contact me

[itadepro]

Hi I am very interested in your project we may contact by skype or something ...?

[carcabot]

Hi, if you have any suggestion about this project, please state it here, together we can make it work.

[zawzawsugu]

hi bro nice to meet u did u already test this method? how this work i have bypassed i phone 5s from minacrices server

[danzatt]

This is modified version of minacriss' first server (he posted it on twitter days ago when he was asking for help, now he figured out how to bypass it and won't release source). It has never worked and never will.

[carcabot]

Well, this version was developed by myself when I've tried to bypass iCloud for an iPhone 4S, after I got stuck in some point and I found that someone did same thing. I will continue it once i will have some ideas from other people.

[itadepro]

sorry for my bad English, I feel I just need to fix the order of pem files and the keys ... because for me it works great until the script will inject the key here I have an example of the result of the bypass

bplist00Ö

AccountTokenCertificate\AccountTokenFairPlayKeyDataDeviceCertificateLDActivationVersion_AccountTokenSignatureOÙ-----BEGIN CERTIFICATE----- MIIDZzCCAk+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADB5MQswCQYDVQQGEwJVUzET MBEGA1UEChMKQXBwbGUgSW5jLjEmMCQGA1UECxMdQXBwbGUgQ2VydGlmaWNhdGlv biBBdXRob3JpdHkxLTArBgNVBAMTJEFwcGxlIGlQaG9uZSBDZXJ0aWZpY2F0aW9u IEF1dGhvcml0eTAeFw0wNzA0MTYyMjU1MDJaFw0xNDA0MTYyMjU1MDJaMFsxCzAJ BgNVBAYTAlVTMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRUwEwYDVQQLEwxBcHBsZSBp UGhvbmUxIDAeBgNVBAMTF0FwcGxlIGlQaG9uZSBBY3RpdmF0aW9uMIGfMA0GCSqG SIb3DQEBAQUAA4GNADCBiQKBgQDFAXzRImArmoiHfbS2oPcqAfbEv0d1jk7GbnX7 +4YUlyIfprzBVdlmz2JHYv1+04IzJtL7cL97UI7fk0i0OMY0al8a+JPQa4Ug611T bqEt+njAmAkge3HXWDBdAXD9MhkC7T/9o77zOQ1oli4cUdzlnYWfzmW0PduOxuve AeYY4wIDAQABo4GbMIGYMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBShoNL+t7Rz/psUaq/NPXNPH+/WlDAfBgNVHSMEGDAWgBTnNCouIt45 YGu0lM53g2EvMaB8NTA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vd3d3LmFwcGxl LmNvbS9hcHBsZWNhL2lwaG9uZS5jcmwwDQYJKoZIhvcNAQEFBQADggEBAF9qmrUN dA+FROYGP7pWcYTAK+pLyOf9zOaE7aeVI885V8Y/BKHhlwAo+zEkiOU3FbEPCS9V tS18ZBcwD/+d5ZQTMFknhcUJwdPqqjnm9LqTfH/x4pw8ONHRDzxHdp96gOV3A4+8 abkoASfcYqvIRypXnbur3bRRhTzAs4VILS6jTyFYymZeSewtBubmmigo1kCQiZGc 