The unofficial version of PwnageTool for iOS 4.1 on iPhone 3GS has been released. It can jailbreak iPhone 3GS (with old bootrom only) using iOS 4.1 custom firmware.

For those of you who don’t know, PwnageTool for Mac enables iPhone users to upgrade to the new firmware without upgrading the baseband, hence making it possible to jailbreak and unlock the phone using the Ultrasn0w software. This version of PwnageTool unfortunately doesn’t support hacktivation, so you will have to either use officially supported SIM, or the phonebook SIM card method to activate the phone before unlocking it with Ultrasn0w.

Follow the instructions below to jailbreak iPhone 3GS (old bootrom) on iOS 4.1 with PwnageTool.

Step 1: Download and install the latest version of iTunes.

Step 2: Now start iTunes and sync your iPhone with your PC or Mac so that it backs-up all your important data including settings, apps, music, contacts and photos.

Step 3: Download PwnageTool and the original iOS 4.1 for your version of iPhone. Move all these files to your desktop.

Step 4: Start PwnageTool and select your device:

Step 5: PwnageTool will now automatically detect the correct firmware for your device as shown in the screenshot below:

Step 6: Click on “No” when PwnageTool asks you “Do you have an iPhone contract that would activate normally through iTunes?”:

Clicking on “Yes” will update your baseband to the latest version. Click on “Yes” only if you are on an officially supported carrier like AT&T.

Step 7: PwnageTool will now create the custom .ipsw file for your iPhone which will be jailbroken.

Step 8: While creating the custom firmware, PwnageTool will ask you to authenticate your account on Mac, ignore this prompt for now and install iOS4.1Jailbreaker installer package which is included in the .zip file you downloaded in Step 3 above. Once this has package has been installed, go back to the PwnageTool password prompt which you previously ignored and enter your password so that PwnageTool completes the custom firmware building process.

The following “ihaz Success” screen will confirm that the requested .ipsw file has been created successfully.

Step 9: You will now have to restore your iPhone to this custom firmware 4.1 file. Start iTunes, click on your phone icon from the sidebar in iTunes. Now press and hold left “alt” button (“Shift” button on Windows) on the keyboard and then click on “Restore” (Not “Update” or “Check for Update”) button in the iTunes and then release the “Shift” button.

This will make iTunes prompt you to select the location for your custom firmware 4.1 file. Select the required custom .ipsw file and click on “Open”.

Step 10: Now sit back and enjoy as iTunes does the rest for you. This will involve a series of automated steps. Be patient at this stage and don’t do anything silly. Just wait while iTunes installs the new firmware 4.1 on your iPhone. Your iPhone screen at this point will be showing a progress bar indicating installation progress. After the installation is done, iPhone will restart automatically and you should now have a fully jailbroken iPhone running on iOS 4.1.

NOTE: If iTunes throws 1004 or 1015 error at you. This is normal, just ignore this error as the firmware has already been successfully installed on the device. But your iPhone at this point will be stuck in Recovery Mode, showing that “Connect to iTunes” screen.

To exit your device from Recovery Mode, download this program called TinyUmbrella (Windows / Mac). Run it and the click on “Kick Device Out of Recovery” button. Your device will now restart normally.

In case the Cydia icon on the homescreen is in white with no repositories added, simply add http://apt.saurik.com/cydia-3.7 repo in Cydia to get going! If Safari crashes, add http://repo.woowiz.net repository and install Safarifix.

How to: Unlock iOS 4.1 Any Baseband (Pre-Activation with Original SIM, or phonebook SIM card is required):
Follow the complete step by step guide posted here to unlock iPhone 3GS and iPhone 3G, on iOS 4.1, on any baseband using Ultrasn0w 1.1-1.

Step 11: Once you are done with the unlocking and jailbreak process. You can now restore all your settings, apps, music, contacts and photos to the newly installed firmware version 4.1 by restoring the backup that you made in Step 2 from iTunes.

Disclaimer: Since this is an unofficial release, I wont recommend using it as it may have bugs that in some cases might result in malfunctioning of your iPhone. This guide is for testing & educational purposes only. Follow it on your own risk. I’m not responsible for any loss of important data or malfunctioning of your iPhone.

Download iTunes 10 for Windows and Mac OS X
Download iOS 4.1 for iPhone 3GS (Final Version)