Page 1 of 2 12 LastLast
Results 1 to 20 of 34

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: iOS 6.1.2 Lockscreen Exploit Found - Not the Good One Either

  1. #1
    Default iOS 6.1.2 Lockscreen Exploit Found - Not the Good One Either


    It appears yet another lockscreen iOS 6.1 security bug has been discovered which gives a potential hacker/terrible friend access to contacts, photos and a whole lot more. This exploit is much like the previous bug Apple fixed, however it apparently gives access to more user data when the phone is plugged into a computer. The original lockscreen bug found on iOS 6.1 did not allow the same access.

    A few hours ago we posted about how iOS 6.1.3 will indeed patch the jailbreak exploit; it is assumed iOS 6.1.3 will also fix this security bug. It's almost too perfect for Apple - they waited to fix this bug until they could also patch the jailbreak, thus making many users consider the update. I however will not.

    While we do not encourage anyone to use this exploit for terrible reasons, here is a breakdown of how it works.


    1. Ensure there is a passcode enabled (obvious) and then lock your device by pressing the sleep / wake button.
    2. Wake the device by tapping the home or sleep button.
    3. Tap the Emergency Call button on the virtual keyboard.
    4. Dial 911 or another emergency call number like 110 or 112 and then IMMEDIATELY hang up the call.
    5. With the call canceled, hit the sleep / wake button to once again put your device in sleep mode, wake it up and then Slide To Unlock.
    6. Now the trickiest part, hold down the sleep / wake button for about 3 seconds and just before the Slide To Power Off window appears tap the Emergency Call Button (while still keep your finger on the sleep / wake button).
    7. Keep holding the sleep / wake button and you have gained access to the phone app and if plugged in via USB all personal information.


    UPDATE:
    Quote Originally Posted by drgonz0 View Post
    Anyone with a jailbroken iPhone can install 'disableEmergency' from the cydia store. It's free and allows you to disable the emergency dial function from the iphone. In an emergency you could technically still use siri. This technically should protect you from this vulnerability.
    Last edited by Nick Hesson; 02-25-2013 at 11:08 PM.

  2. The Following User Says Thank You to Nick Hesson For This Useful Post:

    Carnage122896 (02-26-2013)

  3. #2
    Sooooo you just gave everyone a tutorial on how to access someone's iPhone?
    Regardless. Probably better if it weren't there

  4. The Following 5 Users Say Thank You to Silverado1987 For This Useful Post:

    aidanharris (02-26-2013), Airwaves182 (02-25-2013), DQEight (02-26-2013), iH85CH001 (02-26-2013), radioBirdman (02-26-2013)

  5. #3
    iPhone? More like MyPhone rvance's Avatar
    Join Date
    Sep 2007
    Location
    Chicago, IL
    Posts
    106
    Thanks
    26
    Thanked 50 Times in 25 Posts

    Quote Originally Posted by Silverado1987 View Post
    Sooooo you just gave everyone a tutorial on how to access someone's iPhone?
    Regardless. Probably better if it weren't there
    Exactly!!! You can keep that to yourself. I mean unless your a damn super geek, who the hell is going to do that to get in the phone?! Some of the these topics are just too funny:-D

  6. #4
    Livin the iPhone Life Carvensno's Avatar
    Join Date
    Oct 2010
    Location
    Fresno, Calli
    Posts
    2,005
    Thanks
    2,642
    Thanked 1,743 Times in 749 Posts

    Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!

  7. #5
    Quote Originally Posted by Carvensno View Post
    Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!
    I know right. Who went through so many combinations as far as to call 911 and hang up like wtf lol

  8. #6
    Stupid. Calling 911 and hanging up gets a cop at your door to make sure you are ok. Speaking as a former dispatcher I can locate the exact house you are in.

  9. #7
    My iPhone is a Part of Me vinaygoel2000's Avatar
    Join Date
    Mar 2009
    Location
    Houston, TX
    Posts
    758
    Thanks
    399
    Thanked 78 Times in 62 Posts

    I wouldn't even know what to do if I had someone's SSN.

  10. #8
    Livin the iPhone Life steve-z17's Avatar
    Join Date
    Sep 2007
    Location
    Utah
    Posts
    2,266
    Thanks
    91
    Thanked 146 Times in 124 Posts

    Quote Originally Posted by Carvensno View Post
    Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!
    Lol! That's what I want to know! Who sat around diddling on their phone pushing all these buttons in that sequence?!? Sounds like a bit of work to get into someone's phone to get some pics or contacts...but that's just me!