76c5feDAyHb2bzEqtvx3WprljtS46QT5CR6YelinZnio32jAzRYTxtS6r3JsvZDi J07+EHcmfGdpxwgO+7btW1pFar0ZjF9/jYKKnOYNyvCrwszhafbSYwzAG5EJoXFB 4d+piWHUDcPxtcc= -----END CERTIFICATE----- Ob{ "InternationalMobileEquipmentIdentity" = "012030005941102"; "ActivityURL" = "https://albert.apple.com/deviceservices/activity"; "ActivationRandomness" = "E7DA5CCD-37A0-427F-A6A8-9FBED57C6FDC"; "UniqueDeviceID" = "5d46010cfa34495a3779d5a77c3604f4888c6795"; "CertificateURL" = "https://albert.apple.com/deviceservices/certifyMe"; "PhoneNumberNotificationURL" = "https://albert.apple.com/WebObjects/ALUnbrick.woa/wa/phoneHome"; "WildcardTicket" = "0200000050134e66fc2695d9f8b60ae680574364befbab08a220eedf20852c2d77acba85090114c06e95d4659731b1d9cceea34c7f3253de96666615570078f2689cd76ff3d2b0f5569a56b5c5a505cb4e464233a1a29ee4f7003e6cec27f2442d7baf43d376c4021f520a8cac55515c6bdf6a537f5661a6dd8c7f9971ac43c30326684b64f797ba68a8332e119fd3692ed794311359b8515eb76f1be616ba107f818a3871fe0f884318cbd4507449a54c4622627a335d5b3dde1322ea1a4f5777c4060ec906cd4628460faed5852404f9cbd57849c53aaaac84af749c1e082a02009d50370cb67c33db9d2999df1d321ba7a5ec740e2cc854187813b896d8b85da2dbda325eb1f3fe134cc8f97619ed924630f0bf8d8b64113d178c24781de2da9315f1a4f16ded99f6232a36c7dfa657b825d381903684ab773d4362e47a3b8c3caabd73dce676c01169ff249af66f91828104b3bd4f6e23e3ef5c283282489e9a8d986b01faf8b440ceb17feb773141b7c6ae9e468153f0635d7723171d4a055a09627ed4bf264935045c667dd93144ee93023d4b3f2229a25c9809e7f1a746c7eb1af41ebc45b8e6493d5bf0252dcfaf3a682bc0d1381b41e613f6a9a1a78cf64cd51bb5e782948a0dc80ece2096526249e60863bf3ff68d62bc87f4fffc47641fb6dac8d9d48e4c78185a385109d9dcd459fbe6554ce48611d5ed9e7bf20db5a16ff604908612020d167c71b97dddfa727a1e0e912e6a8977e3ea83433e10b4a3dc471d35eb980cdd3b12aef0ee55694ad3785bf1057c2ba15f6b83d22093ffcf7e913c6c4edc38f20e"; }O:-----BEGIN CONTAINER----- AAEAAQZk/Wt1PPSmiBJWOHfWBAxm0dF3ftOJ4nUvDr4+E3oPehgAR35gksXZO8Dk Z2+kR050cMrRtK4GLleM+yvWImhD2IqMHP3/EchYbyn8FgMNnSclslTfQBYsG0UW luUp4t96lLTF897GcxVtxbiQ9ydeYiiiXRRuRb9xQNMq/qWl3kIqY3NwweMFF4xG VJVJ2bjrCKhchRKv1nxITkAZGdvccDWf5TafusZwq9yrr+zqp056K6jWqZPGFD5n rKge1zDUwVaMfSQCVxjrA31T/aUolGr187tTnGFVvKqCUSpuUPmSbOEnS5zgvoxX Cd2hPVRKVfFwFADIIxubPwMErEgDbOFBoce4sqAecityUEX8q3bm1QGe/rMypfQ2 zg2fbal7MMvvL9mket7w5Q+3yrtHa6x9vWGNooOg8xmmf3TOD7PEkQszsVrrSBcF P2b0Zm08W2ra9c2jVnuymakzdY//UPHGoG3U+AB9ulS312yy9hlUIdxYlOECiahv ai8Ah6fu+byLElWJEvRU/f58Rs3466H91VqvJ/0OC9V0fZ3GCztZ+n6nzskrFdof iLGQKKEFVnD51mTTGpckFyrhCAMbu2U/sg1P06wCz4IX6YYH4yhpUzaAzTi1/eag Bo8kIze+lv84hNGBPB/yu/5t3AGE+AD/ABiedv3MyubjpORTr0FOIEzfaymM0opZ qUnTuKivvZ3SoHGidtaQ7lQUZy91v2iIbWhxNyc15RKP6/IU6qzMdpbvqa39TTwb QQSNc+wCS4fCuAkTbCwEtA6/U8z8+vyTqRoE8ss+Fi5CB2U1yEa2SoBdPL2M6RHR CjwdRCxLvt1ipi74MTcCz/KtCEMGAsJoTq4vdvyq/QiqVX4h5rmiTJwo2rHQ1O2g PHlHycCbkzkfpVcwAdSP9AEqjQ4O+QMdRuMGShcjcQCEGtCQlcp5nSnGaZAa1u5r RzbEuKGo2Q/f1fWXGXq2CnxZ6mrWd8fPPbm/n068RdslAaYOjHTZ9H2//UlkGoxX NG1DwajSi/J6PckWCdxGxZBX50wHq0e26dQGw1KxhPt889yoql7B+1K3jgE/n0Sn V0XNEbO3p85055lXxW5C8/uqbyBpoJrrcC+T9lbUscmACj1Ghc4UFfn1r9ZHINXJ qMEGw9U0AZ2NBkd4DTcHGP3UNSSRw+AyDvrddwS5wfHdDH9qa/nzUgI8YTL4Drmv TX5Chw2M+sYiz12SEHHTTRSxGA2dB6NuR//9tAC5Fxphv/44JAAVVO+RBcRMe5XW L2qEWUhFK/4gv94vAZztuexBVopCw/JVt/opFmZFcZ3+LEKGpMH4JRZhf6b2D3a0 COKQ+BYMB8OXcDnBeS99zUKGI+6O5kLD5+R4LoloGetahz7QrevhBwsL+xG9MdN5 jckHjBC6CsK+TuYe/i0n69WMc0476HHje8cUdB4It++lIo6Y+oztKFKcdrHynQ+k mif1LGrXRDvTT7nX/XB5yKaPWnp1iEJvwunlhFOoX0z8XCCH -----END CONTAINER----- O:-----BEGIN CERTIFICATE----- MIIC8zCCAlygAwIBAgIKAW/Daxku7MwdMjANBgkqhkiG9w0BAQUFADBaMQswCQYD VQQGEwJVUzETMBEGA1UEChMKQXBwbGUgSW5jLjEVMBMGA1UECxMMQXBwbGUgaVBo b25lMR8wHQYDVQQDExZBcHBsZSBpUGhvbmUgRGV2aWNlIENBMB4XDTE0MDUyMTAz MDM0MFoXDTE3MDUyMTAzMDM0MFowgYMxLTArBgNVBAMWJDY1REUyOEIzLTRFQ0Mt NDc4Mi1BMjYzLTNCMDA3REIwREY5MzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNB MRIwEAYDVQQHEwlDdXBlcnRpbm8xEzARBgNVBAoTCkFwcGxlIEluYy4xDzANBgNV BAsTBmlQaG9uZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0ABlv8+3PF1U 8DZNBUjFM58WXRW4cWqCN6rZorHR9aHeT8G2uYMGMU9VJ2Vpb3fUdqnD61/IMtDF merqJkCQd57bfsDHEjU3LxesaGDh6nmHpXOgUcBEFAO2upj4VtY+mrbbwhUBnDwf 7gXVyZjibNAkRILv7wUBohn1S42EaF0CAwEAAaOBlTCBkjAfBgNVHSMEGDAWgBSy /iEjRIaVannVgSaOcxDYp0yOdDAdBgNVHQ4EFgQUXJgw9rFORO4fSaR3hrC1PiUI 480wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBaAwIAYDVR0lAQH/BBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMBAGCiqGSIb3Y2QGCgIEAgUAMA0GCSqGSIb3DQEB BQUAA4GBAFX57vZrMGjfaC1En2SXPY01xWr8r5TK7lZW0zQj6uoNsVZ7uqcOX3oO bI+LXWTJPNnW6ZjHepNDGi1QkLwte6u5bQ4exxSJMP0QNm4iXUfksI3ULuHS3A3a z+sururaE77Qd+Qwc2gtPKqbywGUpt+2fm1DbjTc4c4ECzbmKXA7 -----END CERTIFICATE----- O€ ÂúR]d¶ÅKX^75ƒØgTKå£~{³yJ”ÒÕº9âTð’4`¢§µæ”R°˜¾Ï›÷;fc¥þ6Æ yYÜÏ —²²OÕõã·ÆnTgÎ-Ÿû?pMbks˜òH6,oYøîúæ¥ü^O¾2ÁÁšëÁû$   / < N b x mÓOQ 

