Discuss

[TTMTT]

Hi.. I just open this discuss becose the old topic is full and slow for browser ..

Last Method:

method 1 : via (other xml not to deviceservices - exploit) method 2 : via (apple cert & key and i can downgrade to any ios) method 3 : via (change some string by hex on ELF file << some times i got error) method 4 : via (use apple ssl cert or real ssl in server and change some string in iphone)

iCL0udin v1.0 have this method:

method 1 : via (other xml not to deviceservices - exploit) method 2 : via (apple cert & key and i can downgrade to any ios)

[TTMTT]

@DevSecurity i just need SSL for the method 4.. i tested apple SSL but i don't have symantc CA for that .. i need a vaild SSL & ip server for testing..

@albastrel i'm still working (iCL0udin) - > %80

@pldtn yes, i have a server .. i can use method 1 and 2 on my server.. but the method 4 i need a vaild SSL & server for testing.. Thank you @TheLordin

[TheLordin]

@TTMTT Yeah, 're together pro whatever comes my friend

Att, TheLordin

[ghost]

@TheLordin Thanks for quick answer. @TTMTT If you want so i can buy SSL + Ip for you!

[TheLordin]

@DevSecurity I've thought this hypothesis, but the server only paid no use, have to develop the method to validate the SSL correctly ..

Att, TheLordin

[TTMTT]

@DevSecurity No, don't buy.. becouse the method 4 is alpha & testing ..

[ghost]

Oh! that's the thing okay brother if you want any help regarding anything to buy or that, you may could ask anytime att devsec@workmail.com

[ghost]

And besides all thing I'm Certified From Aptech Software Engineering Institute I can manage to develop your program in any language you want just want some clearance and know how on that topic :)

[Taruga]

I still have problems with certificate and token signature :( Sep 27 18:18:45 iPhone lockdownd[52] : 01ac7000 verify_ar: The device certificate did not match Sep 27 18:18:45 iPhone lockdownd[52] : 01ac7000 handle_activate: Could not verify with production certificates. Attempting factory certificates Sep 27 18:18:45 iPhone lockdownd[52] : 01ac7000 verify_ar: The account token's signature does not match Sep 27 18:18:45 iPhone lockdownd[52] : 01ac7000 set_response_error: handle_activate InvalidActivationRecord

[khiiiyproject]

@TTMTT please send me to rh3band@gmail.com

[whitelion121]

also seeing this only when fiddler is open

[oncomangus]

how to start look info account email icloud from idevice...?

On Sunday, September 28, 2014 1:56 AM, whitelion121 notifications@github.com wrote:

also seeing this only when fiddler is open — Reply to this email directly or view it on GitHub.

[khiiiyproject]

@whitelion121 lmao,,, people tell me,,, xxamp method was patched..

[Taruga]

old method was patched, got to find a new one ;)

[oncomangus]

@Taruga...rename etc or....? cause the server as albert apple was bloked

[Taruga]

@oncomangus Don't know. I can only find old methods that used to work on April or something, since then seems that they all stopped working. Since we are testing with our own servers, the problem is not albert being blocked but some kind of certificates issue. I´m a newcomer to this issue of icloud bypass, so I´m still learning and studying it

[oncomangus]

@Taruga same me too....go bypass n goodbye hola..hallo..bonjour..whatever in a screen iphone #bored

[drmatrix]

@TTMTT Check ur email

[jgsaade]

I think about apple gona patchd this method .. but dat Min@Criss have sucesufull BYPASSSSSS :( DAMN

[CristianLin1]

@TTMTT so you say that you can downgrade an A5 device ? and remember all the activaton process is in SSL and to get the data as the people below shows , its quite easy , even more . i will say how to do it for free , download fiddler , conect the iDevice and sniff or capture the incoming packets , then use a base64 decoder . done . you can get all the information of the device as the people abobe shows , i know a lot about daemons and i did my research in the bypass and i had success , but i have no problem in helping pepople that want to work for it . PD : cURL works for "something" not to bypass the device .

@CristianLin1 .

[TTMTT]

@CristianLin1 ((((so you say that you can downgrade an A5 device ?)))) Yes i say that.. i can downgrade iphone 4s but just alpha testing..

((((i will say how to do it for free)))) I don't need money, i just love nulled, decode and famous..

((((download fiddler , conect the iDevice and sniff or capture the incoming packets , then use a base64 decoder . done)))) It seems you still learning..

(((( PD : cURL works for "something" not to bypass the device .)))) It seems you don't know how to use cURL.. or PHP

[ghost]

I saw gadgetwide icloud system i was thinking it wont work but dont know how i just installed it into my system and connected my iphone but thing was i haven't inserted my sim in it and what i saw is i go t 25 credit automatic and while i'm connecting my device i'm having "Unable to Activate Your Phone Please Insert Sim Card"

[ghost]

@TTMTT While checking gadgetwide i found this 50.116.17.87 albert.apple.com

[ghost]

i have ip works :+1:

[ghost]

@MxFire about which ip are talking?

[ghost]

I got unlocked itunes but not iphone

[oncomangus]

can i know @MxFire

On Sunday, September 28, 2014 2:32 PM, MxFire notifications@github.com wrote:

i have ip works — Reply to this email directly or view it on GitHub.

[ghost]

Exactly this is the problem that not only unlocks iphone itunes u.u

[ghost]

I find repairing files and trying to make a modified IPSW

[ghost]

So, i said about which ip you were talking?

[oncomangus]

188.226.251.76 albert.apple.com Maybe like this

On Sunday, September 28, 2014 2:41 PM, DevSecurity notifications@github.com wrote:

So, i said about which ip you were talking? — Reply to this email directly or view it on GitHub.

[ghost]

Its an old ip.

[oncomangus]

but..u can open itunes.....itunes only not bypass device

On Sunday, September 28, 2014 2:43 PM, DevSecurity notifications@github.com wrote:

Its an old ip. — Reply to this email directly or view it on GitHub.

[nunovexia]

@oncomangus thats the problem,,,i think apple has patched that

[ghost]

Nope! apple can't patch :v because you're using locally

[nunovexia]

what we searching for that how to get activation token which that apple could validate,,, again focus on this point : (((iTunes generates an Activation Token))) and sends it to Apple's activation server. Once the Activation Token is validated, the server will generate a WildcardTicket and signs it with Apple's private key. iTunes then calls AMDeviceActivate with the WildcardTicket; (((The device gets the WildcardTicket and checks if the signature matches))). If it does, it get pasts the emergency call screen and allowing the use of the iPhone. All devices actually go through this process (((iTunes generates an Activation Token))) (((The device gets the WildcardTicket and checks if the signature matches)))

[ghost]

Ah! that's the thing. SO now what we're gonna do any idea? i think TTMTT have done with this

[nunovexia]

@DevSecurity im stuck on that point,,, ;(

[ghost]

Yeah! same thing with everyone excepts @TTMTT i thought he got the solution, i'm praying if he would come back and share with us!

[nunovexia]

@DevSecurity ,,try see this pic.twitter.com/Vc0h3lZGjt

[ghost]

Oh! he got doulci server certificates

[nunovexia]

i dont know where he got that,,but i think he managed to solve the puzzle just like @TTMTT told us,, the XML

[ghost]

Hmm... lets hope for well. don't know why they aren't Sharing :/

[ghost]

This is all what we want :( https://pbs.twimg.com/media/Bx3fOQ0CcAAHZxG.jpg

[nunovexia]

@DevSecurity do u have an email?

[insestito]

FairPlaySignature

HCJURM3xG2HN5XYfMDopmiPo1U8eVLelbCXQ+IPjP +QWfg/

[ghost]

@nunovexia Yes i have here it is devsec@workmail,com

[carcabot]

Hi guys,

I still watching this conversation and I'm very surprised that a lot of you is trying to get this work. I like it!

I've seen that the problem with generating certificate still exist. I will try these days to allocate some time to this project, maybe with the new version of iOS something is changed in our advantage ;)

Keep up the good work !

[ghost]

@carcabot We want it to be done anyhow. just trying our best skills!

[ghost]

have you seen this past ? http://pastebin.com/csa9RJss

[insestito]

look http://www.xmos.tk/

https://www.youtube.com/watch?v=hwYoVsUOfm0#t=23