This is the perfect level of hacking for me. Deep enough to not be something mainstream but not so deep that I don’t understand it. Awesome talk. Thanks
This bout to help the jail breaking community ten folds. This is the key we’ve been missing since iOS 9 ROOT exploration and filza usage. As well as a possible direct cfw exploit additive.
@@deang5622 sorry but no. I’m an electrical engineer for a German automotive company and nothing like that is taught in university. Yes you learn the basics, but nothing that directly lets you hack phones on any other device. Edit: autocorrect errors corrected. University and the universe are apparently the same to my iPad..
@@sumthinfresh Clearly you have never been to university. University is not like school. You have to be self motivated and work your socks off in the evenings and weekends to pass an engineering degree. Having "Drive" is a must
@@rolux4853 Just so you know electrical engineering and electronics engineering are two different things, completely apart from each other. Of course you're not taught how to hack into a lightning cable, but you're give the fundamentals so that you can understand most of what he did and maybe with some effort you could've figured it out yourself.
Can someone explain what extra things would the JTAG allow to do comparing to a regular lightning-to-usb connection with a jailbroken device? From what I understand it makes it a bit easier to install arbitrary versions of the firmware (by entering into a DFU mode)? Also Would there be any benefits with having a jtag connection to a non-jailbroken iphone?
@@abdelbakiberkatiin fact it’s really the keys to the kingdom. There are probably quite a few vulnerable states during boot and operation that are not precisely logged or otherwise visible even to a root user on the device without jtag. Custom hardware in the future, too, maybe. I’m thinking sniffing out oracles, baseband management (GSMK style BB firewall would be nice,) many many things.
4:37 it’s necessary for apple to charge you and make other companies pay for them if they want to provide apple products with their beloved port Same thing with many parts of the iPhone everything got an ID which’s a PK. The camera module same with TouchID and even the logic board so you can’t just swap them All to make repairability as difficult as possible
then theres maby also a code for purple mode...atleast they sell devices on alisexpress that claims to do that... would be a sweet addition to the firmware
Complete coding noob, does this mean if you find a stolen iphone it'll be possible to factory reset and unblock icloud? Or does it have to be jailbroken? My mum lost her iphone not too long ago and was hoping that no one gets access to it.
As mentioned, it makes using the Checkm8 exploit slightly easier, however most of these techniques have been known for years, and haven't lead to an exploit. Of course, maybe, but probablhy not.
This is the perfect level of hacking for me. Deep enough to not be something mainstream but not so deep that I don’t understand it. Awesome talk. Thanks
"And it's fully open source" Amazing, simply amazing
Good job sticking with it until you got through! Those were some killer obstacles.
"As soon as I'm on a wifi that doesn't scare me" LOL
11:10 unexpected nyan cat
With the new apple devices that use USB C will it be easier to build a debugger for the newer device that don't use lightening?
Great talk! Always good to listen into Apple hardware hacking
Can you please add the links in the presentation to the abstract (like the mentioned GitHub link)
He hasn't yet found a wifi that doesn't scare him
Someone didn’t watch the video the whole way.
This bout to help the jail breaking community ten folds. This is the key we’ve been missing since iOS 9 ROOT exploration and filza usage. As well as a possible direct cfw exploit additive.
Hi can iCloud be bypassed
Gotta love the RP2040
Damn, I would love to get into hardware hacking of this kind of caliber.
Do a degree in Electronics Engineering....
Then it becomes easy.
@@deang5622 sorry but no.
I’m an electrical engineer for a German automotive company and nothing like that is taught in university.
Yes you learn the basics, but nothing that directly lets you hack phones on any other device.
Edit: autocorrect errors corrected. University and the universe are apparently the same to my iPad..
@@deang5622 university is for those with no drive
@@sumthinfresh Clearly you have never been to university.
University is not like school. You have to be self motivated and work your socks off in the evenings and weekends to pass an engineering degree.
Having "Drive" is a must
@@rolux4853 Just so you know electrical engineering and electronics engineering are two different things, completely apart from each other. Of course you're not taught how to hack into a lightning cable, but you're give the fundamentals so that you can understand most of what he did and maybe with some effort you could've figured it out yourself.
Wooow that's that's what I'm talking about .. you're the best !
Great job man! 👍
No talks about the WhatsApp RCE int underflow ???
does this mean can iphone xr a12 chip be activation lock bypass?
Can someone explain what extra things would the JTAG allow to do comparing to a regular lightning-to-usb connection with a jailbroken device? From what I understand it makes it a bit easier to install arbitrary versions of the firmware (by entering into a DFU mode)?
Also Would there be any benefits with having a jtag connection to a non-jailbroken iphone?
Root access to the device for data apple really doesn’t want you to see, this will help jailbreaking community a lot
@@abdelbakiberkatiin fact it’s really the keys to the kingdom. There are probably quite a few vulnerable states during boot and operation that are not precisely logged or otherwise visible even to a root user on the device without jtag. Custom hardware in the future, too, maybe. I’m thinking sniffing out oracles, baseband management (GSMK style BB firewall would be nice,) many many things.
F--king awesome work!
Bravo..
Amazing job, man!
4:37 it’s necessary for apple to charge you and make other companies pay for them if they want to provide apple products with their beloved port
Same thing with many parts of the iPhone everything got an ID which’s a PK. The camera module same with TouchID and even the logic board so you can’t just swap them
All to make repairability as difficult as possible
Would that cable help me reset an Apple ID locked iPad I have? Got it from work but the Apple ID is from the business before us so it's useless
great presentation
then theres maby also a code for purple mode...atleast they sell devices on alisexpress that claims to do that... would be a sweet addition to the firmware
Is he related to the Lockpicking Lawyer? (Same outro phrase)
Great job
Awesome great job!!! 😉
Good stuff
So informative, thanks a lot!
Very nice hack and beautifully explained!
Well done!
awesome man!
Good job sir
I thought this was a Kanye West thing, with the def con 3
Complete coding noob, does this mean if you find a stolen iphone it'll be possible to factory reset and unblock icloud? Or does it have to be jailbroken? My mum lost her iphone not too long ago and was hoping that no one gets access to it.
There are simpler ways to do that. Many iPhones just end up getting sold to China.
This isn’t going to unblock iCloud, probably.
Downgrading and erasing yes erasing set up app can do the job
Nice! I know some of these words :)
I didn’t know Jon Favreau was there.
Wow!!!!!
it work on my pc thx bro vеry much
Niiiiice!
Hydra lol classic Apple
Englische CCC
could this be a viable way to jail brake iPhones
As mentioned, it makes using the Checkm8 exploit slightly easier, however most of these techniques have been known for years, and haven't lead to an exploit.
Of course, maybe, but probablhy not.
you can only access UART without JB, and that doesn't give you much
@@zat-svi-ua so this is helpful to find zero day exploits in old IOS that might still exists in new one ??
@@ko-Daegu that's right.
Nyancat na na na na
It’s not a $5 cable when you include the man hours used to complete the project.
It's worth much for someone who cannot afford the fancy ones.
😒 I find it so dumb that people have started calling _cables_ what are full computing, bulky cases with multiple ports and even leads.
People
Bombastic/Охуенно ... каждый сможет, но не каждый сможет.
And now you'll have to figure all this out all over again since iPhones are all gonna have USB-C ports in Europe instead of Lightning ports 😂
It should be relatively similar
Rather portless.
Lame.
Great stuff , miss having a jailbroken iphone . AutoClicker#
Can somebody just tell me what this all means thx