Hacker Discovers Method to Brute Force Passcode of Any iPhone or iPad [Video]

Hacker Discovers Method to Brute Force Passcode of Any iPhone or iPad [Video]

Posted by · 15053 views · Translate

Matthew Hickey, a security researcher and hacker, has purportedly discovered a method to brute force the passcode of any up-to-date iPhone or iPad, reports ZDNet.

Normally, after ten incorrect passcode attempts, your iPhone will lock you out or wipe your device. Additionally, after six attempts a time delay is introduced to prevent rapid unlock attempts.

Hickey found a way around this. When an iPhone or iPad is plugged in and keyboard inputs are sent, an interrupt request is triggered which takes priority over everything else.

"Instead of sending passcodes one at a time and waiting, send them all in one go... If you send your brute-force attack in one long string of inputs, it'll process all of them, and bypass the erase data feature," says Hickey.

This can be done by enumerating each code from 0000 to 9999 in one string with no spaces. Since this doesn't give the software any breaks, the keyboard input routine takes priority over the data-erase feature. The attack only works after the device is booted up because there are more routines running.

It's unclear if this attack is similar to the one used by Grayshift's GrayKey box. Apple is introducing a new USB Restricted Mode with iOS 12 that will prevent use of the iPhone's USB connection if your iPhone hasn't been unlocked in the past hour. It's likely that feature is intended to reduce the window for attacks such as these; however, Grayshift claims it's already defeated the feature.

Hickey's attack is slow, taking about 3-5 seconds to try each passcode. It can also work on six digit passcodes but it could take weeks to complete.

Check out the attack demonstrated in the video below!

Update:
Hickey tweets that this hack may not be as good as it appears.

"It seems @i0n1c maybe right, the pins don't always goto the SEP in some instances (due to pocket dialing / overly fast inputs) so although it "looks" like pins are being tested they aren't always sent and so they don't count, the devices register less counts than visible @Apple"

Read More


t11chb - June 24, 2018 at 12:47am
10 tries and the phone gets wiped. Well mine does anyway.
joshman3000 - June 23, 2018 at 6:00am
I have know idea about what apple has done but I guess it wasn’t a mistake. Take your iPhone and enter the wrong password a butch of time. Apple has made the phone not lock out on you. Which makes sense because I hate when my daughter lock me out of my phone for 30 minute or more. The guy in the video maybe trying to brute force the phone but he doesn’t say a word till you hear his key strokes which is probable him putting in the right password. I’m guessing apple made it so that it a high number of wrong passwords before it locks out. I’m gonna try it on my iPad because my guess after you it that mark it a long wait before you can try again.
Recent