generation) but NOT the iPod touch 3rd generation.
8. For 3G and 3G(S) users who are Pwned, PwnageTool is your key to updating in the future, just remember to never install an update directly from Apple, always use an .ipsw that has been created with PwnageTool.
9. There is no Windows version of PwnageTool yet.  It is currently a Mac OS X tool only.  Custom IPSWs created on a Mac can be used on a Windows machine too.

What’s a Baseband?

The ‘baseband’ is the generic nickname given to the internal components of the iPhone that handle the phone calls and Internet access. This ‘baseband’ is a tiny and unique independent computer system that runs inside your iPhone, it is separate to the main system that handles the applications (such as email and google maps) and it talks to the main part of the phone over an internal communications network.

Think of it like a cable modem or other peripheral that is attached to your home PC that needs occasional updates. When a software update is released and presented to you within iTunes the baseband is sometimes updated (to fix bugs or add new features).

The 3.1.2 update for the iPhone 3G and 3GS contains such an update, so running the vanilla updater straight away with iTunes will reprogram and update the baseband.

WHICH DEVICE DO I HAVE?

Read the description to identify your device, once you have correctly identified your device follow the specific instructions for that device as listed below.

SIM Free/SP Unlocked/Factory Unlocked iPhone 3G(S)

This applies if you bought your iPhone 3G(S) for $$$$$$$. This model of iPhone 3G(S) doesn’t have an Service Provider lock (aka factory unlocked) and you are able to put any SIM card into the phone and get service. Your phone is already unlocked so you do not need to worry about baseband updates, you can use PwnageTool to create an ipsw and then use this to update and jailbreak your phone.

SIM Free/SP Unlocked/Factory Unlocked iPhone 3G

This applies if you bought your iPhone 3G for $$$$$$$. This model of iPhone 3G doesn’t have an Service Provider lock (aka factory unlocked) and you are able to put any SIM card into the phone and get service. Your phone is already unlocked so you do not need to worry about baseband updates,  you can use PwnageTool to create a 3.1.ipsw and then use this to with iTunes to upgrade and jailbreak your phone.

iPhone 3G

Use PwnageTool to do the magic and then restore with iTunes using your newly created .ipsw

iPhone 3G(S)

Use PwnageTool to do the magic and then restore with iTunes using your newly created .ipsw

iPhone 2G (1st Generation)

Use PwnageTool to do the magic and then restore with iTunes using your newly created .ipsw ‘nuff said, you don’t need to worry about anything, the baseband will be unlocked, the phone jailbroken.

iPod Touch 1G (Original iPod Touch)

Use PwnageTool to create a firmware image and restore with that .ipsw using iTunes.

iPod Touch 2G

Use PwnageTool to create a firmware image and restore with that .ipsw to your already jailbroken device using iTunes.

iPod Touch 3G

At this time PwnageTool does not support this device.

Official Bittorrent Releases -

• PwnageTool 3.14 Torrent
• PwnageTool_3.1.4.dmg.5122330.TPB.torrent
• SHA1(PwnageTool_3.1.4.dmg.5122330.TPB.torrent)= d9d44258ade35623ec71e83520943b6f4baa568a

Unofficial Mirrors

The following links are unofficial download mirrors, you download these at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links or archives and we accept no responsibility with regard to the validity of the files, or with other content these links provide or with the content that is on the linked site.  Always check the published SHA1 sums. We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must. Mirror owners should email direct links only to blog@iphone-dev.org , please don’t place mirrors in the comments as they will be deleted.

• http://downloads2.touch-mania.com/PwnageTool_3.1.4.dmg
• http://download.sourcekills.com/PwnageTool_3.1.4.dmg
• http://old.bielsipod.de/Daten/PwnageTool_3.1.4.dmg
• http://www.hackthatphone.net/PwnageTool_3.1.4.dmg
• http://miphone.ca/iphone-dev/PwnageTool_3.1.4.dmg
• http://www.appleturk.net/ATWT/PwnageTool_3.1.4.dmg
• http://www.apfelphone.net/dl/PwnageTool_3.1.4.dmg
• http://apfelportal.de/host/images/dev-team/PwnageTool_3.1.4.dmg