IP Box brute-force tool breaks the PIN of each iPhone

Η βρετανική εταιρεία ασφάλειας IT-Governance, δια μέσω του Neil Ford, αναφέρει ότι κυκλοφορεί μια νέα συσκευή στην αγορά (IP Box) που ισχυρίζεται ότι μπορεί να τον κωδικό pin ενός σε λιγότερο από 17 ώρες. Το βίντεο μάλιστα που παρουσιάζει η shows how anyone can easily hack the iOS lockscreen with a brute-force attack.ip box

The video was made by another security company called MDSec, who tested the device in their labs. It confirmed that the device can actually crack the iPhone's four-digit PIN code. The tiny device can be purchased for less than $ 250. It will take a little over half a day to crack a code according to MDSec, which believes the device is taking advantage of a known security vulnerability in iOS 8.1 (CVE-2014-4451).

“Further research indicates that it could be the issue detailed in the CVE-vulnerability-4451, αλλά αυτό δεν έχει ακόμη επιβεβαιωθεί,” αναφέρει ο Neil Ford στο αναλυτικό άρθρο για τη συσκευή IP Box, η οποία προφανώς χρησιμοποιείται από πολλά phone repair.

"We plan to try the same attack on a device with 8.2 and we will inform you about our progress. In the meantime, our advice to everyone is to make sure they use a fairly complex password on their device and not a PIN. ”

We know that the iPhone shuts down after 10 failed attempts to "break" the PIN, but the IP Box bypassing it, erasing the iPhone after each failed PIN attempt. IPhone running with iOS 8.1.1 or later is not affected by vulnerability at the time of writing.

The IP Box also works on iPads. We therefore recommend that you upgrade to the latest version of the operating system immediately.

More details with pictures and videos can be found in her article MDSec.

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).