Famous in the security world for its ability to jailbreak iPhones, this is the first time how GrayKey works.
GrayShift has long been famous in the world for its GrayKey tool that can unlock iPhones, but very few people understand how it works. However, recently, the documentation about it has suddenly leaked on the internet, giving people a clearer view of the capabilities of this device and how it works.
Previously, many information said, the device broke the iPhone or iPad lock by using a brute-force attack to detect the password. While this isn’t ideal, the tool has repeatedly helped law enforcement gain access to locked iPhones.
iPhone unlocking device, GrayKey
The leaked user manual, which appeared to belong to the San Diego Police Department, was written to teach officers how to use the device and was found by Motherboard. User Document “determine if the authorities are allowed to search in Apple devices.”
Where this document describes the different conditions for GrayKey to be able to connect: the device is turned off (also known as BFU – before First Unlock), the phone is turned on (After First Unlock or AFU), device with a broken screen or when the battery is low.
To unlock the device, the document says: “GrayKey will install a piece of code (also known as an agent) when the device has only 2% to 3% battery left.This code will be used to exhaust the device’s password but requires the iPhone to be powered on until the password is found.
When running GrayKey, users have many choices about the type of data they want to collect in their iPhone. Such data may include metadata in inaccessible files, or “instant extraction when SE is unlocked” – SE seems to stand for Secure Enclave, the part that stores sensitive data like passwords, keys in iOS.
A section of the documentation also describes how GrayKey is used to exhaust character passwords. While many iPhone users only use purely numerical passwords, character passwords also use letters, providing more options and often harder to exhaust. However, if the device uses a character password but in human-readable words, cracking is also easier as GrayKey has a long list of human-readable words available. .
This list is provided in a file named “Crackstation-human-only.txt” containing about 1.5 billion words and passwords. However, GrayKey can also use other word lists, but only one list is used at a time.
Once the “agent” code is installed, the iPhone will be put in Airplane mode and can now disconnect from GrayKey.
Another feature of the device is called HideUI. This feature allows GrayKey to install another piece of code into the device to secretly record the user’s password in case law enforcement is forced to return the iPhone to the suspect.
GrayKey and many others in the industry are like playing cat and mouse with Apple when it comes to hacking into locked iPhones. Every time Apple upgrades its operating system or new security layer for its devices, GrayShift and others in the industry also upgrade their methods to bypass that new layer of encryption.
Refer to AppleInsider
Follow: Game News Page
Source link: Revealing how to jailbreak the iPhone of the notorious machine in the security world
– Emergenceingames.com
