The developer behind NitoTV app for jailbroken 2nd-gen Apple TV has released an unofficial PwnageTool bundle which can jailbreak Apple TV 2G on the latest iOS 4.2.1 firmware with the existing version of PwnageTool. The only problem with this jailbreka tool is that it is limited to tethered-boot only for now, jsut like the other tools for any other 4.2.1 iOS device.
Before you proceed with the jailbreak, you will need the following:
- A MicroUSB cable
- iOS 4.2.1 for Apple TV
- PwnageTool 4.1.2 ( 4.1.3 is untested but could potentially work as well)
Step 1. Download PwnageTool, PwnageTool bundle for Apple TV iOS 4.2.1 firmware and Tetheredboot utility for Mac. Move PwnageTool to OS X’s Applications folder, and everything else into a new folder named “tethered” on the desktop.
Step 2. Open the Terminal app on Mac OS X. (if you don’t know where this is, you REALLY shouldn’t be doing this)
Step 3. Run the following commands (this will fail if you didn’t move files to the required folders as mentioned in Step 1)
unzip -j ~/Desktop/tethered/AppleTV2,1_4.2.1_8C154_Custom_Restore.ipsw
Firmware/dfu/iBSS.k66ap.RELEASE.dfu kernelcache.release.k66 -d ~/Desktop/tethered/
Step 6. Restore the Apple TV to the ~/Desktop/tethered/AppleTV2,1_4.2.1_8C154_Custom_Restore.ipsw firmware using iTunes. Note: Your Apple TV SHOULD be in DFU mode after finishing up with PwnageTool.
Step 7. Unplug and then replug the USB, after the Apple TV has finished starting up (will be blinking steadily), plug in the power cable.
Step 8. Run the following commands in Terminal:
d ~/desktop/tethered
./tetheredboot -i iBSS.k66ap.RELEASE.dfu -k kernelcache.release.k66
NOTE: It will loop a complaint re: DFU mode, just ignore this, once you are finished getting in DFU mode tethered boot will take over.
Step 9. Now manually put the Apple TV in DFU mode. (*DO NOT USE PWNAGETOOL*)
To enter DFU mode manually:
- Connect your Apple TV with your Computer via microUSB.
- Now reboot your Apple TV by holding down Menu + Down buttons together for around 6 seconds.
- After reboot, immediately hold Menu + Play until you see the message in iTunes saying that Apple TV in recovery mode is detected.
Successful output from tethered boot will look something similar to this:
Initializing libpois0n
No matching processes belonging to you were found
Waiting for device to enter DFU mode
Device must be in DFU mode to continue
opening device 05ac:1227…
Found device in DFU mode
Checking if device is compatible with this jailbreak
Checking the device type
Identified device as AppleTV2,1
Preparing to upload limera1n exploit
Resetting device counters
Sending chunk headers
Sending exploit payload
Sending fake data
libusb:error [darwin_transfer_status] transfer error: timed out
Exploit sent
Reconnecting to device
Waiting 2 seconds for the device to pop up…
opening device 05ac:1227…
Uploading iBSS.k66ap.RELEASE.dfu to device
[==================================================] 100.0%
libusb:error [darwin_reset_device] ResetDevice: device not responding
libusb:error [darwin_close] USBDeviceClose: no connection to an IOService
Waiting 10 seconds for the device to pop up…
opening device 05ac:1281…
Setting to configuration 1
Setting to interface 0:0
Uploading kernelcache.release.k66 to device
[==================================================] 100.0%
libusb:error [darwin_transfer_status] transfer error: device not responding (value = 0xe00002ed)
Step 10. If all went well, unplug USB and plug in HDMI and your Apple TV should be ready to go. You will need to repeat Steps 7-9 every time you restart your Apple TV, this isn’t a convenient process by any stretch!
Once you are done you can download you can download third party apps. If you want a proper jailbreaking tool then be patient and wait till they make one.