Second Lock Screen Bypass in iOS 6.1 Documented

passcode_lock_keypadA second iOS 6.1 bug has been discovered that gives access to contacts, photos and more. The vulnerability uses a similar method as the one disclosed previously, though it apparently gives access to more user data when the phone is plugged into a computer.

It was originally posted on the Full Disclosure mailing list. Kaspersky's Threatpost:
Similar to the iPhone's passcode vulnerability, the exploit involves manipulating the phone’s screenshot function, its emergency call function and its power button. Users can make an emergency call (911 for example) on the phone and then cancel it while toggling the power on and off to get temporary access to the phone. A video posted by the group shows a user flipping through the phone’s voicemail list and contacts list while holding down the power button. From there an attacker could get the phone’s screen to turn black before it can be connected to a computer via a USB cord. The device’s photos, contacts and more “will be available directly from the device hard drive without the pin to access,” according to the advisory.

Apple was expected to fix the lock screen bug in iOS 6.1.2, but that small release fixed a different bug. Instead, it appears a fix for at least one of the lock screen vulnerabilities will be coming in iOS 6.1.3, currently in the hands of developers.

Update: As noted by iMore and The Next Web, this vulnerability will only allow file access if the device has previously been synced with the computer without a passcode. Plugging the passcode-protected device, even with the bug exploited, into a different computer will simply generate an error message.

Top Rated Comments

(View all)

Posted: 22 months ago

Apple priorities - stop innovation from jailbreak community then fix security issues :(


The exploits used by jailbreakers ARE security issues.
Rating: 25 Votes
Posted: 22 months ago
I really want to know how people just happen to stumble upon this stuff. It seems almost rediculous when you think about it.
Rating: 4 Votes
Posted: 22 months ago
I like how there's a small chance that the exploiter will call the police on themselves.
Rating: 4 Votes
Posted: 22 months ago
iOS 6 is such a s*** update.
Rating: 3 Votes
Posted: 22 months ago
These guys really have way too much time on their hands...
Rating: 3 Votes
Posted: 22 months ago



As for using Find my iPhone, we all know that is so easy to defeat, it isn't hard to defeat it and you are still giving hackers enough time to get your device, hack into and get your data.

The point is, Apple needs to step up and close these security holes. There is no defending Apple on this; regardless if other devices have security holes or not, we OWN Apple Devices, I could give a rats tail how easy it is to root an SIII when someone gets my iPhone.


I can tell from the underlined that you don't actually understand software development. Hackers? Really?

Find me one OS on the planet that doesn't have a security hole somewhere in it. This is a game of patch a hole, find 2 others. Software is not a cut and dry field.
Rating: 3 Votes
Posted: 22 months ago

When an iOS device that has been locked with a passcode is connect to a computer that it has never been connected to before, it will not let the computer access any information on the device. The device must be locked so that the passcode is needed to unlock it. Once you connect the device to a computer when it is unlocked, that computer becomes authorized to iOS to allow it to browse the device's contents. No third party utility can get around this lockout, neither can a computer's PTP access.


Thanks for the info!

-Kevin
Rating: 2 Votes
Posted: 22 months ago
If someone has gained physical access to my iDevice to attempt to exploit a security vulnerability, all of my other security practices have failed.
Rating: 2 Votes
Posted: 22 months ago

No, I lose my phone I boot up my machine, then trace it on icloud, and erase it if its in a location that I know isn't where I lost it.

Very simple.

If apple is failing at security lately, what does the SIII root access bug (now patched) say? I'd say root access is far more serious than access to my pictures and contacts...

Also, you're putting words in that user's mouth, and I'm sure he wouldn't appreciate it.


I didn't put words in anyones mouth, he said them. I am sure he is old enough to speak for himself and doesn't need you to speak for him....isn't that the same as putting words in his mouth? Double standard much?

Let us leave Android out of an iOS discussion for once, huh? Man, this site and its Android paranoia....every Apple fault has to be balanced with an Android fault for some reason.

As for using Find my iPhone, we all know that is so easy to defeat, it isn't hard to defeat it and you are still giving hackers enough time to get your device, hack into and get your data.

The point is, Apple needs to step up and close these security holes. There is no defending Apple on this; regardless if other devices have security holes or not, we OWN Apple Devices, I could give a rats tail how easy it is to root an SIII when someone gets my iPhone.
Rating: 2 Votes
Posted: 22 months ago

I can tell from the underlined that you don't actually understand software development. Hackers? Really?

Find me one OS on the planet that doesn't have a security hole somewhere in it. This is a game of patch a hole, find 2 others. Software is not a cut and dry field.


Never said I was a developer, never once, never tried to pretend to be. Okay, hackers, yes, someone that uses a subversive way to gain access to my device without my authority. They used a hack, back door, work around, does it REALLY MATTER what it's called?

You are avoiding the point, I know the game, that is not the point, the point is the Apple apologists that just say oh well, no big deal. No one ever said it was cut and dry, I didn't either, but two exploits inside a couple of weeks, one right after it has been patched is bad and needs to be fixed. That is all I said.

It has nothing to do with other OS having holes, does it, really? Does that make it better? Java has holes, it blows, does that somehow lesson the hole in iOS or make it any less concerning to iOS device users?

I will state my point again, in easy words for you to understand....This exploit and the recent exploit are concerning, Apple needs to step up and plug these holes as quickly as possible.

Period, end of my discussion with you.
Rating: 2 Votes

[ Read All Comments ]