This is How to Bypass “iCloud Activation Lock” on iPhone and iPad

Apple is using iCloud activation lock feature to protect data of that user, who lost their devices. A security flaw has been discovered by a security researcher, which is allowing to bypass this iCloud activation lock. By exploiting this flaw, anyone can get access to the home screen of locked iPhones and iPads. But it is possible for that locked devices, which are running the latest version of iOS. A Proof-of-Concept video has been published by the researcher. Both versions of iOS (10.1 and iOS 10.1.1) have this security flaw.

iCloud Activation Lock Feature

All the apple users are familiar with “Find My iPhone” feature of iPhones and iPads. An apple user can activate ‘Lost Mode” from this feature if his device has been stolen or lost. When the user activates lost mode, iCloud Activation lock feature enables automatically. The thief or someone who got the lost apple device, will not be able to use that device without the permission of its owner. The access to “Apple id” is a must to reuse that locked device.

What is the Flaw?

The user can still connect a locked apple device to a Wi-Fi network. If he will choose “other network” he has to put network SSID and its security key. In this case, he also has to choose a security protocol from WPA2 and WEP. Apple is not using any type of limitation for these input fields. The user can input unlimited characters in these input fields. An attacker can trigger a crash by entering long strings into these input fields. This crash can expose home screen of the device. This flaw has been exploited by two different security researchers on iOS 10.1 and iOS 10.1.1.

Here is the Proof-of-Concept Video: https://goo.gl/a2z25k

iOS 10.1

In iOS 10.1, this security flaw was exploited by an Indian security researcher “Hemant Joseph”. He bought a locked iPhone to analyze iCloud activation lock feature. He successfully exploited this security flaw by entering long strings. He successfully triggered a crash and got the access to the home screen by closing and opening the smart case.

iOS 10.1.1

A Security Researcher at Vulnerability Lab, also performed the same attack on 10.1.1 running devices. Initially, it was not working but then he performed the same action after turning on “Night Shift Mode” and “Screen Rotation Feature.” He successfully triggered a crash got access to the home screen. According to Kunz-Mejri (Founder of Vulnerability Lab), the home screen appears for seconds but by pressing the power button quickly, access can be maintained.

Other Hot Hacking News: