We’ve seen devices for brute-forcing phone passcodes before. This $500 box, demonstrated on video by YouTuber “EverythingApplePro”, uses an exploit in iOS 10.3.3 and iOS 11 beta to brute-force hack and bypass the Lock screen passcode of up to three iPhone 7/Plus handsets at a time—but it could take days to work, depending on the complexity of the passcode.

Normally, attacks like this are impractical due to a user-selectable setting that tells your iPhone or iPad to wipe all your data clean after ten unsuccessful passcode entries.

The box works by guessing the four-digit passcode that will unlock the iPhone. The problem here is that it can make those rapid guesses only for the first 10 minutes after the passcode is changed. If this 10-minute threshold is crossed, the process slows down greatly. So, for example, if the four-digit passcode of an iPhone has been changed just a few minutes back, this $500 box would take more than 3 days to unlock the phone. And if it’s a six digits passcode that was changed recently, it could end up taking more than a year to guess the correct combination.

 “They found a loophole in the data recovery state that allows you to use as many passcode attempts as you want,” the posted explained.

An attacker would still need to own the $500 device and have your phone in physically possession for days before exposing your passcode. Although older devices/iOS editions are not affected, we fully expect that Apple will soon release a fix to patch the vulnerability.

Apple has also confirmed to TechCrunch that the box will not work on iPhones running iOS 11 when the OS drops in September. Apple has already patched the ‘bug’ used by the box in iOS 11 beta 4. More specifically, the 10-minute window in which the box could rapidly guess the passcode has been patched. So while it might still work on iOS 11, the time taken by it to unlock an iPhone will be unrealistic.

Source: redsn0w