Bypass iPhone Passcode to Access Photos and Messages
Setting a passcode on your iPhone is the first line of defense to help prevent other people from accessing your personal details.
However, it's pretty much easy for anyone with access to your iPhone to bypass the passcode protection (doesn't matter if you configured Touch ID or not) and access your personal photos and messages.
A new critical security flaw discovered in iOS 8 and newer, including 10.2 beta 3, allows anyone to bypass iPhone's passcode and gain access to personal information using the benevolent nature of Apple's personal assistant Siri.
The security glitch has been discovered by EverythingApplePro and iDeviceHelps and now that they have gone public with a video demonstration, you can expect Apple to fix this issue in the next iOS beta version.
All an attacker need is to find out the phone number of the target's iPhone and access to the phone for a few minutes.
But, what if you don't have target's phone number? No worries. You can hold down the home button of target's iPhone to activate Siri and simply ask "Who am I?" Siri will reply you with the phone number it is using.
Here's How to bypass iPhone's Lockscreen:
Once you got the phone number, follow these simple steps to reading personal messages and accessing personal photos on target's iPhone:Step 1: Since now you have target's phone number, call on his/her iPhone – starting a FaceTime call will also do it.Step 2: Now, targets iPhone screen will show a message icon, just click on 'Message icon' and then 'Custom Message' to go to the New Message screen where you are allowed to type a reply.
Step 3: Next, you need to activate Siri by long-pressing the Home button and say "Turn on Voice Over," and Siri will get the job done by turning it ON.Step 4: Go back to the message screen and double tap the bar where you are required to enter the caller's name and then hold, while immediately click on the keyboard. This may not succeed in the first time, so repeat this step until you see a slide-in effect on the iPhone's screen above the keyboard.Step 5: Now, ask Siri to "Turn off VoiceOver," come back to messages and simply type in the first letter of a caller's name in the top bar, tap ⓘ icon next to it, and then create a new contact.Step 6: Next, you can select add photo and choose a photo. Yes, now you are in and can look at the victim's photo gallery just like you are browsing the phone, even though the iPhone is still in the locked state.Step 7: You can select any contact on the iPhone, and you would be able to see all previous conversations of the target with that contact.
Wifi Hacking @ a new level
Hackers can steal your sensitive information, such as your Passwords, PINs and Keystrokes, from your phone by observing changes in the wireless signal as you enter them into your smartphones.
A group of researchers from the Shanghai Jaio Tong University, the University of South Florida and the University of Massachusetts at Boston have demonstrated a new technique that can reveal private information by analyzing the radio signal Interference, using just one rogue WiFi hotspot.
Dubbed WindTalker, the attack sniffs a user's fingers movement on the phone's touchscreen or a computer's keyboard by reading the radio signal patterns called Channel State Information (CSI).
Here’s How An Attacker Track your fingers moves on a smartphone screen:
When you enter your PIN number or password in any app or swipe your smartphone lock screen pattern, your finger movements alter the WiFi signals transmitted by a mobile phone, and the movements are imprinted into the signal.
Now, hackers with control to a public Wi-Fi hotspot to which your device is connected to could then intercept, analyze, and reverse engineer those signals to accurately guess what sensitive data you have typed into your phone or in password input fields.
The WindTalker attack is particularly effective as it does not require any access to the victim's phone and works with regular mobile phones.
The attack needs the hacker to control a rogue WiFi access point to which the target will connect to and collect WiFi signal disturbances.
WindTalker will also not work with older internet router that has one antenna to broadcast Wi-Fi signals around your home, as it relies on a technology called Multiple Input, Multiple Output (MIMO).
However, this is not a problem because the latest wireless routers now come with multiple antennas and MIMO technology, which enables routers to connect and transmit data from multiple devices simultaneously.
WindTalker Attack has an Over 68% Accuracy
Linux Root Shell access By Pressing 'ENTER'
A hacker with little more than a minute can bypass the authentication procedures on some Linux systems just by holding down the Enter key for around 70 seconds.
The result? The act grants the hacker a shell with root privileges, which allows them to gain complete remote control over encrypted Linux machine.
The security issue relies due to a vulnerability (CVE-2016-4484) in the implementation of the Cryptsetup utility used for encrypting hard drives via Linux Unified Key Setup (LUKS), which is the standard implementation of disk encryption on a Linux-based operating system.
The flaw actually is in the way the Cryptsetup utility handles password failures for the decryption process when a system boots up, which lets a user retry the password multiple times.
What's even worse? Even if the user has tried up all 93 password attempts, the user is dropped to a shell (Busybox in Ubuntu) that has root privileges.
In other words, if you enter a blank password 93 times – or simply hold down the 'Enter' key for roughly 70 seconds – you will gain access to a root initramfs (initial RAM file system) shell.
Once obtained the root shell on a target Linux machine, you can copy, modify, or destroy the hard disk, or use the network to exfiltrate data.
Vulnerability can also be Exploited Remotely
The flaw, discovered by Spanish security researcher Hector Marco and Ismael Ripoll, affects almost all Linux distributions, including Debian, Ubuntu, Fedora, Red Hat Enterprise Linux (RHEL), and SUSE Linux Enterprise Server (SLES), which potentially puts millions of users at risk.
However, you might be thinking that exploiting this flaw is only possible when you have physical access to the target system. True, but exploiting the flaw remotely is also possible.If you use cloud-based services that use Linux, you can remotely exploit this vulnerability without having 'physical access.'
Here's How to Fix the Security Issue:
Fortunately, the vulnerability is incredibly easy to fix.First of all, press the Enter key for about 70 seconds at the LUKS password prompt until a shell appears, just in order to see if your system is vulnerable.If vulnerable, you will need to check with your Linux distribution support vendor to find out whether or not a patch is available.
 |
| Add caption |
f the patch is not available, the issue can be fixed by modifying the cryptroot file to stop the boot sequence when the number of password attempts has been exhausted. For this, you can add the following commands to your boot configuration:
sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="/GRUB_CMDLINE_LINUX_DEFAULT="panic=5 /' /etc/default/grub grub-install
Since a patch is already available, so make sure that you are always using the most recent package versions and up to date operating system.
