Security Researcher Discovers Method for Brute Forcing iPhone Passcode in iOS 11 [Updated]

by

A USB-based vulnerability that allows for the brute forcing of a passcode on an iOS device has been discovered by security researcher Matthew Hickey, reports ZDNet.

The method, which bypasses the 10-entry attempt that erases an iOS device when the setting is enabled, allows a hacker to plug an iPhone or iPad into a computer and send all passcodes, from 0000 to 9999, all at once, triggering an input routine that takes priority over anything else on the device. Hickey demos the hack in the video below.

"Instead of sending passcodes one at a time and waiting, send them all in one go," he said.

"If you send your brute-force attack in one long string of inputs, it'll process all of them, and bypass the erase data feature," he explained.

All that's required to use this brute force password cracking method is an iPhone or iPad that's turned on and locked and a Lightning cable, according to Hickey. It works on iOS devices up to iOS 11.3.

Hickey's iPhone cracking method takes between three and five seconds for each four-digit passcode, which means it's slow and not as advanced as other passcode cracking methods employed by companies like Grayshift, which makes the GrayKey box. For this method to guess a six-digit passcode, Hickey says it would take weeks.

Apple in iOS 12 is introducing a new USB Restricted Mode that may put a stop to the vulnerability that Hickey has discovered, as well as vulnerabilities exploited by tools like the GrayKey Box.


With USB Restricted Mode, enabled by default on iOS devices running iOS 12, USB access to an iPhone or iPad is cut off if it's been more than an hour since the device was last unlocked.

That means computers and other accessories can't be used to access a locked iPhone if it's been locked for over an hour, disabling access via a USB to Lightning cable.

Update: In a statement obtained by iMore, Apple says "the recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing."

Top Rated Comments

(View all)
Avatar
31 months ago
Up to iOS 11.3...
Opens settings > general > about > version
Sees 11.4, close settings and move on with life.
Score: 23 Votes (Like | Disagree)
Avatar
31 months ago

Interesting bug.

Maybe instead of just coming up with ideas, Apple needs to have a team who’s job is to try to break or break into every Apple device. They should be full time employed with their sole mission being to find and exploit every possible weakness.

Somehow you seem to think that an almost trillion dollar company doesn't do this. Fact of the matter is that everything has a vulnerability. It's just a matter of how practical the exploit actually is for it to be useful.
Score: 13 Votes (Like | Disagree)
Avatar
31 months ago

Testing and engineering design seem to have taken a backseat to thinness recently.

Great, this tired point again.

Apple has different employees who do different things. What you’re suggesting here is like asking a school custodian to take over a classroom from a teacher.
[doublepost=1529717755][/doublepost]

Up to iOS 11.3...
Opens settings > general > about > version
Sees 11.4, close settings and move on with life.

The iOS 11.4 security content notes ('https://support.apple.com/en-us/HT208848') don’t specify anything seemingly related to this bug.
Score: 9 Votes (Like | Disagree)
Avatar
31 months ago
Interesting bug.

Maybe instead of just coming up with ideas, Apple needs to have a team who’s job is to try to break or break into every Apple device. They should be full time employed with their sole mission being to find and exploit every possible weakness.
Score: 7 Votes (Like | Disagree)
Avatar
31 months ago
Testing and engineering design seem to have taken a backseat to thinness recently.

Between the root bug and ones like this, one wonders how many others are out there.
Score: 6 Votes (Like | Disagree)
Avatar
31 months ago
Get an alphanumeric passcode!

1 attempt takes 4 seconds, that means a 16 digit alphanumeric passcode with upper- and lower case, numbers, and two symbols will take up to 64^16=7,922816251e28 seconds which is in practice never. Unless you can run a dictionary attack or something.

With the brute force attempts an alphanumeric passcode is the only solution to stay safe.
[doublepost=1529735909][/doublepost]

3. Pops SIM out of tray

That is exactly why I want eSIM in the iPhone and passcode requirement when switching your phone off + auto restart after force shut down.
Score: 6 Votes (Like | Disagree)

Top Stories

New Photos Offer Better Look at iPhone 12 Color Options

Tuesday October 20, 2020 2:34 am PDT by
As we wait for the iPhone 12 review embargo to lift later today, more pictures are circulating of the devices in real-world lighting conditions, providing a better look at the different colors available. Leaker DuanRui has shared images on Twitter of the iPhone 12 in white, black, blue, green, and (PRODUCT)RED. The black and white colors are similar to the iPhone 11 colors, but the other...

iPhone 12 Pro in Graphite and iPhone 12 in Blue Shown Off in Unboxing Videos

Monday October 19, 2020 8:20 am PDT by
While the iPhone 12 Pro does not launch until Friday, we now have an early unboxing video of the device courtesy of Twitter account DuanRui, providing a closer look at the shiny new flat-edge design and sleek Graphite color option. Ben Geskin re-uploaded the unboxing video to YouTube, which we've embedded below: Geskin has also uploaded an unboxing video of the iPhone 12 in Blue: ...

Apple Releases iPadOS and iOS 14.1 With Multiple Bug Fixes Ahead of iPhone 12 Launch

Tuesday October 20, 2020 10:06 am PDT by
Apple today released iOS and iPadOS 14.1, the first major updates to the iOS and iPadOS 14 operating system updates that were released in September. iOS and iPadOS 14.1 come a week after Apple released the golden master versions of the updates to developers. The iOS 14.1 update can be downloaded for free and it is available on all eligible devices over-the-air in the Settings app. To access...

Watch: iPhone 12 and iPhone 12 Pro Unboxing Videos and First Impressions

Tuesday October 20, 2020 6:05 am PDT by
Apple's embargo has lifted for iPhone 12 and iPhone 12 Pro reviews. In addition to our detailed review roundups for each device, we've rounded up over a dozen unboxing videos and first impressions below. iPhone 12 in Blue on left and iPhone 12 Pro in Pacific Blue on right via Engadget Key new features of the iPhone 12 and iPhone 12 Pro include a flat-edge design, 5G support, a much faster A14 ...

Gold Version of iPhone 12 Pro Apparently Has a More Fingerprint Resistant Stainless Steel Frame

Tuesday October 20, 2020 11:56 am PDT by
iPhone 12 Pro reviews hit the web today, and one of the more interesting tidbits came from TechCrunch's Matthew Panzarino, who revealed that the Gold version of the device apparently has a more fingerprint resistant coating applied to the stainless steel frame. From his review:Most of the iPhone 12 Pro finishes still use a physical vapor deposition process for edge coating. But the new gold...

Photographer Austin Mann Tests the iPhone 12 Pro's Camera

Wednesday October 21, 2020 4:14 am PDT by
Travel photographer Austin Mann usually performs an in-depth review of new iPhone models to test their camera performance in real-world scenarios. To test Apple's new iPhone 12 Pro, Mann traveled to Glacier National Park, Montana. Mann focused on some of the biggest camera upgrades with the iPhone 12 Pro, including the upgraded Wide lens, Ultra Wide Night mode, and LiDAR autofocus, across a...

iPhone 12 Pro Max Has Smaller 3,687 mAh Battery According to Regulatory Filing

Tuesday October 20, 2020 8:48 pm PDT by
Apple's new iPhone 12 Pro Max is equipped with a 3,687 mAh battery, which is around 7% less capacity than the 3,969 mAh battery in the iPhone 11 Pro Max, according to a regulatory filing published by TENAA, the Chinese equivalent of the FCC. The regulatory filing, spotted by MacRumors, also lists the iPhone 12 Pro Max with 6GB of RAM as seen in benchmark results last week. Apple has filed ...

5G Drains iPhone 12 Battery 20% Faster Than 4G in Benchmark

Wednesday October 21, 2020 3:17 am PDT by
After the first reviews for the iPhone 12 and iPhone 12 Pro emerged yesterday, a new report by Tom's Guide reveals the extent of battery life reductions when using 5G. The report outlines a test wherein the iPhone surfs the web continuously at 150 nits of screen brightness, launching a new site every 30 seconds until the battery drains. Interestingly, the test was run on an iPhone 12 and...

Hands-On With Apple's iPhone 12 and 12 Pro MagSafe Cases

Tuesday October 20, 2020 1:33 pm PDT by
Apple's iPhone 12 and 12 Pro are launching this Friday, and ahead of that release date, Apple is shipping out various accessories like the MagSafe charger and MagSafe cases. Yesterday we took a look at the MagSafe charger, and today our MagSafe case came in the mail, so we thought we'd take another look at the charger to see how it works with the case and just how strong the case magnets are. S ...

Reliable Leaker Suggests AirTags 'Coming Soon' in Two Different Sizes

Tuesday October 20, 2020 1:53 am PDT by
Apple's rumored AirTags Bluetooth tracking devices could launch imminently and will be available in two size options, based on new tweets from cryptic-but-reliable leaker L0vetodream. In typical enigmatic style, the leaker first tweeted this morning that a "big one" and a "small one" are "coming soon," but withheld what they were referring to. However that was followed an hour later with the ...