Winpwn 2.0 Guide

Here is a working winpwn 2.0 guide updated to include 2.0.1 firmware. Here is what you need:

1) Winpwn or newer.
2) iTunes 7.7 or newer.
3) Boot images for 3.9 and 4.6.
4) The proper restore file. Get your 2g restore image or 3g restore image.

Let’s get started.

Step 1: Install winpwn, iTunes, and extract your restore images and bootloaders to your desktop. Note: if you have a previous copy of winpwn installed, uninstall it before installing the new one.

Step 2: Connect your iPhone to your PC and load up winpwn. You will see this screen:

Step 3: Winpwn will not allow you to do anything without selecting a firmware image. So, click “Browse .ipsw” button and select your firmware image from your desktop. Note: winpwn will determine if you have an iPod, an iPhone 3g, or an iPhone 2g based off the firmware image you select and downloaded. So make sure you got the correct image. 2g and 3g iPhones have different firmwares!

Step 4: Next, we need to build the iPhone software image. Click “IPSW Builder” and you will be presented with some screens. Start on the Applications tab. On this screen you must select “Install Cydia”. If you need youtube patched then select also “YouTube activation fix”. You do not need to select this if you have a contract carrier such as AT&T. As far as installer goes, feel fee to select it if you want. But do not select installer instead of Cydia. Cydia has all the apps. Installer does not and installer is still very beta as of August 9, 2008 and contains virtually no packages to install. If you select installer, also select Cydia.

Step 5: Click the custom images tab. Here you can select custom boot images if you care to. This is optional.

Step 6: Click the custom payload tab. Here you can select some payloads in .tar format. At this time there are a couple built in payloads so there is nothing to do here. If you make your own payloads for packages you can select them here. So we are skipping this screen.

Step 7: Click Advanced tab. This is a critical tab. If you have a contract carrier such as AT&T you do not need to unlock. So you must make sure everything is unchecked here. Again, if you have a contract carrier, select nothing here! If you do not have a contract carrier, you will need to use this to configure activation and unlocking. Check activate phone, Enable Baseband Update, Unlock Baseband, Autodelete Click the two bootloader file buttons and browse for your 3.9 and 4.6 firmware we downloaded at the start of this guide. Your finished screen needs to look something like this:

Note: If you are activating here by checking the “activate iphone” you should also patch youtube on the first applications screen.

Step 8: Partition resizer. Here is the partition resizer screen. With the current version fo Winpwn, move this to 550 mb. The extra packages will fill the root partition before Cydia gets to run and move things about. Do not make it any larger though because Cydia moves your apps around properly to the larger partition so if you resize this larger here you are just losing space.

Step 9: Build the custom IPSW. Click “Build .ipsw” at the bottom of the window. Note: save your file to some place sensible so you can find it. The default location is going to be hard to find. Try your documents or your desktop. Winpwn will crank away and finally you will see the success box:

Step 10: Note: if you are currently pwned, (phone boots with custom logo still) you can skip to step 12 and restore with the image you just made. Doing this step will not hurt but is not required for you.

Back to the main screen, select iPwner. This will ask you to select your custom firmware we just built in step 8. So select that file.

You will get a success message and you are done with winpwn!

Step 11: Get your phone into DFU mode. You cannot use any tools to do this. It must be hardware DFU mode only done by pressing the buttons on your device. Use my guide here for the steps. This works on every device so keep trying if you are having problems.

Step 12: While in DFU mode, load iTunes 7.7, and restore using shift-restore. Load the custom firmware image we made. And after about 10-15 minutes you are done. If you are having problems with iTunes or getting errors consult my restore guide. Note: if your device was already pwned and you are just upgrading, you do not need DFU mode. Normal recovery mode may work fine. You should try either one and if you have problems try the other.


If you are getting errors in iTunes less than 20 you are not in DFU mode. Refer to my DFU guide.

If you are getting 160x errors (1600, 1601, 1602, 1604) you may have used the wrong firmware image for your device. Make sure you got the correct image for your 2g or 3g phone. They are not the same. For help on iTunes errors refer to my restore guide.

If you are using winpwn version earlier than you may see 160x errors.

If the last tab only lets you select activate, (step 7) you probably loaded the 3g firmware image. iPhone 3g cannot be unlocked at this time. If you have 2g, you loaded the wrong firmware image to start.

If you have no signal on a contract carrier (AT&T for example), you probably activated but did not unlock (checked the activate box on step 7). If you do not have a contract carrier, you need to unlock. Redo the steps again making sure not to make this mistake.

If your mail crashes after you sync your backup, use BossPrefs, more, fix user dir permissions.

If iTunes will not stop asking you if you want to restore your backup, see this.


