How to Jailbreak iOS 4 on iPhone 3Gs [New Bootrom] with SHSH Blobs + Sn0wbreez 1.6.2

ih8sn0w has just released anew way to jailbreak iOS 4 [ newbootrom ] I figured making a tool would take a bit too long. So, i'm going to write up this tutorial.
It isn't recommended for regular users.

An iPhone 3G[S] -- new bootrom
3.1.2 SHSH blobs.
difrnt's iBSS grabber
Payload Pwner for the 3GS.
sn0wbreeze V1.6.2
iBooty
LibUSB (64-Bit users read carefully!!!)
3.1.2 3GS
iOS 4.0 3GS

Follow step by step :

STEP 1 : Grabbing your 3.1.2 iBSS file.

Pointing your hosts :

1 : If you have your shsh blobs saved on Cydia/Saurik's Method here

2 : If you have it saved with TinyUmbrella, then download the GUI here.
Restoring to grab the iBSS file.

3 : Place your device in DFU.

4 : Start up the iBSS/iBEC grabber.

5 : Put the save folder on a new folder on your desktop.

6 : Hit "Start Monitoring".

7 : Now go back to iTunes and do SHIFT + Restore. Then browse for your 3.1.2 IPSW. You will need to restore
to 3.1.2 in order to pwn 4.0.
-------

Saving your iBSS

1 : After Restoring, Go to the folder that you have specified to save your iBSS file.

2 : You will see folders like (Per**.tmp). Go into one of them, and you'll see a folder called "Firmware". Go there. Then go to the folder "dfu".

3 : Copy the iBSS file to a safe place, then you can remove the folder created by the iBSS Grabber.
------

STEP 2 : Creating custom 4.0 firmware.

Download sn0wbreeze and learn how to create your custom 4.0 ipsw from our posted here.

Ignore the warnings after browsing for the ipsw.
------

STEP 3 : Installing LibUSB for iRecovery

Run this mini tool to detect your O/S + Arch. -- Windows + Arch. Detector

WARNING : IF LIBUSB IS NOT INSTALLED PROPERLY, YOUR USB MIGHT NO LONGER WORK!

Windows XP Users download this installer -- LibUSB Installer
Windows Vista/7 users RUNNING 32-Bit:
Download the installer and run it in compatibility mode for Windows XP.
If you are a 64-Bit user, follow this tutorial -- LibUSB 64-Bit
Once LibUSB is installed iRecovery should be able to function now.

STEP 4 :

Download this easy tool here -- Payload Pwner for 3GS It will help you create the payloads.
SAVE THE PAYLOADS WHERE iBooty is.
-------

STEP 5:

Most of you know of the utility "iBooty" that I made for Aki_nG.

It will work as long as you place all of the correct files there.

1 : Download iBooty GUI here -- iBooty for 3GS and Extract it.

2 : Extract your Custom IPSW created by sn0wbreeze with 7-Zip or another un-archiver.

3 : Grab the kernelcache and bring it into the same folder as ibooty.
Also grab the iBEC from the folder "Firmware\dfu\iBEC.n88ap.RELEASE.dfu"

Rename your iBSS 3.1.2 signed to "ibss312.dfu"
Rename your Kernel 4.0-Custom to "kernel.40"
Rename your iBEC 4.0-Custom to "ibec40.dfu"

Your folder should look like this :

- iboot.payload <-- Created with Payload Pwner.
- exploitibss312 <-- Created with Payload Pwner.
- ibec40.dfu <-- Grabbed from Custom IPSW made by sn0wbreeze.
- irecovery.exe <-- Comes with iBooty.
- readline5.dll <-- Comes with iBooty.
- iBooty.exe <-- Comes with iBooty.
- ibss312.dfu <-- THIS NEEDS TO BE YOUR iBSS from the restore!
- kernel.40 <-- Grab from Custom IPSW made by sn0wbreeze.
- sn0w.img3 <-- Comes with iBooty.

STEP 6: Restoring to 4.0 + Booting

MAKE SURE YOU ARE ON 3.1.2 WHEN DOING THIS

1 : Run iBooty and Select "Prepare Device for Custom Firmware". Run the Process and if you see a snow flake, you can proceed!

2 : Now open iTunes and restore to the custom ipsw.

WHEN DONE, YOUR DEVICE WILL HAVE A BLACK SCREEN AND NOT BOOT! ITS IN A DFU LOOP [THIS IS NORMAL!]

STEP 7 : Booting

Just Re-Run iBooty and select "Boot It". If all goes well it will boot!

STEP 8 : Unliocking
if you have finished Jailbreak successfully you can now unlock your iOS 4 with Ultrasn0w 0.3.9 from our posted Here

[ Via ]