|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
iPhone 4 / iPhone 4S iPhone 4 / 4S |
| LinkBack | Thread Tools | Display Modes |
02-23-2012, 19:28 | #1 (permalink) |
Junior Member Join Date: Jun 2011 Location: Tell you Later Age: 31
Posts: 29
Member: 1607560 Status: Offline Thanks Meter: 4,294,967,295 | [TUT] How To Hack Any iDevice [TUT] In this tutorial, I will explain to you how to hack an iDevice with no password required. Necessary Materials IDA 6.2 Demo Version from Hex-rays Jailbroken iDevice iPhoneFolders 0xED for Mac or Hex Workshop for Windows A computer A brain (size does not matter .) Directions 1. Use iPhoneFolders to navigate into System/Library/CoreServices/SpringBoard.app 2. Find the binary of SpringBoard (No extensions). 3. Take the binary, download it to your computer. 4. Open up IDA and load SpringBoard from the location that you put it in. 5. Open the binary as ARM processor. 7. Wait for the entire binary to be disassembled. 8. By pressing alt+t on your keyboard, the search function will pop up. Now you will want to search for 'isPasswordProtected' without the quotes. 9. SBAwayController::isPasswordProtected should appear. At the mid-bottom-left hand side of IDA, you should see a number. For me, this is 37018 on iOS 4.3.3. However, THIS WILL BE DIFFERENT ON ALL SEPERATE FIRMWARES. 10. Open up HexWorkshop, and load the Springboard binary. 11. Navigate to the file offset found in step 9. 12. Change the 2-bit number (4 digits) here to 0020. (back up original binary before making any changes in case you mess up.) 13. Save the Hex Workshop binary. 14. Open up iPhoneFolder and navigate to SpringBoard.app again if you are not already there. 15. Replace your new, edited binary with the one currently there. Do not Replace All. 16. iPhone now does not require a valid password. You now have full access to it! If you ever want to prank friends, or want to steal a corporate iPhone with sensitive data in it and retrieve the info, or just want a new iDevice for yourself, this tut should get the job done. :victoire: For whatever your needs are, good luck and have fun with this useful hack! :blackhat: Please vouch on the thread, this method took me 2 hours to do. |
The Following User Says Thank You to boy1995 For This Useful Post: |
05-21-2012, 20:18 | #4 (permalink) |
No Life Poster Join Date: Mar 2007 Location: /Fr/Ch\Ro\ Age: 39
Posts: 1,334
Member: 467911 Status: Offline Thanks Meter: 351 | Have you tested this .If device is protected how you will be able to access the system files ? Firstly it's not your tuto is not for what you mention and you have no idea what you advanced here . |
05-22-2012, 13:55 | #11 (permalink) | |
No Life Poster Join Date: Feb 2009
Posts: 851
Member: 961957 Status: Offline Sonork: Jabber: [email protected] Thanks Meter: 641 | Quote:
| |
Bookmarks |
| |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
news headlines to gsm phone | mos | Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) | 7 | 05-22-2016 11:42 |
How can I do a Welcome note for my 6110 a dosn't have any one ? | Viper | Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) | 8 | 06-27-2015 11:57 |
How to add a language in 51xx/61xx | tati | Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) | 8 | 05-21-2013 19:20 |
How to upload a new firmware... | Brand | Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) | 8 | 06-08-2012 18:29 |
Copy from one 6110 to another | Leif Nielsen | Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) | 1 | 06-10-1999 22:36 |