How to: Use PwnageTool to create custom firmware to jailbreak iPhone 3GS

pwnagetool313-3gs07
Except the new iPod Touch, iPhone 2G/3G/3GS and iPod Touch 1G/2G will be able to jailbreak with the latest firmware 3.1. It is necessary for the upgrade since the new software like Dropbox and augmented reality apps only run on the firmware 3.1. You will need a Mac and the latest PwnageTool 3.1.3 at here. It is not that hard to jailbreak, actually. But, it is always useful for some users. Take a look of the simple guide after the break.
It is tested with iPhone 3GS, iTunes 9.0.1 and Mac OS X Snow Leopard 10.6.1. Since PwnageTool 3.1.3 is also compatible with iPhone 2G/3G and iPod Touch 1G/2G. You can also follow this guide if you use other iPhone or iPod Touch.
As usual, don’t blame anyone if the jailbreak is failed. Try it at your own risks.
Step 1. Choose “Expert Mode” from the ToolBar. Choose the device you are using. In my case, I choose iPhone 3GS.
pwnagetool313-3gs01
Step 2. Choose the firmware 3.1. If you don’t have it, you can download it from here. Choose the correct firmware with correct device.
iPhone 2G should choose the firmware starts with iPhone 1,1.
iPhone 3G should choose the firmware starts with iPhone 1,2.
iPhone 3GS should choose the firmware starts with iPhone 2,1.
iPod Touch 1G should choose the firmware starts with iPod 1,1.
iPod Touch 2G should choose the firmware starts with iPod 2,1.
pwnagetool313-3gs02
Step 3. There are 6 options you can choose. If you want the PwnageTool activate the iPhone for you, you can just click “Build” and “Next” button to build the custom firmware. But, I recommend to change some of them in this guide.
pwnagetool313-3gs03
Step 4. Click “General”. If you are using the official carrier and iPhone will activate through iTunes, make sure you don’t check “Active iPhone”. Otherwise, check the option so that you can software unlock with ultrasn0w and use it with the unofficial carrier. Click the “go back” button and the settings will be saved.
pwnagetool313-3gs05
Step 5. If you don’t like the custom logo by iPhone Dev Team, click “Custom logos” and make changes.
pwnagetool313-3gs04
Step 6. You can click “Cydia packages” and “Custom packages” to further customize the firmware. I personally clicked “custom packages” and removed the “Icy”. I need “Cydia” only. Then, click “build” and click “next” to start to build the firmware.
pwnagetool313-3gs05b
pwnagetool313-3gs06
Step 7. When you have started to build the firmware, select the destination. I saved it on the desktop. PwnageTool will ask the system password. After a few minutes, it will ask you to put the iPhone 3GS in recovery mode. Other iPhone or iPod Touch may need to put in DFU mode. Follow the instructions on-screen on how to put the iPhone in DFU mode.
To put the iPhone 3GS in recovery mode, launch the iTunes first. Then, try to press iPhone’s home and power button at the same time. When iPhone is turned off, quickly release the power button and keep holding the home button. Wait for a few minutes and iTunes will prompt the iPhone is now in recovery mode.
You can also try to turn off the iPhone 3GS first. Disconnect the iPhone from computer. Press and hold the home button, connect iPhone with the computer and launch the iTunes. Keep holding the home button until the iTunes tells you the iPhone is in recovery mode.
pwnagetool313-3gs07
Step 8. Press and hold the Alt key. Click the restore button and file dialog should appear. Choose the custom firmware.
pwnagetool313-3gs08
Step 9. You should now get the iPhone jailbroken with the latest firmware 3.1. iTunes will ask you whether you want to restore the old settings at the first time. Go and have fun with the latest firmware and old baseband!