At this rate, Apple will have to update iOS every month. Close on the heels of the passcode bypass vulnerability found on iOS 6.1 earlier this month comes another passcode bypass vulnerability that lets attackers access users' photos, contacts and more by following a series of steps on an iPhone, iPad or iPod touch running iOS 6.1.
The vulnerability was revealed in a post on the Full Disclosure mailer last week by Benjamin Kunz Mejri, Founder and CEO of Vulnerability Lab. In the email, Mejri gives step-by-step instructions to reproduce the flaw. It is similar to the loophole around the passcode discovered earlier this month. The most ominous part of this bug is that it allows any hacker direct access (via USB) to your iDevice’s content stored on the internal storage without needing to enter a pin.
Apple will reportedly fix the passcode bypass flaw in an upcoming update
All anyone has to do is dial an emergency number directly from the lockscreen. Immediately after dialing, you have to cancel the call and press the power button. Follow this by pressing the home button. Till here, the steps sound simple, but the next few require some dexterity. Depress the power button for 3 seconds and on the last of the three, press the power button while tapping the emergency call button. Next, remove the finger off the home button before releasing the power/unlock button. Here, Mejri says your screen (minus the top bar) will go black. In this state, connect the USB cable to your phone. This will allow you to access photos, contacts and whatever else you have stored in your iDevice’s internal storage without a pin from your computer.
The first half of the exploit is very similar to the earlier vulnerability. In fact, the Vulnerability Lab references this in its proof of concept. Apple released a 6.1.2 update last week that didn’t fix this security flaw. But the company is planning a 6.1.3 update, which it has started seeding to developers. iOS 6.1.3 will supposedly plug the passcode bypass trick. The forthcoming update will also reportedly kill the evasi0n untethered jailbreak.
Of course, it is not always possible to reproduce this flaw. iMore reports that if an attacker uses a computer that has not previously been connected to a particular iPhone or iPad, the passcode on that device cannot be bypassed. “With the device plugged in, once you enter your passcode, iTunes will never require you to enter it again. iTunes has some mechanism in place that will now allow your computer to talk to the device, even when the lock screen is present. Had the person in the video plugged their device in to a computer that it had never been plugged in to before, they would have met with an error message instead,” iMore’s report said.
Published Date: Feb 26, 2013 07:52 pm | Updated Date: Feb 26, 2013 07:52 pm