Well, I succumbed to temptation tonight – and tried out Pwnage Tool.  I had been fighting off this temptation for a little while now, but over the last couple of nights I’d read a little more on Pwnage and felt pretty comfortable giving it a go.   A couple of my prior concerns were that it […]
" />

Using Pwnage Tool 1.1

Apr 17th 2008 by

Pwnage Tool 1.1

Well, I succumbed to temptation tonight – and tried out Pwnage Tool.  I had been fighting off this temptation for a little while now, but over the last couple of nights I’d read a little more on Pwnage and felt pretty comfortable giving it a go.   A couple of my prior concerns were that it would not be easy to find custom firmwares to use with Pwnage, and that a lot of 3rd party apps might not be available. 

Both these concerns were ill-founded and just due to not having researched things enough.  Pwnage Tool builds your custom firmware for you, easily and quickly, as long as you’re happy on firmware 1.1.4.  That’s fine with me, as the newer 1.2 / 2.0 offers little or no apps compatibility as yet anyway.  And if you stay with a custom, pwned and jailbroken 1.1.4 you can slap all your 3rd party apps straight back on.

My experience so far with Pwnage Tool has been mostly good – a few glitches, but nothing major (touch wood).  This also gave me a good opportunity to give TimeCapsule a good workout, and see how effective it really is at restoring things and potentially saving some time when doing a new jailbreak.  If you’re interested in my very quick (and written while a little tired and jaded at 3:00am) blow-by-blow of how it went, read on …

My Pwning Process:

Preparation:

  • Read several guides on using Pwnage at iClarified and MMi and Hackthatphone, just to size up TimeCapsule screencapwhich I liked best and wanted to use
  • Chose the Hackthatphone guide, as I have had good experience with them before
  • Used TimeCapsule on the iPhone to create restore points for: Camera Roll, Installer Sources, Maps (bookmarks), Phone call history, Notes DB (haven’t swapped all to moleskin yet), Safari bookmarks, Webclips
  • Took screencaps of my 6 home screens and emailed to myself – as my guide for apps to reinstall
  • Manually copied over (via a SSH session) backup files from Timecapsule – path for these is the individual folders for each type of restore point under: /private/var/mobile/ Library/TimeCapsule
  • Restored via iTunes to a ‘clean’ 1.1.4
  • Setup as a New partnership with iTunes, no ‘backup’ options selected

 Pwnage:

  • Used the Hackthatphone guide for Mac at: http://www.hackthatphone.com/114/iphone_pwnage_mac.html
  • Skipped all the sections to do with unlocking etc. – i.e. tried to avoid making any selections that seemed to appy to unlocked phones – as mine is a standard AT&T contract
  • Put iPhone in recovery mode and closed iTunes
  • Let Pwnage Tool update to its latest version, 1.1Pwnage boot image
  • The initial ‘pwning’ process was very quick and painless
  • When choosing how to setup my custom firmware (version of 1.1.4) after first pwning, chose only the ‘Activate Phone’ option on the General tab, and custom packages (Installer, BSD Subsystem, OpenSSH) to have installed in the custom firmware, and a custom logo – and I went ahead and downloaded the Rolling Stones style tongue image from Hackthatphone to replace the pineapple as the bootup image
  • Pwnage creates its custom .ipsw file of the 1.1.4 firmware for you = this is the part I had failed to grasp properly before and which is very cool
  • Once the custom firmware was created, then I restored it via iTunes – the coolest part of all of course
  • Then setup new partnership with iTunes
  • Phone not activated though – tried reboot and disconnect / reconnect via USB cable – phone doing nothing still
  • My feeling was that having selected to let Pwnage activate the phone was probably the problem.  So I started the process again and deselected that option when it came time to choose options for my (new) custom  firmware – like so:

Pwnage Tool 1.1 on Mac

  • By deselecting the ‘Activate phone’ option I was hoping that meant iTunes would once again handle activation (as it has done successfully for me through every prior jailbreak)
  • That worked – custom firmware restored, jailbroken, and phone activated without a hitch.
  • Moral of this part of the story – I should have chosen not to let Pwnage (claim to) handle activation for me first time round.  Oh well, worked second time.

After Pwning, Results and Getting Things Back As I Like Them

This part is still ongoing, and will be continued in the morning as I’m crashing soon – but here’s my process so far for making sure everything is working OK and getting everything back as I like it to be on the iPhone:

  • Synced successfully
  • Tested Phone calls = all good
  • WiFi setup again and browsed the web a bit to ensure WiFi connection solid
  • Sounds work – and synced back a custom ringtone successfully
  • YouTube works
  • Setup Mail – Gmail all OK
  • Maps and Locate Me working fine
  • Installed BossPrefs and BossTool – used BossTool to move ringtones and fonts and increase free space to 123mb – confirmed that BossPrefs was able to toggle SSH, other services OK
  • Installed TimeCapsule and SSHed to phone and copied over its restore point folders – letting it overwrite the new ones it had created on install
  • Found that the TimeCapsule Installer restore point is not what I expected (or wanted) – it just seems to list trusted sources (have those back already), and then all installed packages – I don’t like the sound of trying to restore that plist file, seems like that could get quite messy.  Was hoping it could restore ‘all sources’ sort of thing – doesn’t seem to be able to, or I’m not seeing the right option for it.
    — Restored Maps bookmarks successfully
    — Restored Notes successfully
    — Restored Safari bookmarks – lovely – even all bookmarklets still work, and it even restored Safari’s ‘state’ – as in, it showed the 3 pages open as I had before the whole process started
    — Do not see the Webclips restore option yet – maybe I need to enter my license for this (?), which I cannot find as yet.  Will work on this tomorrow, as not having to manually recreate bookmarks will be a big plus.
  • Started reinstalling apps – using my home screen screencaps from earlier as my cheat sheet for ticking them off

iPhone native apps

That’s about as far as I got tonight.  As with all jailbreaks and upgrades, the most time-consuming parts of this are the preparation (if you have things you want to backup and recreate at the end of the process) and then the putting everything back as you like afterwards.  The actual pwning process is very quick – not as quick as Ziphone, but still very quick and easy. 

My only real complaint with the Pwnage guides and the tool itself is that it is all very geared towards unlocked phones – there is not a lot of mention of what to do if you are happily locked to your current cell carrier.  It’s my bad really for not guessing right away that letting Pwnage try to activate for me would probably not go smoothly (as I’ve seen that same result with several past jailbreak tools).  Maybe this part even works for others – would be interested to hear if anyone with a locked phone has had success with Pwnage activating.

Overall, so far I’m glad I did this.  It was a good opportunity to give TimeCapsule a good testing, and this method is of course said to be a lot more ‘future proof’ than any of the other existing ones – which hopefully makes things easier when iPhone 2.0 comes along.

That’s it for me tonight; as Jim Rome would say – Good night now …

Tags: , ,

Continue reading:

TAGS: