From a "Reliable Source" - IOS devices

[einstein9]

I got to know, actually SAW from one of my friends (Pro. IOS Reverse Engineering Researcher)

that

He developed An Application where it "Communicates with Apple Devices in DFU Mode". period.
where he was able to DUMP the full "un-encrypted" image of the device...

His App. is still under test BUT it DID WORK with some of the Latest Apple devices...

soon enough you will hear about it somewhere....


I believe "Apple" will change their Mobile production line to "Diapers" after this...

[Amarbir[CDR-Labs]]

I got to know, actually SAW from one of my friends (Pro. IOS Reverse Engineering Researcher)

that

He developed An Application where it "Communicates with Apple Devices in DFU Mode". period.
where he was able to DUMP the full "un-encrypted" image of the device...

His App. is still under test BUT it DID WORK with some of the Latest Apple devices...

soon enough you will hear about it somewhere....


I believe "Apple" will change their Mobile production line to "Diapers" after this...

Hello,
If The Solution remains inhouse they will not ,Only when its public they will , But apple is a slowly dying company ,very soon we will see the end of this like slow poison

[guru]

Would be interesting to talk to this person......

[einstein9]

Would be interesting to talk to this person......

He is reading for sure the post here,...

[HaQue]

without knowing the users access code??

[einstein9]

without knowing the users access code??

Without ANYTHING....

Direct Access & DUMP <----------------

[guru]

sure he is

Would be interesting to talk to this person......

He is reading for sure the post here,...

[HaQue]

this isn't the bug Apple re-introduced in a recent OS to allow jailbreaking again is it?

[einstein9]

this isn't the bug Apple re-introduced in a recent OS to allow jailbreaking again is it?

am aware of this bug (the Jailbreak) but the solution which he implemented was done some time ago (before the bug)
and was testing it with many IOS versions to make sure it works...

Apple IOS tick tock...

[HaQue]

I don't know enough about Apple ecosystem to say too much about the research, but I think Apple have started a bug bounty program, or are starting one. maybe your friend can make some serious money working with Apple.
Anyway I always applaud good research.

[einstein9]

I don't know enough about Apple ecosystem to say too much about the research, but I think Apple have started a bug bounty program, or are starting one. maybe your friend can make some serious money working with Apple.
Anyway I always applaud good research.

Well, i some how agree with you here, but really sometimes its not about how much $$$ he can make but how much he can benefit from it...

and the most important part is that my friend (the researcher) with Apple BOTH are like:

(Trump & Xi Jinping they might laugh/shake hands with each other,,, but God knows whats inside their heart )

[JustJoe]

This is exciting.

Do you know if your friend will be selling this and how much more time he needs?

I have a small collection of iPhones turning up every week that this would be good for.

[HaQue]

I would not be too reliant these bugs being around much longer given the recent exploitation reported on last week by Google. The chaining of bugs to fully exploit iPhones would have many eyes looking for bugs.

[einstein9]

There is an update here about this subject soon ..... very soon

[einstein9]

Just in case if someone if watching this thread...
more info. here: https://forum.hddguru.com/viewtopic.php?f=25&t=38939

[Otic]

Is this by any chance related to the released Checkm8 Bootrom exploit?

[samstown]

Hello, recently I had 3 users who faced "apple logo boot loop" on their Iphone 6s, IPad mini 2. The scenario was always the same, iOS asking for more space, user tried to clean, iOS software update 13.X and device doesn't boot. Changing FW in DFU doesn't help, always failing, only option is to restore and loose all data. They went to Genius Bar, the Genius said Apple can't fix it without wiping data, they suggest to contact recovery lab... Does anyone experienced this bug as well ?

Is there any news on this tool that would allow memory access in DFU ?

[einstein9]

I got to know, actually SAW from one of my friends (Pro. IOS Reverse Engineering Researcher)

that

He developed An Application where it "Communicates with Apple Devices in DFU Mode". period.
where he was able to DUMP the full "un-encrypted" image of the device...

His App. is still under test BUT it DID WORK with some of the Latest Apple devices...

soon enough you will hear about it somewhere....


I believe "Apple" will change their Mobile production line to "Diapers" after this...

Just saying... posted it 24 Aug 2019


Cellebrite v7.28 Jan 2020 : https://www.cellebrite.com/en/blog/a-pr ... o-checkm8/

Belkasoft v9.8 Feb 2020: https://belkasoft.com/belkasoft-9-8-sup ... -jailbreak

not sure about the rest of the tools release dates... but am sure Vlad. Katalov is one of them...

Whats next?? probably after the Covid19 crisis... hope ends soon...

Stay Home... Stay Safe...

[wksk]

None of the methods (cellebrite, Belkasoft) dump a full unencrypted backup without a pin/pass in DFU. There are some BFU files that can be recovered but thats not a full image. Can your contact do that or is it the same as everyone else?

[HaQue]

I just cant see how you could get around a locked phone without the passcode, DFU or otherwise for full extraction..

not sure what the BFU files actually are, so I found this:

https://blog.elcomsoft.com/2019/12/bfu-extraction-forensic-analysis-of-locked-and-disabled-iphones/

doesnt sound like much.