NEWS
iOS 11Patches Bug is Used on Crack Open iPhone 7/ 7Plus Passcode
4706
2017-08-23
Posted by 3uTools

We’ve seen devices for brute-forcing phone passcodes before. This $500 box, demonstrated on video by YouTuber “EverythingApplePro”, uses an exploit in iOS 10.3.3 and iOS 11 beta to brute-force hack and bypass the Lock screen passcode of up to three iPhone 7/Plus handsets at a time—but it could take days to work, depending on the complexity of the passcode.


iOS 11Patches Bug is Used on Crack Open iPhone 7/ 7Plus Passcode


Normally, attacks like this are impractical due to a user-selectable setting that tells your iPhone or iPad to wipe all your data clean after ten unsuccessful passcode entries.


The box works by guessing the four-digit passcode that will unlock the iPhone. The problem here is that it can make those rapid guesses only for the first 10 minutes after the passcode is changed. If this 10-minute threshold is crossed, the process slows down greatly. So, for example, if the four-digit passcode of an iPhone has been changed just a few minutes back, this $500 box would take more than 3 days to unlock the phone. And if it’s a six digits passcode that was changed recently, it could end up taking more than a year to guess the correct combination.


 “They found a loophole in the data recovery state that allows you to use as many passcode attempts as you want,” the posted explained.



An attacker would still need to own the $500 device and have your phone in physically possession for days before exposing your passcode. Although older devices/iOS editions are not affected, we fully expect that Apple will soon release a fix to patch the vulnerability.


Apple has also confirmed to TechCrunch that the box will not work on iPhones running iOS 11 when the OS drops in September. Apple has already patched the ‘bug’ used by the box in iOS 11 beta 4. More specifically, the 10-minute window in which the box could rapidly guess the passcode has been patched. So while it might still work on iOS 11, the time taken by it to unlock an iPhone will be unrealistic.


Source: redsn0w


Related Articles
Apple Removes iCloud Activation Lock Status Tool From Website macOS High Sierra 10.13.2 Beta 4 Now Available Alibaba Pandora Lab Jailbreaks iOS 11.2 Successfully Apple Releases macOS Catalina With Find My, Screen Time, and No More iTunes Rumor: Apple Blocks Activation on iOS 9.0-9.3.5 Firmware Apple Still Signing iOS 11.3 Beta 5/6, Downgrade to It to Jailbreak Your iPhone iCloud Bypass Bug Discovered in iOS 11 iOS 10.3 Jailbreak / iOS 10.3.1 Jailbreak