Downgrade Iphone 4 iOS 4.0.2 to 4.0.1 without SHSH Blobs

I have skimmed through all of the web looking for ways to downgrade iOS 4.0.2 to older iOS 4.0.1 firmware on your Iphone 4 3GS 3G without having SHSH blobs saved. Since many users didn’t have SHSH blobs to restore to older firmware 4.0.1 that had the “PDF Flaw” they cannot jailbreak their device. Those who want to downgrade can try this technique. However I must say , that this method has not been tried and tested by me , but you can give it a try to see if it works.

Steps to downgrade iOS 4.0.2 without SHSH Blobs :

  1. Download iOS 4.0.1 .ipsw firmware file
  2. Rename it to .zip and extract the .ipsw file using Winrar
  3. Now find the file named buildmanifest.plist and open using a text editor like Notepad
  4. Search and Replace all 8A306 with 8A400  using the shortcut function shown belowDowngrade iOS 4.0.2 to 4.0.1
  5. Now Download iOS 4.0.2 ipsw firmware files
  6. Open with Winrar , but don’t extract . Leave it open
  7. Now take the files from iOS 4.0.1 and put them in the zip archive of iOS 4.0.2 you just opened
  8. Next step is to Delete all files with extension .dmg having “002” at their name
  9. Now save the archive and rename it back to .ipsw (changes you made the at the time of extraction at step 2)
  10. Put your device in DFU Mode . Read DFU Tutorial
  11. Now open iTunes and restore the firmware

Read about : How to JailbreakMe Tutorial

Please let us know if this technique worked through your comments . Dont forget to Subscribe to our Jailbreak alerts to get more tutorials via email . You may join our Facebook Fan Page and share the word.

Update :

More than 17 users tried this method and posted their views. This method didn’t work for them on their Iphone 4 . I tried to find , if anyone was succesful with this method . Here is what i found on a blog [Firmware Umbrella Blogspot]

There is much discussion on many blogs about a potential means of downgrading iOS 4.0.2 to 4.0.1 by simply changing a couple values in the buildmanifest.plist and copying all of the images from 4.0.1 into 4.0.2 and then deleting the files ending with 002. Following all of this, perform a DFU restore and somehow you will be on 4.0.1.
There is a perfectly logical explanation for all of this and I will lay out exactly what is happening and explain why it is working for the folks that are the lucky ones.
Let me get this out first.

  1. This is not a miracle, at least not in the sense you all hope for
  2. SHSHs are STILL required for any iPhone 4, iPhone 3GS, iPad, iPod Touch 3G, and iPod Touch 2G (MC Model)
  3. There is NO way around this… unfortunately this method included.

Let me start by explaining something very important. The buildmanifest is used by iTunes to build much of the TSS request that is used to obtain your SHSH for any given firmware revision. Unfortunately, the BuildNumber has no part to play in the request for SHSH. All that you ended up doing in following these directions is request 4.0.1 SHSH blobs.THAT IS ALL. Since every single one of you that got this to work changed your hosts file to point to Cydia, Cydia responded to the TSS request with an SHSH blob that was ALREADY “on-file”. There was no magic. There was no miracle, apart from the lucky break that your device had been put on Cydia’s SHSH request list at some time in the distant past.
That’s it in a nutshell folks. There was no amazing technique for bypassing Apple’s TSS. There was no amazing exploit that exists in DFU mode allowing for 4.0.2 -> 4.0.1 downgrading. It’s simple; Cydia had your SHSH because at sometime in the past either:

  • Someone saved your SHSH with that device using TinyUmbrella and the default options
  • Someone restored that device with Cydia in the hosts pointing to gs.apple.com
  • Someone jailbroke the device and pressed ‘Make my life easier’

Unfortunately we have to wait for any future release from the Iphone Dev team. Subscribe to get Updates on this topic.

Recommended Reading :

PREVIOUS POST

NEXT POST