Ô

[XeNiRoX]

Why are you testing with an iPhone 3GS(012030005941102)? or am i wrong !!

[itadepro]

not miss this cert it out of a mini ipad O:!

[XeNiRoX]

miss ?!! by the way, replaying the same flow to albert after many hours, i got a response. Can we digg more here? or already done?

[itadepro]

sorry my bad English that certificate is the result of a bypass done ... the joke here is to clone the script and make the key well

[carcabot]

@xenirox I've discovered the same thing yesterday, if i keep the same flow, and I run it separately in curl, I saw that iPhone will activate automatically once is reset, I dug a lot on this flow and I can't break it for other phones yet.

[Optigonnn]

Does this work, I have an iphone 5s if we could test iOS 7.0.4 Itunes 11.1.5

[XeNiRoX]

I think, that it will hard to decrypt the server key or the algorithme user to crypt data. I think that albert could be tricked to respond with activation data correctely, otherwise, why bypassers got icloud bypass and no GSM service? it's because they couldn't have all the activation records.

If anyone, had written some code with GUI to send various informations to albert, please share with us.

[Optigonnn]

this was released, it works but it says "invalid blablabla" http://rghost.net/56143073

Essentially it says go to /deviceservices/index.php and change where it says C:// blablabla

[danzatt]

They don't get WildcardTicket, so the baseband can't tell if it's unlocked or not so it just has no signal.

To send custom data to albert you can for example use Posterman plugin (https://chrome.google.com/webstore/detail/chrome-poster/cdjfedloinmbppobahmonnjigpmlajcd). But you can't change anything anyway because ActivationInfoXML is signed by FairPlayKeyChain, so if you change a single bit in ActivationInfoXML the signature breaks and albert replies with an error. The only way to get around it I can think of is to grab FairPlayKeyChain from device (the signing process is handled by fairplayd bunary but there are no information on how to do so) or to edit ActivationInfoXML by directly by patching lockdownd binary (a lot of reverse engeneering and ARM assembly).

[carcabot]

@P4r4doX you have right, I've tried all the ways to reproduce ActivationInfoXML and that is not possible to edit it, BUT, if i repeat the same original request, it works very well, but only for my phone.

Theoretically there's no way to bypass iCloud for the moment.

[Optigonnn]

@carcabot Doulci?

[carcabot]

@Optigonnn I'm not sure if they succeeded. We will see when they will turn on their server.

[XeNiRoX]

for now Doulci is just a bypass. i'm sure there is a bug on Albert, i remermber seen someone got informations relative to an iPhone based on his IMEI only, so .....

[carcabot]

I've found that the wildcard ticket is changed when the icloud login window appear, until then i can activate my phone with same keys generated last time.

[danzatt]

Doulci works, I have tried it about 2 weeks ago. Somewhere I've got saved response from them as well (it's the same as from albert, but activation ticket only contains UDID and ActivationRandomness, nothing more. Activation ticket from them doesn't contain WildcardTicket, that's why carrier doesn't work.).

[XeNiRoX]

Can u share please? Or PM if you want

[zawzawsugu]

i have 5s bypassed by minacrises and jailbroken too did u need some file give me the name i can find from my phone before they ask for atteched file

On Thu, Jun 12, 2014 at 6:14 PM, xenirox notifications@github.com wrote:

Can u share please? Or PM if you want

Reply to this email directly or view it on GitHub https://github.com/carcabot/iCloud-Bypass/issues/5#issuecomment-45881535 .

[carcabot]

If you have it jailbroken can you attach the entire folder /var/root/Library/Lockdown ?

Thanks

[zawzawsugu]

hope this help

On Thu, Jun 12, 2014 at 7:29 PM, carcabot notifications@github.com wrote:

If you have it jailbroken can you attach the entire folder /var/root/Library/Lockdown ?

Thanks

Reply to this email directly or view it on GitHub https://github.com/carcabot/iCloud-Bypass/issues/5#issuecomment-45887728 .

[danzatt]

The attachement isn't delivered to Github. Can you upload it somewhere (dropbox, ...) and post link ?

[danzatt]

@Optigonnn where did you get that files from ?

[zawzawsugu]

give me your mail

On Thu, Jun 12, 2014 at 9:52 PM, P4r4doX notifications@github.com wrote:

@Optigonnn https://github.com/Optigonnn where did you get that files from ?

Reply to this email directly or view it on GitHub https://github.com/carcabot/iCloud-Bypass/issues/5#issuecomment-45905916 .

[zawzawsugu]

https://www.dropbox.com/sh/y3dh5ful709e9y2/AABRLvByHpY-JIkKJmWLUa6ma

On Thu, Jun 12, 2014 at 10:05 PM, zawzaw sugu zawzawsugu@gmail.com wrote:

give me your mail

On Thu, Jun 12, 2014 at 9:52 PM, P4r4doX notifications@github.com wrote:

@Optigonnn https://github.com/Optigonnn where did you get that files from ?

Reply to this email directly or view it on GitHub https://github.com/carcabot/iCloud-Bypass/issues/5#issuecomment-45905916 .

