VIDEO GUIDE: Tethered jailbreaking your iPod touch in Windows
Watch the videos in High Quality (arrow button on the right of the bar for options, click on "HQ" button)
Things you need to download before starting:
redsn0w lite: http://www.redsn0w.com/ XPWN: http://www.iphone-dev.org/xpwn/xpwn-windows-nightly.zip 2.2.1 Firmware IPSW: http://tinyurl.com/ipt2g-221 2.1.1 Firmware IPSW: http://tinyurl.com/ipt2g-211 iRecovery: http://rapidshare.com/files/192227930/iRecoveryWin32.zip
Step 1 (0:00, beginning of part 1-1:50)
Download XPWN and redsn0w lite. Create your XPWN folder and extract the XPWN files from the .zip into that folder. In the redsn0w lite .zip, go to FirmwareBundles, copy the folder inside (iPod2,1_2.2.1_5H11a.bundle) and paste it into XPWN's FirmwareBundles folder (.\XPWN\FirmwareBundles). Download the 2.2.1 Firmware IPSW, put it in your XPWN directory and rename it to "OrginalFW" (no quotes.)
Step 2 (1:51-3:22)
Open the Start menu, click "Run...", type "cmd" (no quotes) and hit enter. Command prompt will open. Change directory (cd) to your XPWN directory. Mine was in C:\XPWN, so cd-ing to the directory would look like this in command prompt:
C:\Documents and Settings\urifu\> cd .. C:\Documents and Settings\> cd .. C:\> cd .\XPWN C:\XPWN\>
Once you're in the XPWN directory, type this command:
ipsw OriginalFW.ipsw patchedFW.ipsw -s 700 bundles\Cydia.tar
That command will patch the 2.2.1 Firmware IPSW with redsn0w and Cydia. This will take a while, so go get some tea or something, I don't know, drink a beer.
Step 3 (3:23-4:24)
Now that the firmware is done patching, we need to put our iPod into DFU mode. This will allow you to restore to the patched firmware you just created. To do this, close iTunes (make sure the process is not running) and plug your iPod into your computer. Begin holding down the POWER and HOME buttons. After ten seconds, let go of POWER but keep HOME held down for another 8-10 seconds until you hear the "hardware found" sound. Your iPod is now in DFU mode.
Step 4 (4:25-5:38)
Download the 2.1.1 Firmware IPSW. Put it in your directory and rename the EXTENSION of the file to ".zip" (no quotes). If you can't see the extension of the file, go into Folder Options in Explorer, click the "View" tab, look for the checkbox that says "Hide extensions for known file types" and uncheck that box. Now you should be able to see the extension in the file name and rename it as well. After renaming the extension of the file, you can now explore the IPSW like a zip file or folder. Go into the "Firmware" folder, then the "DFU" folder and you should see three files. Copy the file "iBSS.n72ap.RELEASE.dfu" and paste it into your XPWN directory. Rename the file to "iBSS211" (no quotes, and don't modify the extension of this file, just the name).
Step 5 (5:39-6:58)
Now you need to download iRecovery (link at top of guide). Install LibUSB with the installer provided in the zip. Extract the files within the iRecovery-SVN folder into your XPWN directory. With your command prompt still open and in your XPWN directory, type this command:
iRecovery -f iBSS211.dfu
This will inject the iBSS from OFW 2.2.1 into your iPod. Unplug your iPod, wait ten seconds, then plug back in. Your iPod's screen should show up white.
ADDED STEP, FORGOTTEN IN VIDEO!! READ CAREFULLY!!
Enter these commands, one line at a time, CAREFULLY, into iRecovery shell.
arm7_stop mw 0x9000000 0xe59f3014 mw 0x9000004 0xe3a02a02 mw 0x9000008 0xe1c320b0 mw 0x900000c 0xe3e02000 mw 0x9000010 0xe2833c9d mw 0x9000014 0xe58326c0 mw 0x9000018 0xeafffffe mw 0x900001c 0x2200f300 arm7_go arm7_stop
Enter /exit to leave shell
Step 6 (6:59-8:06)
Go into your XPWN directory, find the patched firmware you created earlier and rename it's extension to ".zip" (no quotes). Go into the "Firmware" folder, then the "DFU" folder and you should see three files. Copy the file "iBSS.n72ap.RELEASE.dfu" and paste it into your XPWN directory. Rename the file to "iBSS221pwn" (no quotes, and don't modify the extension of this file, just the name). Go back into the patched firmware zip, go into the "Firmware" folder, then the "all_flash.n72ap.production" folder. Copy the file "iBoot.n72ap.RELEASE.img3" and paste it into your XPWN directory. Rename that file to "iBoot221pwn" (no quotes, and don't modify the extension of the file, just the name). Rename the patched firmware's extension from ".zip" back to ".ipsw" (no quotes).
