Tool Cracks Apple Device Passwords

Tuesday, March 17, 2015 @ 12:03 PM gHale

A tool used in the computer repair industry can help automate password exploitation on Apple devices, researchers said.

The IP-Box tool exploits CVE-2014-4451 to conduct unlimited password guesses against iOS devices on 8.1 and below for iPhones and iPads.

Phishers Target Apple Device Theft Victims
Espionage Plan Targets Apple’s iOS
Alter One Bit, Bypass Security
Microsoft: Control System Warning

A barrage of PINs end up entered by resetting the phone, which bypasses Apple’s limiters and settings to delete personal data. The vulnerability ended up patched.

MDSec researcher Dominic Chell used the tool to break into his iPhone 5s and succeeded after 10 attempts.

“This obviously has huge security implications and naturally it was something we wanted to investigate and validate,” Chell said in a blog post.

“Although we’re still analyzing the device it appears to be relatively simple in that it simulates the PIN entry over the USB connection and sequentially brute-forces every possible PIN combination,” he said.

Attacks against four-digit PINs take a maximum of 17 hours with each attempt taking about six seconds to complete. The total time could reduced greatly by understanding the most likely passwords a target user may pick, or by selecting a pre-defined option to test date of birth combinations.

The unit uses a light sensor held to the front screen of an iThing to detect when it unlocks, signaling the correct password.

Detective Cindy Murphy of the Madison, Wisconsin, Police department, which uses the tool to crack phones for “evidentiary purposes,” said iOS versions up to 8.1.2 could end up bypassed at a slower rate using a tweak that resets iDevices after four attempts. This move did require exposing the device battery.

Chell will test the unit on updated iDevices on the newly-released iOS version 8.2.

Leave a Reply

You must be logged in to post a comment.