[zawzawsugu]

https://www.dropbox.com/sh/y3dh5ful709e9y2/AABRLvByHpY-JIkKJmWLUa6ma

[itadepro]

is the 5s??

[zawzawsugu]

yes ios 7.0.4

On Thu, Jun 12, 2014 at 10:41 PM, itadepro notifications@github.com wrote:

is the 5s??

Reply to this email directly or view it on GitHub https://github.com/carcabot/iCloud-Bypass/issues/5#issuecomment-45912770 .

[itadepro]

I have an iphone 5c with activated after the bypass signal ... I do not remember if it was or aquatime minacriss sorry my bad English

[itadepro]

https://fbcdn-sphotos-h-a.akamaihd.net/hphotos-ak-xpa1/v/t34.0-12/10422565_575591479229101_4053303740016324134_n.jpg?oh=a9908b4def724cd496dab7308c21562e&oe=539BCC51&__gda__=1402736327_8901becf477a2d38be8b39647cc65d98

[XeNiRoX]

did you pass it?

[zawzawsugu]

no activation loop ?

On Thu, Jun 12, 2014 at 10:58 PM, xenirox notifications@github.com wrote:

did you pass it?

Reply to this email directly or view it on GitHub https://github.com/carcabot/iCloud-Bypass/issues/5#issuecomment-45914866 .

[XeNiRoX]

when did you activate it? last days? yesterday?

[itadepro]

if you did the bypass ... it was like 2 weeks ago ... do not remember if it was the server or aquatime minacriss

[XeNiRoX]

hummmm, interessing

[itadepro]

the trouble is that when you take out the sim to the device appears bootloop and has ios 7.1.1 no jailbreak :(

[thejames1012]

So is there any way to do it? im checking out itadepro's files from drop box for exploits

[Optigonnn]

It has something to do with this read wat Ragemasta said when he was having the error "Invalid blablabla" http://pastebin.com/eq00t0JJ

[XeNiRoX]

i have a question, can we decrypt the FairPlayKeyData with device_private_key ? i tried and tried but always errors !!

[zawzawsugu]

ragemasta error is he bypass on itunes and cannot bypass on device then he start asking that files

On Fri, Jun 13, 2014 at 3:06 PM, xenirox notifications@github.com wrote:

i have a question, can we decrypt the FairPlayKeyData with device_private_key ? i tried and tried but always errors !!

Reply to this email directly or view it on GitHub https://github.com/carcabot/iCloud-Bypass/issues/5#issuecomment-45987977 .

[zawzawsugu]

minacrises also same on that stage and he figured out some how

On Fri, Jun 13, 2014 at 3:16 PM, zawzaw sugu zawzawsugu@gmail.com wrote:

ragemasta error is he bypass on itunes and cannot bypass on device then he start asking that files

On Fri, Jun 13, 2014 at 3:06 PM, xenirox notifications@github.com wrote:

i have a question, can we decrypt the FairPlayKeyData with device_private_key ? i tried and tried but always errors !!

Reply to this email directly or view it on GitHub https://github.com/carcabot/iCloud-Bypass/issues/5#issuecomment-45987977 .

[gibsfun]

Hi guys, i have a problem "Fatal error: Call to undefined function openssl_csr_sign() in C:\xampp\htdocs\deviceservices\deviceActivation\index.php on line 45" Somebody can help me?

[awesome-o]

@gibsfun if your using the zip file attached on this issue then look in the root of the directory inside the folder deviceactivation you'll find the index.php in that file there's a line that has "C:/..." include. You can search and replace. That should fix your issue

[gibsfun]

I do it, bit dont work "/

[awesome-o]

Add a zip of your changes and ill take a look

[gibsfun]

Date: Sat, 14 Jun 2014 10:47:47 -0700 From: notifications@github.com To: iCloud-Bypass@noreply.github.com CC: lg.theoriginal@hotmail.com Subject: Re: [iCloud-Bypass] contact me (#5)

Add a zip of your changes and ill take a look

— Reply to this email directly or view it on GitHub.

[gibsfun]

Now, i got another problem, A message appears "Congratulations, your iPhone has been unlocked. To set up and sync this iPhone, click Continue."

When i Click on "Continue" a undefinied error from itunes come... (-1202)

The file in Zip: http://www.4shared.com/rar/wLpSDgLEce/Bypass-fungibs.html?