Yet another iPhone lockscreen exploit allows access to your photos

28 November 2015, 04:45

YouTuber videosdebarraquito (a.k.a. iOS hacker Jose Rodriguez) has identified yet another iPhone lockscreen bug that could – under certain circumstances – allow access to the device’s pictures without the iPhone being first unlocked via a passcode or TouchID.

Unlike previous exploits, Jose’s effort doesn’t involve Siri but instead exploits a bug in the Contacts, Camera and photo-chooser apps. Jose appears to imply this particular bug is “just a clue” for something else he has not yet revealed. In October he identified a similar bug within the Clock app for iPhones.

We’ve tested the bug several times on an iPhone 6 Plus running the latest iOS release (9.1; 13B143). Notably, the exploit didn’t seem to work on our iPad Air 2.

The video is below but here are the steps:

  1. Wake the iPhone as usual, return to the Home screen, then open the Camera app and tap to access your photo library at the bottom left.
  2. Choose any photo, then tap the Share button and then the Assign to Contact icon on the bottom row of the Share pop-up.
  3. In the search field for Contacts that appears, type any single-word gibberish you like – gssgwj, for example.
  4. Tap what you typed in the search field, then tap Select All, and then the Share option on that pop-out menu.
  5. In the Share options pop-up, tap the Message icon.
  6. Again type any single-word gibberish into the To field, then tap into the message field briefly, before again tapping in the To field and highlighting what you’ve typed (which will now be colored green or blue).
  7. Ensure the entry in the To field is highlighted, and then tap it. This will open a mysterious new contacts entry, which is perhaps the first indication of a bug. On this screen tap Create New Contact.
  8. Tap the Add Photo icon at the top left of the new contact screen. Don’t select anything on the pop-up menu that subsequently appears.
  9. Click the Home button, and then sleep the iPhone.
  10. Wake the iPhone but don’t enter the passcode/TouchID. Instead, slide up the camera icon at the right, and you’ll see the previous menu – even though you haven’t unlocked the device. By tapping the Choose Photo button you’ll have access to all your photos, again with no prompt for a passcode or TouchID.
  11. Even if you don’t choose a photo, and again click the Home button – which will lock the phone – waking the phone and again accessing the camera without unlocking the device will provide access to this blank contact and you can again select to add a photo and thereby view the device’s photos.

See also

Leave a comment...