So for example, my family has like 7 iPhone's between wife, kids, brother, sister in law, etc.... So I build the ipsw using pwnage tool right - after I already have the ipsw, and I try to install the ipsw on another iphone I get a 1600 error... if I go thru the process of pwnagetool again (even tho I don't need to, since I already have a good custom ipsw). it all works...

Its like pwnagetool issues a command to itunes to accept the custom ipsw?

HELP

devices have to already be jailbroken to make pwntage tool work.

So does Pwnagetool actually issue a command to "force" itunes to complete a restore on a iphone that is NOT already jailbroken...?

You only need to make a new ipsw for a new model of iPhone or iPod touch (eg iPhone 3g versus iPhone 2G) or if a new version of the iPhone OS is released.


Pwnagetool does modify iTunes restore process to accept custom ipsw but this only needs to be done once per computer with iTunes installed (or per user account on that computer if you have multiple users of the computer who each use iTunes)

Once a phone is pwned it is not necessary to go into DFU mode to restore another custom ipsw to that same phone.

I don't think this is accurate, or I'm not explaining myself accurately. I think the short answer to my question is YES, Pwnagetool has to do its thing for this process to work, even if you already have your already created custom .ipsw the way you want it.

OK, let me set the scene... So I have 5 iphones in my family alone (me, wife, kids = 5 total iphones, all unlocked, all on t-mobile usa, all jailbroken, etc)

OK.. so now I want to upgrade my iPhone 3G to 3.1.2... if it's already jailbroken all I have to do it restore custom ipsw... but if I want to restore my custom ipsw on my neighbors 3G who is NOT jailbroken yet - And he has a FACTORY ORIGINAL ipsw on his 3G - I have to re-run pwnagetool and let it send whatever commands it does to allow the iphone (which is NOT jailbroken) to accept a custom firmware... Correct?

Now, here's the question I'm sure many would like to know, in this situation - I have a custom ipsw already for a 3G, and I want to do a 3G that is NOT already jailbroken, is there anyway I can make pwnagetool issue the command needed to accept the custom ipsw without going thru the routine of creating a new ipsw since I already have one?

Ok, I have not tested this situation because I don't own two iPhones of the same model. However I think that as long as you use the same PC/iTunes/account to load both iPhones you should be fine.

You should answer no to has your iPhone been pwned before? When making the ipsw.

You need to put your neighbour's iPhone in DFU mode and yours can be restored straight from iTunes

I think this should work. As long as they are both the same model (eg 3G) iPhones you can use the same custom ipsw.

Will not work for 3GS as they do not need to be set in DFU mode for initial pwnage.

Test it out, even if it goes wrong, you can get the phones back with another restore easily enough.

Be be clear of the iphone model when discussing. Is it 2g, 3g or 3gs.
A single custom image for each model of the iphone can be re-use over and over for the respective model

A custom firmware requires the phone to be already jailbroken (or we say pwned. When it is pwned, that means iboot has been pwned). For already jailbroken phone, you only need to shift-click and select the custom fw. No need for Recovery mode or DFU.

Now, regarding your neighbor 3G that has never been jailbroken. There are several ways you can handle this.

- the simplest way is if you have a Mac, just connect that phone, run pwnagetool, build the custom firmware. At the end, it asks if your phone has been pwned before, answer NO. This effectively will put the phone in a "Special Recovery" mode by pwnagetool to allow you to restore with the custom firmware. From now on, the phone is pwned. Say at the next release of firmware, you would build a new ipsw and just restore to it either from PC or mac.

- if you don't have a mac but have a custom ipsw 3.1.2. On the 3G, you can restore to fw 3.0. If you have a mistmatch baseband, itunes will throw an error at the end. Don't worry, just ignore it. Now use redsn0w for windows to jailbreak it. When done, your phone is now pwned. Now you can restore the custom 3.1.2 ipsw to it without recovery or dfu

I hope this clear things up

__________________
** If you just want to support hackint0sh.org with a donation click here **

Thanks dtube, thats exactly what I suspected. Now, is there anyway to make pwnagetool (on a mac) just skip the build ipsw process (since I already have the custom ipsw I want to use) and put the 3g or 3gs into the special recovery mode to accept the custom firmware I already have?

Let me go into detail a little on the subject matter for non pwned 2g/3g.

On 2g and 3g iphones, basically it needs to put an exploited WTF file into the phone in DFU mode. When you answer "no, this device has never been pwned", pwnagetool will guide you through putting the phone in DFU mode. As soon as itunes detected the DFU, it will immediately upload the WTF file to the bootrom. At this point, itunes will let you send the custom ipsw to the device. The 2g/3g has the DFU level exploitation.

Let me answer your question in 2 part because the 3G and 3GS is different.

3G: To get in that "special/exploited" recovery mode, you need the extract the WTF file from your custom ipsw. You put the WTF file along with your custom ipsw into the correct folder in iTunes. Now, you put the iphone into DFU mode, as soon as itunes detects DFU, it will upload the exploited WTF file to the phone. Now you can restore the custom fw. I'm sure someone can create a tool to put the 2g/3g into this exploited recovery mode, however, that will violate the Apple's term because the tool would have to include a modified WTF file.

3GS: The 3gs does not have exploitable DFU mode therefore you cannot do the same. You need to use pwnagetool to put into that special mode. If you don't have a mac, your option is to use blackra1n to JB it first. After that, you can restore with custom ipsw without needing special recovery. For more understanding of the exploits used for 3GS (iboot, usb_control) to obtain a jailbreak, please read here: iBoot - The iPhone Wiki

ps: Thanks to CPICH for explaining this to me

__________________
** If you just want to support hackint0sh.org with a donation click here **

Explained in perfect fashion. MANY MANY THANKS DTUBE!