How To Jailbreak iOS 4.3.1 Using Pwnage Tool


Yeah we know, posting about iOS 4.3.1 is too late now, as the Apple’s latest devices are running iOS 7 or above now and even devices with iOS 6.1 installed are forced to upgrade their device to iOS7. However, let me remind you that still a large number of population of Apple users use the  iOS 4.3 or below, since most of them haven’t upgraded their devices yet, also from iPhone 3G or 3Gs these devices didn’t even receive the update of iOS 5.

Today, instead of using Redsn0w, we will use Pwnage tool to Jailbreak iOS 4.3.1. This is tethered only and you’ll have to boot into Jailbroken state after every time you reboot. Supported iPhone 3GS and iPhone 4 and other some of the tools, we will be using a combination of PwnageTool 4.2, Universal Ramdisk Fixer and tetheredboot utility, to Jailbreak your device.



Now the Tutorial becomes a little complicated, follow the instructions till end and all will be well.

How To Jailbreak iOS 4.3.1:


  • Download the PwnageTool bundle and Extract the Zip file.
  • You’ll find a .bundle file in it, we will be using iPhone 4 bundle iPhone3,1_4.3.1_8G4.bundle, move that file to the desktop.
  • Download the Pwnage tool and Copy it to Applications directory then Right click and Show Package Contents.
  • Navigate to Contents/Resources/FirmwareBundles/ and Paste the  iPhone 4 bundle iPhone3,1_4.3.1_8G4.bundle file there.
  • Now Download the Ramdisk Fixer and Simply Install it. It is important, just do it.
  • Now Downlaod the iOS 4.3.1 and save it anywhere you can remember.
  • Start Pwnagetool in Export mode and Select your device.
  • Browse for the iOS 4.3.1 file and select it.
  • Now select Build to create a Custom Firmware.
  • Pwnage will then create a .ipsw custom firmware for you, which is Jailbroken.
  • Put your device into DFU mode using Pwnage tool:


  1. Hold Power and Home buttons for 10 seconds
  2. Now release the Power button but continue holding the Home button for 10 more seconds
  3. You device should now be in DFU mode
  • Once the Custom Firmware is built, Open iTunes and Press and Hold “alt” and Click on Restore.
  • Select the Custom Firmware file and Click on Open.
  • Now Sit Back and prepare yourself for another ride, while iTunes install the Custom Firmware on your device.
  • Now Download the and extract the Zip file.
  • Now change the extension of your Custom Firmware to Zip and extract that .zip file and copy kernelcache.release.n90 file, and then copy iBSS.n90ap.RELEASE.dfu files which are found under /Firmware/dfu/.
  • Move these both files to the newly created “tetheredboot” folder along with the tetheredboot file.
  • Now Turn off your device and start Terminal on OS X and run the following commands:


sudo -s

  • Enter your administrator password, then:


  • Now drag and drop in the terminal the tetheredboot file, then iBSS file and then kernelcache.release file.
  • You’ll see some cods running in terminal window, if it asks you to enter the DFU mode,do as what you did earlier.
  • Now wait for your device to reboot, once Terminal shows the Exiting libpois0n message, your device will be rebooted and booted with a Jailbreak tethered Mode.

Got a question/query or a suggestion? Drop it below.