• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • iOS 6.1.2 Lockscreen Exploit Found - Not the Good One Either


    It appears yet another lockscreen iOS 6.1 security bug has been discovered which gives a potential hacker/terrible friend access to contacts, photos and a whole lot more. This exploit is much like the previous bug Apple fixed, however it apparently gives access to more user data when the phone is plugged into a computer. The original lockscreen bug found on iOS 6.1 did not allow the same access.

    A few hours ago we posted about how iOS 6.1.3 will indeed patch the jailbreak exploit; it is assumed iOS 6.1.3 will also fix this security bug. It's almost too perfect for Apple - they waited to fix this bug until they could also patch the jailbreak, thus making many users consider the update. I however will not.

    While we do not encourage anyone to use this exploit for terrible reasons, here is a breakdown of how it works.

    1. Ensure there is a passcode enabled (obvious) and then lock your device by pressing the sleep / wake button.
    2. Wake the device by tapping the home or sleep button.
    3. Tap the Emergency Call button on the virtual keyboard.
    4. Dial 911 or another emergency call number like 110 or 112 and then IMMEDIATELY hang up the call.
    5. With the call canceled, hit the sleep / wake button to once again put your device in sleep mode, wake it up and then Slide To Unlock.
    6. Now the trickiest part, hold down the sleep / wake button for about 3 seconds and just before the Slide To Power Off window appears tap the Emergency Call Button (while still keep your finger on the sleep / wake button).
    7. Keep holding the sleep / wake button and you have gained access to the phone app and if plugged in via USB all personal information.
    This article was originally published in forum thread: iOS 6.1.2 Lockscreen Exploit Found - Not the Good One Either started by nickhesson View original post
    Comments 33 Comments
    1. Silverado1987's Avatar
      Silverado1987 -
      Sooooo you just gave everyone a tutorial on how to access someone's iPhone?
      Regardless. Probably better if it weren't there
    1. rvance's Avatar
      rvance -
      Quote Originally Posted by Silverado1987 View Post
      Sooooo you just gave everyone a tutorial on how to access someone's iPhone?
      Regardless. Probably better if it weren't there
      Exactly!!! You can keep that to yourself. I mean unless your a damn super geek, who the hell is going to do that to get in the phone?! Some of the these topics are just too funny:-D
    1. Carvensno's Avatar
      Carvensno -
      Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!
    1. Silverado1987's Avatar
      Silverado1987 -
      Quote Originally Posted by Carvensno View Post
      Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!
      I know right. Who went through so many combinations as far as to call 911 and hang up like wtf lol
    1. exNavy's Avatar
      exNavy -
      Stupid. Calling 911 and hanging up gets a cop at your door to make sure you are ok. Speaking as a former dispatcher I can locate the exact house you are in.
    1. vinaygoel2000's Avatar
      vinaygoel2000 -
      I wouldn't even know what to do if I had someone's SSN.
    1. steve-z17's Avatar
      steve-z17 -
      Quote Originally Posted by Carvensno View Post
      Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!
      Lol! That's what I want to know! Who sat around diddling on their phone pushing all these buttons in that sequence?!? Sounds like a bit of work to get into someone's phone to get some pics or contacts...but that's just me!
    1. iM1sf1t's Avatar
      iM1sf1t -
      In doing this, you cancel the call before it actually sends the call so there is no call to 911 that can be traced... Also, I doubt that anyone sat around trying combinations long enough to find something that would work like this. Most exploits found in an operating system have corresponding input commands that replicate the vulnerability on the device... Unless I've just been imagining things.
    1. Outrager's Avatar
      Outrager -
      Quote Originally Posted by exNavy View Post
      Stupid. Calling 911 and hanging up gets a cop at your door to make sure you are ok. Speaking as a former dispatcher I can locate the exact house you are in.
      Since it's a cellphone, couldn't you do it in a public area then just walk away when you're finished? It seems to only take a few minutes. You can use a laptop as the PC you connect to. Then just copy everything while on the go. Will the police continue tracking someone on the move?
    1. pakitos's Avatar
      pakitos -
      Quote Originally Posted by Outrager View Post
      Since it's a cellphone, couldn't you do it in a public area then just walk away when you're finished? It seems to only take a few minutes. You can use a laptop as the PC you connect to. Then just copy everything while on the go. Will the police continue tracking someone on the move?
      Arent your phone numbers over there registered under your names?
    1. Outrager's Avatar
      Outrager -
      Quote Originally Posted by pakitos View Post
      Arent your phone numbers over there registered under your names?
      I assume someone doing this isn't trying to break into their own phone. That's just silly. It would be someone else's phone and they have no phone to get contacted on.
    1. drgonz0's Avatar
      drgonz0 -
      Anyone with a jailbroken iPhone can install 'disableEmergency' from the cydia store. It's free and allows you to disable the emergency dial function from the iphone. In an emergency you could technically still use siri. This technically should protect you from this vulnerability.

      Quote Originally Posted by Carvensno View Post
      Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!
      If someone with ill intentions got ahold of the right phone. There's a profitable upside to this. It's a big risk.
    1. Jahooba's Avatar
      Jahooba -
      It's almost too perfect for Apple - they waited to fix this bug until they could also patch the jailbreak, thus making many users consider the update.
      That's interesting - you think Apple is intentionally creating security holes in order to dissuade jailbreakers?

      Regardless, if Apple ever wants to add RFID "virtual wallet" payments to the iPhone, they'll have to make the lockscreen far more secure.

      This bug probably isn't in my iPod Touch - there's no phone!
    1. sheon's Avatar
      sheon -
      im still on 6.1 been to lazy to update but thanks for this info i installed disableemergency so no more worries now all they need to do is make a way to diable dfu mode so if anyone steals the iPhone its useless unless u know the password
    1. stolenpentium's Avatar
      stolenpentium -
      Quote Originally Posted by sheon View Post
      im still on 6.1 been to lazy to update but thanks for this info i installed disableemergency so no more worries now all they need to do is make a way to diable dfu mode so if anyone steals the iPhone its useless unless u know the password
      Watch what you wish for
    1. pakitos's Avatar
      pakitos -
      I dont think theres a way to disable DFU mode.
    1. radioBirdman's Avatar
      radioBirdman -
      My phone is either in my pocket, in my/my kid's hand or on my desk (work & home) pretty much all the time. I don't even run a passcode.
      And I'd like to think if I lost my phone it might be returned by someone accessing my contacts and calling an obvious number like "me (work)" or "Mum" or something. If it's locked, whoever finds it can't do that.
    1. mirilopr's Avatar
      mirilopr -
      Quote Originally Posted by radioBirdman View Post
      My phone is either in my pocket, in my/my kid's hand or on my desk (work & home) pretty much all the time. I don't even run a passcode.
      And I'd like to think if I lost my phone it might be returned by someone accessing my contacts and calling an obvious number like "me (work)" or "Mum" or something. If it's locked, whoever finds it can't do that.
      Ja. That might be true of old times, when a cellphone was only good for calling or texting. But an someone returning an iphone??? Long chance...
    1. WithinTemptationFan's Avatar
      WithinTemptationFan -
      If you lose your iPhone in a public area,you can kiss that phone goodbye because I highly doubt the person who finds it and takes it will return it to you. It's messed, but that's how it is now.
    1. baskie's Avatar
      baskie -
      So MMi, you don't even let certain words get mentioned on your forum, words relating to piracy apps, yet your happy to publish tutorials on how to hack into someones phones?

      Very messed up values.