iPad 1g frozen!! Tried everything, please help!
This is a discussion on iPad 1g frozen!! Tried everything, please help! within the iPad Hacking forums, part of the Apple iPad Discussions category; I got an iPad 1g wifi+3g 64g it had 4.3.5 firmware.
Windows 7 (64bit)
I downloaded redsnow 0.9.8b4 and iOS 4.3.4 & 4.3.5 and jailbroke ...
iPad 1g frozen!! Tried everything, please help!
I got an iPad 1g wifi+3g 64g it had 4.3.5 firmware.
Windows 7 (64bit)
I downloaded redsnow 0.9.8b4 and iOS 4.3.4 & 4.3.5 and jailbroke using the 4.3.4 firmware method. It work fine and I had been using it for a few weeks. I wanted to use wifi-sync but found that I needed to down grade iTunes from 10.4.1.10 to 10.0 inorder for it to work. So I downgraded iTunes to 10.0 I ended up not messing with wifi sync. I decided to try to downgrade firmware to 4.3.3 so I could have an untethered Jailbreak. I did tons of reading and searching google. I reinstalled 10.4.1.10 I downloaded iOS 4.3.3 with Internet Explorer and changed the file ext from .zip to .ipsw. I also downloaded a buch of .exe file that I would/might need.
List of files I downloaded:
ipsw files downloaded:
I then followed the downgrading "how-to that" on Redmondpie that said to change the host file.
This the host file that I used for this:
# Copyright (c) 1993-2009 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
# For example:
# 22.214.171.124 rhino.acme.com # source server
# 126.96.36.199 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
I got an iTunes error code of 21. After searching on Google I found something about adding another server id to the host file (188.8.131.52 gs.apple.com) I tried with the # in front of it and with out the # no luck.
Got code 3194 this time. Found that I needed to have tinyunmbrellas TSS server running. Did that. Still got error 3194 tried rebooting computer and a few other random "fixes" that didn't work. I eventually changed the host file back to origninal and did a full iTunes restore to their current iOS 4.3.5. Jailbroke with redsn0w and saved shsh blobs in Tinyumbrellas. Tried downgrade again with TSS server running. Eventually I got it to work sort of. I think iTunes downgraded it because it showed it as working normal on iTunes and showed the current firmware as 4.3.3. but iPad was stuck in recovery mode. I went back to Google and tried a couple of things to fix it and finnaly kicked it out of recovery mode but now it had a blank screen! I then tried to restore again through iTunes useing the same iOS 4.3.3 but after that it no longer showed it was connected and working normal. I tried it multiple time in different ways that I found on google that said it would fix it. Each time I tried it I got an error code. Each time the code was one of these 3194, 20, 1600, 1601, 20. I then used iREB to put it into pwned dfu mode and tried to restore to 4.3.3 with itunes like it was a custom firmware. It sort of worked. I was no longer getting itunes errors but it still had a blank screen! I tryed to fix this using different fixes I found on Google. Still blank screen and not sure which mode its in. Last thing I have tried was iTunes restore with host file changed and selecting firmware 4.3.3. while running tinyumbrellas TSS server. Got Error code 1600 and blank screen! I dont know what else to try. Maybe I didn't do something exactly right. PLEASE HELP
Last edited by zeroweaver; 09-21-2011 at 11:31 AM.
09-21-2011 10:57 AM
As this is about a jail broken iPad I have moved this to the hacking forum.
The very first - and most important question - for you is: Do you have saved SHSH blobs for iOS version 4.3.3? I did not see you mention those blobs...
If you do not have the blobs, then the only thing you can do is put 4.3.5 back on it and go back to the tethered jailbreak.
If you do have them, restore the iPad using them and then you can jailbreak that version.
Let us know how you're getting on.
Space Gray 32GB WiFi-only iPad Air & Black 32GB iPhone 5 (both jailbroken on iOS 7.0.4 w/evasi0n7)
* * * PLEASE READ * * * Forum Rules * * * Hacking Section Rules * * * PLEASE READ * * *
After much trial and error and more research I found out that because Apple stopped "signing" 4.3.3 I would have to have saved the singed 4.3.3 shsh blobs. I never had 4.3.3 so I dont have them. Which means no downgrading possible for 4.3.5 so I just restored factory ios and did tethered jailbreak with redsn0w. I guess I have to wait for iOS 5 to be released and hope someone finds a way to do an untethered jailbreak for that.