Step 7 (8:07-9:54, end of part 1)
Open iTunes. As soon as you open it, iTunes will tell you that it sees your iPod in DFU mode, and you need to restore to continue using your iPod. Shift-click on the restore button in iTunes, and search for the patchedFW.ipsw you created earlier. Click "open" and your iPod will begin restoring to the patched firmware. Again, this will take a while, so go outside or something.
Step 8 (0:00, beginning of part 2-2:06)
Once your iPod is done restoring it will power off and attempt to reboot. This is likely where you'll panic like I did. Windows will say that your iPod is "unrecognizable" and iTunes and iRecovery will not be able to recognize it. YOUR iPOD IS NOT BRICKED OR DEAD. It's just stuck trying to boot, but it can't because the firmware is patched, thereby making it invalid and unable to pass sigchecks made by the iPod. Begin holding down the POWER and HOME buttons on your iPod. After ten seconds, let go of POWER but keep HOME held down for another 8-10 seconds until you hear the "hardware found" sound. Your iPod is now in DFU mode. Go into your command prompt and type this command:
iRecovery -f iBSS211.dfu
This will, yet again, inject the iBSS from OFW 2.2.1 into your iPod. Unplug your iPod, wait ten seconds, then plug back in. Your iPod's screen should show up white.
Step 9 (2:07-3:23)
Go back into iRecovery and start the iPhone/iPod shell with this command:
iRecovery -s
You are now in shell mode. Any commands you enter are being sent to your iPod, which is in iBoot mode. TYPE CAREFULLY, THIS IS WHERE THINGS CAN BREAK IF YOU DO SOMETHING WRONG!
Enter these commands, one line at a time, CAREFULLY, into iRecovery shell.
arm7_stop mw 0x9000000 0xe59f3014 mw 0x9000004 0xe3a02a02 mw 0x9000008 0xe1c320b0 mw 0x900000c 0xe3e02000 mw 0x9000010 0xe2833c9d mw 0x9000014 0xe58326c0 mw 0x9000018 0xeafffffe mw 0x900001c 0x2200f300 arm7_go arm7_stop
Enter /exit to leave shell.
Step 10 (3:34-3:58)
Now that you are out of shell, enter this command:
iRecovery -f iBSS221pwn.dfu
This will inject the pwned 2.2.1 iBSS into your iPod. After you've done this, hit CTRL+ALT+DEL to open Task Manager. Make sure the two processes "AppleMobileDeviceService.exe" and "iPodService.exe" are not running. If they are, select them in the process list and click "End Process."
Go back into shell (iRecovery -s) and enter go.
Your iPod's screen will flash black, then back to white. You'll hear it disconnect and reconnect, too.
Enter /exit to leave shell.
Step 11 (3:59-4:50)
Now that you are out of shell again, enter this command:
iRecovery -f iBoot221pwn.img3
This will inject the pwned 2.2.1 iBoot into your iPod. After you've done this, hit CTRL+ALT+DEL to open Task Manager. Make sure the two processes "AppleMobileDeviceService.exe" and "iPodService.exe" are not running. If they are, select them in the process list and click "End Process."
Go back into shell (iRecovery -s) and enter go.
Your iPod's screen will go black and you will then be greeted by the Apple logo. Your iPod is now booting into your patched firmware.
Step 12 (4:51-5:33, end of tutorial)
You should see Cydia as a new home menu icon. Go into Cydia and install some apps!
Remember, you need to repeat steps 8-11 every time you boot with the tethered redsn0w lite.
Credits!
Thank you for reading my tutorial and watching my tutorial videos!
I
hope you enjoyed these videos and I hope you enjoy your jailbroken
iPod touch!
Video tutorials by urifu (or just leaf :D) Original text tutorial by iLove of the iPod touch fans forum. iRecovery commands from http://idiotsoftech.com/boot.txt Special thanks to everyone @ irc.osx86.hu #itouch to Hypenotist for helping me over ustream.tv chat (damn AppleMobileDeviceService.exe :P) and to iPhone-dev for being so damn awesome.
EXTRAS!
I recommend WinterBoard, NES, and Terminal from Cydia. These apps are a must, I say XD
Also, you can remove that annoying "Stocks" app now. Get the Terminal app from Cydia. Open it and enter this command:
su
The iPod will prompt for a password. Enter alpine. You should now be user "root". Enter this command:
rm -rf /Applications/Stocks.app; killall -HUP SpringBoard
SpringBoard will restart,
and once you enter the home screen, you should see that the Stocks
app is now gone. Good riddance :)
written by urifu, 2009