  11. #9
    In doing this, you cancel the call before it actually sends the call so there is no call to 911 that can be traced... Also, I doubt that anyone sat around trying combinations long enough to find something that would work like this. Most exploits found in an operating system have corresponding input commands that replicate the vulnerability on the device... Unless I've just been imagining things.

  12. #10
    Quote Originally Posted by exNavy View Post
    Stupid. Calling 911 and hanging up gets a cop at your door to make sure you are ok. Speaking as a former dispatcher I can locate the exact house you are in.
    Since it's a cellphone, couldn't you do it in a public area then just walk away when you're finished? It seems to only take a few minutes. You can use a laptop as the PC you connect to. Then just copy everything while on the go. Will the police continue tracking someone on the move?

  13. #11
    Quote Originally Posted by Outrager View Post
    Since it's a cellphone, couldn't you do it in a public area then just walk away when you're finished? It seems to only take a few minutes. You can use a laptop as the PC you connect to. Then just copy everything while on the go. Will the police continue tracking someone on the move?
    Arent your phone numbers over there registered under your names?

  14. #12
    Quote Originally Posted by pakitos View Post
    Arent your phone numbers over there registered under your names?
    I assume someone doing this isn't trying to break into their own phone. That's just silly. It would be someone else's phone and they have no phone to get contacted on.

  15. #13
    Anyone with a jailbroken iPhone can install 'disableEmergency' from the cydia store. It's free and allows you to disable the emergency dial function from the iphone. In an emergency you could technically still use siri. This technically should protect you from this vulnerability.

    Quote Originally Posted by Carvensno View Post
    Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!
    If someone with ill intentions got ahold of the right phone. There's a profitable upside to this. It's a big risk.
    Last edited by drgonz0; 02-25-2013 at 10:25 PM.

  16. The Following 2 Users Say Thank You to drgonz0 For This Useful Post:

    Nick Hesson (02-25-2013), pakitos (02-26-2013)

  17. #14
    It's almost too perfect for Apple - they waited to fix this bug until they could also patch the jailbreak, thus making many users consider the update.
    That's interesting - you think Apple is intentionally creating security holes in order to dissuade jailbreakers?

    Regardless, if Apple ever wants to add RFID "virtual wallet" payments to the iPhone, they'll have to make the lockscreen far more secure.

    This bug probably isn't in my iPod Touch - there's no phone!

  18. #15
    im still on 6.1 been to lazy to update but thanks for this info i installed disableemergency so no more worries now all they need to do is make a way to diable dfu mode so if anyone steals the iPhone its useless unless u know the password

  19. #16
    iPhone? More like MyPhone
    Join Date
    Jun 2008
    Location
    Orlando
    Posts
    152
    Thanks
    49
    Thanked 20 Times in 16 Posts

    Quote Originally Posted by sheon View Post
    im still on 6.1 been to lazy to update but thanks for this info i installed disableemergency so no more worries now all they need to do is make a way to diable dfu mode so if anyone steals the iPhone its useless unless u know the password
    Watch what you wish for

  20. #17
    I dont think theres a way to disable DFU mode.

  21. #18
    My phone is either in my pocket, in my/my kid's hand or on my desk (work & home) pretty much all the time. I don't even run a passcode.
    And I'd like to think if I lost my phone it might be returned by someone accessing my contacts and calling an obvious number like "me (work)" or "Mum" or something. If it's locked, whoever finds it can't do that.

  22. #19
    iPhone? More like MyPhone mirilopr's Avatar
    Join Date
    Dec 2012
    Location
    Puerto Rico
    Posts
    213
    Thanks
    177
    Thanked 192 Times in 72 Posts

    Quote Originally Posted by radioBirdman View Post
    My phone is either in my pocket, in my/my kid's hand or on my desk (work & home) pretty much all the time. I don't even run a passcode.
    And I'd like to think if I lost my phone it might be returned by someone accessing my contacts and calling an obvious number like "me (work)" or "Mum" or something. If it's locked, whoever finds it can't do that.
    Ja. That might be true of old times, when a cellphone was only good for calling or texting. But an someone returning an iphone??? Long chance...

  23. #20
    iPhone? More like MyPhone WithinTemptationFan's Avatar
    Join Date
    Nov 2012
    Location
    "Anywhere But Home"...
    Posts
    169
    Thanks
    23
    Thanked 36 Times in 20 Posts

    If you lose your iPhone in a public area,you can kiss that phone goodbye because I highly doubt the person who finds it and takes it will return it to you. It's messed, but that's how it is now.

Page 1 of 2 12 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •