Jump to content
cehov

[Local]Apple iCloud exploit, code injection bypass icloud, activate new iphone

By cehov, in Exploituri

Recommended Posts

nein Newbie

nein

Posted
Posted
The best page for bypass iCloud Activation Screan lock iPhone 4 and iPhone 5. It works for all tipes of iPhones 4 and 5. All you need to do is to follow the steps on the page. You will use your iPhone agen thanks to this softver. Good luck. I recomend visit this page Bypass iCloud Activation Lock iPhone , and use your iPhone now.

hahaha vrajala :)) !

albastrel Newbie

albastrel

Posted
Posted (edited)

@gokky123 Itunes need send packet SSL at apple for unlock phone... this method is fake, no need injection itunes... need SSL valid or container valid for unlock phone with itunes and libmobiledevice.dll! Or any solution(idea) is injection libmobiledevice and make one program at visualbasic which binds to libmobiledevice for send packet at apple like itunes.exe!

Edited by albastrel
hamducbuon Newbie

hamducbuon

Posted
Posted
@gokky123 Itunes need send packet SSL at apple for unlock phone... this method is fake, no need injection itunes... need SSL valid or container valid for unlock phone with itunes and libmobiledevice.dll! Or any solution(idea) is injection libmobiledevice and make one program at visualbasic which binds to libmobiledevice for send packet at apple like itunes.exe!

I have iphone 5s being icloud active, you know how to handle it?

gokky123 Newbie

gokky123

Posted
Posted
@gokky123 Itunes need send packet SSL at apple for unlock phone... this method is fake, no need injection itunes... need SSL valid or container valid for unlock phone with itunes and libmobiledevice.dll! Or any solution(idea) is injection libmobiledevice and make one program at visualbasic which binds to libmobiledevice for send packet at apple like itunes.exe!

This is just a theory. A good theory. Ruleswise it, if you understand this.

dataghost Newbie

dataghost

Posted
Posted

I believe an answer is to setup a SoftAP, hostapd or airbase-ng so no other traffic besides the ipad/iphone is connected. Use wireshark to capture the packets, either use wireshark or bittwist to decrypt to find the hash and crack the hash with hackhat, oclhastcat/cudahashcat or elcomsoft lighting hash crack to crack the hash.

TheGun Newbie

TheGun

Posted
Posted

Can you provide further explanation please, as no one was able to reproduce this exploit so far.

Two mains questions:

- how to catch & decrypt the hash. It is easy to use wireshark for all internet traffic but after finding the hashkey how to decrypt?

- and my noob question: how to inject the hex-key. I can only edit starting at position X but i don't unterstand the BOF and MOV-statements.

Maybe one can even upload the done exe&dll?

Thanks.

dataghost Newbie

dataghost

Posted
Posted
iTunes and iOS 7.x.x-8.x.2 code injection by #cehov RST

Platform: Local iTunes, iOS 7 to 8.1.2 remote: iOS

Affected: All Apple devices that run iTunes 12.1.0.71, all iPhones , all iPad's

Type: software injection, privilege escalation, software and hardware activation

Date of begin: 06 feb 2015

Status: Reported 09.02.2015, Unsolved, Tested and verified


Code to inject in iTunes.exe ans second iTunes.dll:
1.
BOF:256008X00321 SYMSTATUSREADY
MOV: 006100x00a123
2.
MOV 005432XUNACTIVATED 002345;
JUMP 0X23643;

Use what hex injector you want to inject the code

then unplug your apple device and restart iTunes

Choose Setup new iphone in iTunes and next

fast start wireshark and listen for a hash key

take the key and decrypt it with Hashcat, you will gain the iCloud acc. privileges.

Have fun RST !

are you using hexinjector with linux, or just a hex editor? Could you be a little more specific. please and thanks

jonathanleduc Newbie

jonathanleduc

Posted
Posted

Every single time I try to inject I get an error, to begin with the .exe file loses its icon, then it will say something like please contact the software company, reinstall etc. To make it easy and use just straight hex i used the online hex converter that was mentioned by dataghost on hackmac. I do the inject but I cant see to get it right, is the first part for .exe and the second part for the .dll, I am a little confused. Dataghost can you please re-post the Linux based tutorial back on hackmac I/We would all appreciate it. Thanks and hope to hear something positive soon, happy hacking!

jonathanleduc Newbie

jonathanleduc

Posted
Posted

I forgot to add, ollydbg would not open the 64 bit packages but HxD opened both. Ollydbg says a new version is to be released soon. I hope this helps anyone who see's this. Does this method need xampp server as well? Or just straight up albert.apple.com?

KiraChaos94 Newbie

KiraChaos94

Posted
Posted

He probably didn't, but I believe it's bs since if you inject your itunes.exe and make it send certain packages to the apple server (most probably to their mailing services) it may not receive any package in exchange since there's already something modified at your hex values which their data system might notice, or it may not send it at all...

If you want to find a real method in doing the icloud bypass for 8.x.x then I suggest you try downloading the authentication files used by apple's server, put them in XAMPP (htdocs) after that add the 127.0.0.1 and albert.apple.com to your drivers --> etc folder after that, run it and see if it works, it may not work at first but you need to modify some stuff in the htdocs folder and it will work.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...