This version of the application is written in Python, which is used to crack the restriction passcode of an iPhone/iPad takes advantage of a flaw in unencrypted backups allowing the hash and salt to be discovered.
DEPENDENCIES
This has been tested with Python 2.7 and Python 3.6
Requires Passlib Install with
pip install passlib
Usage
usage: iOSCrack.py [-h] [-a] [-c] [-b folder] [-t]
a script to crack the restriction passcode of an iDevice
optional arguments:
-h, --help show this help message and exit
-a, --automatically automatically finds and cracks hashes
-c, --cli prompts user for input
-b folder, --backup folder
where backups are located
-t, --test runs unittest
How to Use
- Clone repository
git clone https://github.com/thehappydinoa/iOSRestrictionBruteForce && cd iOSRestrictionBruteForce
- Make sure to use iTunes or libimobiledevice to backup the iOS device to computer
- Run
ioscrack.py
with the auto optionpython ioscrack.py -a
How to Test
Run
ioscrack.py
with the test option python ioscrack.py -t
How It Works
Done by using the pbkdf2 hash with the Passlib python module
- Trys the top 20 four-digit pins
- Trys birthdays between 1900-2017
- Brute force pins from 1 to 9999
- Adds successful pins to local database
How to Protect Against
- Encrpyt backups
- Backup only on trusted computers