Is there a video where this actually works? I mean: you send the real passcode in one go and it ends up unlocking. I believe i tried something like this and it turned out that all those subsequent fails are because the device doesn’t actually try those passcodes until you pausehttps://twitter.com/matthew_d_green/status/1010271221425033216 …
-
-
-
Replying to @DonAndrewBailey @i0n1c
Video here https://vimeo.com/276506763 - I've emailed Apple to validate, tested multiple pins and valid pins.
2 replies 3 retweets 13 likes -
Replying to @hackerfantastic @DonAndrewBailey
Yes. As i said: you tried a bunch of pins in one go. Those didn’t trigger erase data because they are actually all ignored and count maybe as one try. then you pause and try the right code after the pause. So you have only executed 2 tries.
1 reply 0 retweets 5 likes -
Replying to @i0n1c @DonAndrewBailey
I've unlocked it by sending them all in one go though. :-/ so that doesn't make sense
2 replies 0 retweets 0 likes -
Replying to @hackerfantastic @DonAndrewBailey
not in the video you posted. in the video you posted the unlock happens after a pause that was longer than all the previous attempts.
1 reply 0 retweets 2 likes -
Replying to @i0n1c @DonAndrewBailey
that was mostly due to it being hard to video :) i keep testing it and i definitely tested more pins than the 10 required before unlocking. It might be that the bug isn't just long strings and needs the "send code" part of hdb-team input, I am using that to send the attack.
2 replies 1 retweet 2 likes -
Replying to @hackerfantastic @DonAndrewBailey
what is this tool doing beside being an programmable USB keyboard?
2 replies 0 retweets 2 likes -
Why does Apple not just restrict the passcode entry so only the touchinput works? Are there valid critical usecases?
3 replies 0 retweets 1 like
That would help cover up their bugs, but it's analogous to treating network layer as access control. The limit needs to be enforced at the exact point of granting access, not some keyboard or UI layer.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.