ATV2 5.2.1 downgrade & JB method - last resort - tethered boot - no shsh blobs required - confirmed for windows

Legacy Seas0nPass
1

I am posting this based on 5 days of frustration I have personally experienced after the 5.2.1 release, and thanks to this community’s help, was successfully able to jailbreak my atv2 after I accidentally upgraded to 5.2.1. UPDATE:  Confirmed works with latest 5.3 release from other users, however the current Seas0nPass (not the one in this post) will JB 5.3 to a tethered JB.  However this is still valid if you desire a release with less overhead.

Want to give special thanks to dknIght who stuck with me, as well as AppleTVGuru, and probably several others who provided them this info prior.

If the moderator wishes to remove this post.  Understand.

Before you chose this route, best to check AppleTVGuru’s post to see if you have untethered shsh blobs shared by chance on the Cydia or iFaith servers.  To know if it’s a tethered or untethered release, you can read it on the firecore sticky here:

http://forum.firecore.com/topic/3418

The method in the post below is better because you’ll most likely have a newer version of iOS, and you can have an untethered boot.

http://forum.firecore.com/topic/10083

Highly recommend if you can get this to work with the above post, you stop here.

If this doesn’t work, or you jailbroke your ATV2 before using a tethered boot (Like I did) and it no longer works.  This method should work for you.
Again this is a last resort, if you absolutely want a JB ATV2 you’ll have prior firmware version and always have to tethered boot (at least until a new seasonpass is released).

As always, nothing is guaranteed, so use this at your own risk.

What you need:

Steps:

  1. Download all the required programs above.  The presigned 4.4.2 ipsw will take awhile, unless you have "premium" with slingfile.    So requires some time. (Don't forget to extract the 4.4.2 ipsw from the rar file somewhere easy to find for later.)
  2. Open the version of Seas0nPass, and RIGHT click the "create IPSW", and select the 4.4.2 release. Let it run and repack the IPSW.  (UPDATE:  Apparently letting Seas0nPass finish and iTunes error out is necessary to assure the tethered boot selection is available.  As it causes no harm in the procedure - changing it to reflect this.  Credit: cullenj76)  Let it run and finish with an iTunes error of 3194, then you exit out of iTunes, and close Seas0nPass as well.  All we needed here was to completely generate the 4.4.2 ipsw through Seas0nPass so it will generate the files necessary for the tethered boot later.  NOTE: this will not work with current Seas0nPass versions, it's critical that you download this version. Current versions of SP will ask to plug in the ATV2 before it starts creating the ipsw.  This way it creates it without even needing to plug in your ATV2.
  3. Start iFaith, and selected pwned DFU mode
  4. Connect your ATV2, and allow it to use iREB to put it into a DFU state for iTunes
  5. Once iTunes launches (you can also launches manually), hit and hold shift while you hit "restore"
  6. Select the signed 4.4.2 ipsw you downloaded above - called 00000XXXXXXXXXX_iFaith_Apple_TV_2-4.4.2 (9A336a)_signed.ipsw or similar.  NOTE:  Do NOT pick the IPSW that Seas0nPass generated in step 2, only dknlght's version.
  7. iTunes will restore the firmware onto the device.  (NOTE:  You may find that you need to attempt this more than once, and if you do, disconnect, close everything and start over again from step 3)
  8. iTunes will most likely finish with a Error: 1600.   This is ok.  Be sure however that the firmware did install, and you reached the final validation phase.  If not, try it again.  The error does not mean it will not work.
  9. Disconnect ATV2 from the USB cable.  Close everything.
  10. Open the version of Seas0nPass, and RIGHT click the "tethered boot", and select the 4.4.2 release.  Follow the instructions on the main firecore page here for tethered install: http://support.firecore.com/entries/387605-Jailbreaking-101-Seas0nPass
  11. You should now have a full jailbroken ATV2 running 4.4.2!

Overall make take several attemps at either the iTunes restore step or the Seas0nPass tethered boot, but if you are persistent, you can make it work.

Will say again, no guarantees, but it did work for me even after being upgraded to 5.2.1.  Also cannot confirm this for Mac, since unaware of an equivalent for iFaith or sn0wbreeze to put into pwned DFU mode.

FAQ

Q:  I did everything and I can’t get the tethered boot to work, the apple tv keeps flashing.  What did I do wrong?

A:  You didn’t do the tethered boot correctly is the issue.
If you followed the firecore instructions and it didn’t work, most likely the ATV2 is already in DFU mode when you plug in the USB.  So here’s an alternate way.

  1. Turn on the sound on your PC, make sure it's loud enough so you hear beeps.  It makes chimes / noises each time it detects the ATV or it changes states.  It's very helpful in this process.
  2. Unplug everything.  Start up Seas0nPass, & RIGHT click "tethered boot", and select 4.4.2 release.  (NOTE:  MAKE SURE YOU SELECT 4.4.2, if you see 4.4.4 or another release, you created the wrong version in Step 2 in the ORIGINAL instructions, or you are not using the Seas0nPass you should have downloaded in the download section.   Start from beginning.)
  3. Plug in the USB cable into back of the ATV2.  Wait approximately 5 seconds... means can be 3 seconds, can be 7 or more.  The key here... did you notice a change in speed of the light flashing on the ATV?  Did you hear a noise on the PC like a beep or chime?  That means you go to the next step.
  4. Plug in the power to the ATV
  5. Now this is important.  Check your computer.  Is Seas0nPass saying "detected ATV in DFU mode" or something similar?  Is it ALREADY in the state it needs to do the tethered boot.  DO NOT hold the menu + play buttons... it's not necessary. Skip to step #7.  If the computer is still "waiting", hasn't beeped, or nothing is happening, go to the next step.
  6. Do the regular tethered boot process.  Hold the menu + play buttons on the silver atv remote.  Wait approximately 5 seconds for Seas0nPass to detect the ATV in DFU mode.
  7. Let Seas0nPass start the tethered boot process.  Wait until it says it successfully boot the ATV.   DO NOT wait too long after this is completed.  So don't walk away from your PC while it's working is a pro-tip.
  8. Unplug the USB cable from the back of the ATV.
  9. Plug in the HDMI cable
  10. Wait while the ATV flashes again, slowly while it finishes the boot.  After about 10-20 more seconds, you should see the ATV asking what language you want.  If you see this, you are good.

If none of this works, check the post #43 in this thread from sean781 for another way of writing up the same thing above. 
If you are still stuck vary the steps above in terms of timing, and when you hear beeps, etc.  You will get there and soon learn to “hear” your ATV when it’s ready and good to go.

If you are still stuck after all this, please mention which step you were on, and what exactly was happening so we can help recommend what to do, and perhaps update this FAQ.

Q:  I got it to work!  However, if reboot or turn-off my ATV2, do I always need to use Seas0nPass to tethered boot the ATV2 again?

A:  Yes.  The whole point of this post is if you have no alternatives:  No SHSH blobs from UNtethered releases, never done a jailbreak before, etc.  Tethered boots are a pain, although honestly they are rare once you get them going.  You should keep this release as an eternal  “last resort” if nothing else works with ATV2. 

Once FireCore, or others succeed to jailbreak the ATV2 in firmware 5.2.1 or versions thereafter, you should consider upgrading to those releases if they are UNtethered, meaning you don’t need to use Seas0nPass to boot anymore (check the very first link in this post to see what is tethered vs untethered).   Again, apple needs to be signing that release at the moment for it to work.  So be sure to check back to the firecore site regularily to know when that is done.  I myself will stay on 4.4.2 until another untethered release will come along, then I will upgrade it to no longer bother with tethering.

Q:  I get a “atv is not the correct version” from Seas0nPass.

A:  You get that error if you are using the newer versions of Seas0nPass because before it generates any IPSW, it asks you to first connect your ATV2 first.  If it does that, you are using the wrong version.  You need to only use the Seas0nPass from the download section of this post.  Make sure you are using that one, Seas0nPass will not require you to connect your ATV2 with this version, and it’s what you want.

Q: I go to the page where dknIght uploaded his ipsw, but I can’t find the link!  Which one do I click?

A: No one says it better than daryl2216…

Q: I followed everything and I keep getting iTunes error 3194, what did I do wrong?

A: Remember to pick dknlght’s pre-signed and JB IPSW 4.4.2 that you downloaded from the website and NOT the IPSW that Seas0nPass generates in step 2.  You will have 2 IPSWs on your machine for 4.4.2, and in fact if it really causes issues, you can delete the IPSW generated by Seas0nPass as you no longer will need it once you have the tethered boot option in it’s menu.

Q: Do you have this procedure as well for MacOS X?

A: Luckily I can dodge this question as FireCore released a tethered (like this one) beta release for 5.2.1.  So go to this link to find out how:  http://forum.firecore.com/topic/10239

This may become UNtethered, however time will tell.  And the beta is for Mac only.  Believe it will go to PC once they get it formally released.  However personally I will not go to 5.2.1 unless it becomes untethered.  No point for me to go from tethered (4.4.2) to tethered (5.2.1), and believe 4.4.2 has less overhead (read: size) so works well with XMBC and imagine as well with Firecore’s ATV.

Welcome to leave any questions, will help where I can.
(Again thanks to dknIght and AppleTVGuru for their support)

2

Hey,

I accidentally upgraded my new ATV 2 to 5.2.1 aswell.

I tried to follow your instructions but I have a couple of questions for clarification.

  1. When repacking the ispw in step 1, you say cancel. Should I cancel the install before I need to connect the ATV or let itunes run and generate the error.

  2. After I run Ifaith and open up ITUNES for the restore, i get a 3194 error that you mentioned in step 1, not 1600 like you mentioned. Also this error comes up during the ‘Verification’ phase of the ITUNES restore. I feel I have done something wrong along the way.

 

Thanks for your help

 

Any guidance 

3

It worked!!!

Hey I just realised that on step 6 I was choosing the wrong file, not the one I was supposed to download!!!

 

It worked!!! - You are a genius my man!!! I thought I had lost my Jailbreak options forever!!!

I cant thank you enough!!!

 

4

This worked because of DknIght’s help.  He is the real genius.  All I did was put it together.  Although I was very lucky that I found that old seasonpass version, that’s what got the tether to work!  DknIght was a patient guide. :)   

Very happy it worked for you!  Enjoy.

5

It work!! I think it worked…I got a FC logo on the bottom right corner. Now for a dumb question, what do i do now? Where can I get XBMC and all the channels??

6

Yes you are good!  Congrats!

What you’ll need to do to install xbmc is google on xbmc, and from google results page click on the “download” link subheading under xbmc, and select atv2 and firmware 4.x install.  Instructions are there.  You will have to install a ssh emulator to connect to your atv2 as root from your PC.

It is a command line install, and you may have to reboot (tethered boot like you did above) a couple times, and even repeat the command lines a couple times, but I found this release quite stable with xbmc 12.1.  In fact I think it is more stable than my 5.0 release.

Good luck.

7

Im getting issues at stage 7

After choosing the 4.4.2 ipsw file, iTunes says “extracting software” then fails at “Verifying Apple TV restore with Apple”. It then gives the error code 3194. Tried it loads yet still no joy - the firmware won’t install.

I know its tempremental but ive tried this 1000 times.

When I right click ‘Boot tethered’ through Seas0npass it does give me the 4.4.2 option & it says this installs sucessfully yet when I hook it up via HDMI, it’s still showing my old software

 

Anyone know where im going wrong?

8

I just realized I probably should update the procedure.  If you do have to install the 4.4.2 again, you’ll always need to start with iFaith first to get into a pwned DFU mode.  If you don’t, the ATV2 won’t be in a good state to recieve the firmware.

Are you using iFaith each time before you load the 4.4.2 ipsw with iTunes?

I’ll update the procedure too.

EDIT:

Also, which IPSW are you selecting?  You need to select the pre-signed 4.4.2 that you downloaded from dknIght, not the one that Seas0nPass generated.

9

Did you just make a whole guide to go to a tethered jailbreak? I really don’t get it

10

Yes.

As apple is no longer signing anything but 5.2.1, those who have blobs for UNtethered releases can simply use the method that AppleTVGuru provided to have a JB based on which firmware they have shsh blobs.

In my case, I had firmware 5.0, which was a tethered release, and I tried to upgrade to 5.2 literally 24 hours after apple stopped signing it.  Since sn0wbreeze (part of AppleTVGuru’s procedure) will ONLY create JB IPSWs for UNtethered releases… I was screwed.

So this post is for those who:

  1. Do not have untethered shsh blobs
  2. Never jailbroke their atv2 before
  3. Or who had a tethered JB before and accidentally fell into 5.2.1 like I did.

If you want to see everything done to get here, welcome to follow the original post I asked for help in this forum: http://forum.firecore.com/topic/10079

11

 

THANK YOU!!! Great write up, now to figure out how to get all the cool add ons!

12

I followed all your steps got to the 1600 error. But after I complete the tethered boot, nothing shows up on the TV. The ATV2 light just keeps blinking. What am I doing wrong?

13

can someone make a video on how to do this pls

am new on this

thanks

14

 

AFIJAYA - You got stuck on the same step that I did. I think what you are doing incorrectly is at Stage 7 is when you are restoring through ITUNES after using Ifaith, when you hold shift and click restore you are simply selecting the 4.4.2 restore that pops up in the window, that is the incorrect one, its path is My documents or something. YOU NEED TO SELECT THE ONE THAT YOU DOWNLOADED AT STEP 1 - IT WILL PROBABLY BE LOCATED IN  THE ‘DOWNLOADS’ FOLDER. That is the correct restore file.

If you choose this restore version instead - it should work - and you should get the 1600 error instead of the 3194 - I was stuck on this step for ages!!!

Good luck!

15

You are having trouble with the tethered boot - just try the tethered boot a couple of times - unplug everything, just put in the usb and try it like that. I had to do that a couple of times before it came to its senses

 

Good luck

16

This post is awesome for those who got accidentally updated, but FireCore must release new and latest Seas0nPass for the fix.

17

my apple tv is  5.2.1 

18

I’ve tried is so many times, as soon as I hook up the ATV2 via USB it runs some processes and then says Tether boot complete now safe to unplug usb, I dont even press the Play and Menu button it does it automatically.

 

Firecore says to plug the ATV2 via USB and wait for rapid flashing light then plug the power and then do the Play Menu for 7 seconds. That won’t work either. Tried both ways. Nothings working. Is it the Seasonpass thats giving me the issue.

19

you must do the restore it back to firmware 5.2.1 again and retry the process again. I think you were doing the seas0npass create ipsw while you using itune to shift + restore the signed firmware from Dknight. So I suggest you restore the atv2 again and redo the process over again.

20

When doing tethered boot you need power plugin and usb plugin, for best DFU menu+play/pause together for 9 seconds not only the 7 seconds. You must do the restored again and redo the process again. I did it in one shot for 5 atv2 from my friends.