Another iOS 6.1 Passcode Bug Discovered


Few days back, a security flaw was discovered which allows anyone to bypass the passcode lock on the iPhone and gain access to the Phone app. It allowed unauthorized access to Contacts, check your voicemail, send text messages, make FaceTime calls and even access your photos (by trying to add a photo to a contact).

Apple has acknowledged the issue and has seeded iOS 6.1.3 beta 2 to developer, which fixes the bug.

However, that may not be the only passcode bug. Folks at Vulnerability Lab CEO Benjamin Kunz Mejri have discovered another passcode lock vulnerability in iOS 6.1, according to a report on Ars Technica.

It seems to be similar the previous one, but is slightly different. Ars Technica explains:

The two start out in a similar way—by following a set of steps that utilizes the Emergency Call function in addition to the lock/sleep button and the screenshot feature. When making an emergency call, an attacker could cancel the call while holding the lock/sleep button in order to access data on the phone.

The difference between the first exploit and this one is how it can make the iPhone screen go black, allowing an attacker to plug the device into a computer via USB and access the user’s data without having their PIN or passcode credentials.

“The vulnerability is located in the main login module of the mobile iOS device (iPhone or iPad) when processing to use the screenshot function in combination with the emergency call and power (standby) button. The vulnerability allows the local attacker to bypass the code lock in iTunes and via USB when a black screen bug occurs,” Mejri wrote. “The vulnerability can be exploited by local attackers with physical device access without privileged iOS account or required user interaction. Successful exploitation of the vulnerability results in unauthorized device access and information disclosure.”

You can check out the video below to see how it can be reproduced:

I don’t know how they find these bugs, but I won’t be surprised if Apple fixes it too. Apple has also fixed two vulnerabilities that were used for the Evasi0n jailbreak, which means that it won’t be possible to jailbreak iOS devices running iOS 6.1.3 when it is released.

It goes without saying that jailbreakers should avoid upgrading to iOS 6.1.3 when it is released and probably a good time to jailbreak your iOS device if you haven’t done so already (You can find the links to our step-by-step jailbreak tutorials here).

Via: Ars Technica

Like this post? Share it!

  • noob

    Stupid question, but if both bugs rely on the emergency call button, is there a tweak that can simply remove the button or is it something more?

  • Andrew

    Here’s a thought. Stop losing your phones.

  • Jonas Savimbi

    Just use the AndroidLock XT

  • bt

    there is a tweak that disables your emergency button. its not needed since if you actually needed to call 911 you can UNLOCK your phone normally anyways. we dont need that dam n button if we KNOW our code

    • Vaah

      What if someone else doesn’t know the code?

  • Mrgreenboye

    lol this is old stuff we found this long ago and told apple they need to move faster we are not glory hounds trying to make a name for ourselves so we didnt post it all over the net we tweeted just a little saying we found something not much but we told apple way before this has been around since 5.0 well lets see how fast apple moves now!!!!!