iPhone 2.0 hack: it took just nine days

Nine days. That's the time it has taken since the official launch of iPhone 3G for a hacking group called "iPhone-Dev team" to officially release an application that lets you jailbreak and unlock any first generation iPhone, or jailbreak (but not network unlock) the iPhone 3G.

The tool is called PwnageTool (a play on the humorous geek term 'pwned', derived from the word 'owned' -- used to taunt an opponent in gaming who has just been defeated, but also commonly used when a hacker has taken control of a device or system.) So far PwnageTool is only available for Mac OS X.

While the group promise a 'more official announcement soon' the tool is live and freely downloadable. There aren't official instructions available yet, but a good summary of what to do, and how to do it is available here. I've also included some of my notes here too.

Pwning your phone, as it is now being referred to, is more complicated than unlocking an original iPhone running the last first-gen release of the iPhone firmware (1.1.4). It works by modifying the '.ipsw' firmware file for the iPhone which is available via Apple's webservers. You then use iTunes to upload the modified firmware to your phone, which replaces the system software for the phone with the slightly modified one.

To use PwnageTool you'll need to download a different ipsw file depending on your phone (available here for 1st gen phones, and here for iPhone 3G users). You'll also need to download a copy of the iPhone bootloader.

Once you've got all the pieces you need, PwnageTool assembles a custom .ipsw file that you use to upgrade your phone. In my experience, the process of creating a custom .ipsw image took around 10 minutes.

Once created, PwnageTool asks you to connect your iPhone and is meant to put your phone in DFU mode -- the mode where the phone is ready to accept a firmware upload. However, PwnageTool wouldn't put my phone in to DFU mode, so I ended up having to do it manually (Plug in your phone, make sure iTunes is closed, hold down the power and home button and release the power button when you see the Apple logo, connect to iTunes). It can be tricky to do this part right, so I recommend watching this video tutorial of how to put an iPhone into DFU mode (thanks to Jenneth Orantia for this tip).

When your phone is in DFU mode, connect it to iTunes, and on the main screen hold down the option key and click restore.



A file browser will come up, and you have to navigate to and select to the custom .ipsw image you just created with PwnagetTool and iTunes will begin uploading the version to your iPhone.

You'll know it's working when a pineapple logo shows up on your iPhone.

After the iPhone is restored and boots, BootNeuter 2.0 loads up and 'unlocks' your Baseband, then reboots the phone. You'll also need to restore your iPhone settings from a previous backup - something that iTunes will ask you to do.

Apart from unlocking and upgrading, PwnageTool also installs a program called Cydia - an 'Installer' replacement which allows you to install software that hasn't been authorised by Apple. However, with the AppStore fully functional there's not much software to install from Cydia, however, as this unlock solution gains momentum I'm expecting to see all the apps that Apple rejected show up.

Have you Pwned your iPhone yet? How did it go?