iOS 9 vulnerability: using Siri to bypass the lock screen to access private pictures and contacts-vulnerability warning-the black bar safety net

2015-09-24T00:00:00
ID MYHACK58:62201567329
Type myhack58
Reporter 佚名
Modified 2015-09-24T00:00:00

Description

! A hacker found a new, very simple method, which utilizes Apple's personal assistant Siri, bypassing running iOS 9 lockscreen iOS devices iPhone, iPad, or iPod touch a secure mechanism, which makes an attacker in 3 0 seconds, perhaps less time will be able to access the device photos and contacts. iOS 9 aeration password bypass vulnerability Generally speaking, on your iPhone cell phone set the password on the IS can help you prevent someone access to your device's first line of Defense. However, if your iPhone mobile phone operating system is iOS 9 version, then anyone can in 3 0 seconds and easily access your private pictures and contacts, even if your phone has a password or open the Touch ID function. Just yesterday, the security company Zerodium announced a huge vulnerability Bounty, bonus amount of up to 1 0 0 million dollars, in order to encourage security researchers in to run iOS 9 system of the iPhone and iPad to find 0day vulnerabilities and a jailbreak can use the code. Now, a hacker has found a new, very simple method to bypass running Apple's latest iOS9 operating system lock screen iOS devices iPhone, iPad, or iPod touch a secure mechanism, which makes an attacker in 3 0 seconds, perhaps less time will be able to access the device photos and contacts. Yes, use Apple's personal assistant Siri can bypass any running iOS 9.0 system iOS the device password. To bypass the password step For any running iOS 9.0 system on the iOS device password, you just need to follow the below few simple steps you can bypass it: 1, Wake up the iOS device and the fourth input the wrong password. 2, in the fifth, enter the 3-digit or 5-digit depending on your password length, the last in the input the first four digits immediately after press and hold Home button to invoke Siri. 3, in Siri appeared after, asked her about time. 4, Click on the clock icon to open the clock APP, then add a new clock, and then on the Select city in the input box to fill in any content. 5, now double click on you fill in the content, in order to invoke the copy&paste menu, select all and then click on“share”. 6, in the share list, click the“messages”icon, then again to just input some content, click Enter and double-click the top of the contact name. 7, Select“Create new contact”and click on“Add Photos”, then click“Select picture”. 8, Now you will be able to see the entire iOS device to the pictures library, and in this case the device is still in a passcode lock state, but now you can browse and view the album of any picture. ! Don't worry, it is not a remote attack vulnerability, because only the attacker is able to physical contact your iPhone or iOS device, this method can be effective. However, such a simple to bypass any lock of the iOS device will use users private data at risk. How to prevent iOS 9 attack At Apple to fix the exploit before iOS users can disable the lock screen when Siri to protect their data, through settings>Touch ID&password to set. Once you disable it, you only use password or fingerprint to unlock the iOS device to use Siri.