Good job. And yes, you are correct.
The dev team has already found some untethered jailbreaks for iOS 5 they are just waiting for the GM so apple can't patch them before everyone gets it.
I was reading something about a bootrom exploit that involves tricking the bootrom into thinking some kind of image size is larger than it is and so somehow rewrites a small portion of the "read only" boot file in effect allowing permanent untethered jailbreaking and the use of non-signed iOS(which means being able to downgrade to a non-signed iOS with out using saved signed blobs)? Dev team called it SHAtter but hasn't officially released it yet. One of the Dev team guys explained a little about it at the MyGreatFest convention back on the 17th.
Anybody know any details about that exploit?
I've never heard about it.
Sounds pretty beta to me.
From what I understand, you've got some fact and fiction mixed up in there based on what p0sixninja explained at MGF. He made the explanation only as an educational excercise on how an exploit works. He was not announcing some new exploit features.
Originally Posted by zeroweaver
SHAtter was an exploit that allowed unsigned code execution from a flaw in the bootrom of A4 based devices. There was much chatter about it a long time ago before we got the limera1n exploit for GeoHot, which he released at the very last minute to preserve SHAtter from being discovered by Apple as they were already aware of the limera1n problem and were certainly going to patch it in the A5. The idea was maybe they would not patch SHAtter. Unfortunately, they did discover it too and it was also patched in the A5. Therefore, SHAtter, whilst perfectly viable, was never used or released in a public jailbreak because limera1n did the same job perfectly well and was released first.
Where you move into realms of fiction is that it somehow permanently untethers and allows the use of non-signed IOS without blobs. It does not. It is simply a boot time door to deploy a payload in the same way limera1n works for tools like redsn0w, sn0wbreeze, and pwnage (which all use the limera1n exploit). These tools could be recoded to use SHAtter and perform the same function, but you would not magically get permanent untethers or SHSH Blob bypassing. It cannot re-write a read-only file. What it does is corrupt the run-time copy of it which is used to boot the device, however this run-time copy is always loaded from the read-only bootrom every time the device restarts.
If any of those additional things you suggested were possible then SHAtter would have been progressed and released a long time ago. I'm afraid it just doesn't work like that
As things stand it is likely that we will not see anything released using SHAtter as it is just too much of a slog for whoever does it for very little reward, since limera1n does the same thing and is proven to work.
Hope that clarifies.
Last edited by f4780y; 09-24-2011 at 03:19 AM.
15" MacBookPro with Retina Display 16GB 3.4GHz i7 256GB | iPad4 WiFi 32GB 6.1.2 (evasi0n) | iPad3 4G 64GB 6.1.2 (evasi0n) | iPad2 3G 64GB 5.1.1 (redsn0w) | iPad1 3G 64GB 4.3.3 (jbme) |
iPhone5 32GB 6.1.2 (evasi0n) | iPhone4S 64GB 5.1.1 (absinthe) | iPhone4 32GB 7.0b2 (stock) | iPhone3G 16GB 3.1.3 (jbme) | iPod Classic 6G 160GB (stock) | AppleTV 2G 5.0.2 (seas0npass)
Please review the hacking section rules and our main rules before posting!
Does anyone know if there might be an untethered jailbreak for 4.3.5 after iOS5 5 is released?
Last edited by zeroweaver; 09-25-2011 at 06:10 PM.
By miguels in forum iPad Help
Last Post: 06-07-2011, 07:55 AM
By Dr c in forum iPad Help
Last Post: 05-20-2011, 10:17 PM
By estiller in forum iPad Help
Last Post: 03-16-2011, 09:33 PM
By 4phun in forum iPad Help
Last Post: 10-06-2010, 09:34 AM
By Philippe in forum iPad Hacking
Last Post: 09-16-2010, 10:53 AM
Search tags for this page
1g ipod frozen -touch
i pad frozen in camera mode
ipad frozen in camera mode
ipad frozen in recovery mode
ipad frozen tried everything
iphone 3gs origninal ipsw download link
permanently frozen ipad 1
rewriting ipad firmware with dfu mode
Click on a term to search for related topics.