Jump to content


Photo

iCloud lock - Brainstorm with me


  • Please log in to reply
18 replies to this topic

#1 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,512 posts
  • Location:QLD

Posted 08 January 2018 - 07:20 PM

So work was handed a pile of iPads (ipad 3's I think?) and one of them is iCloud locked.

These are all our devices, purchased by us, but there is no way to know what staff member had this one.

I know their name starts with K, and @p......au

In other words, they used their domain email account, thank christ.

 

Now, before I go down the long path of trying all 400 staff whos name start with a K, does anyone have any ideas?

 

Im happy to open up and solder serial cables onto the board, or jump pins on the memory chip.

There are no limits, I just want it working again.

 

Really, all I need is the associated email address; then I can take ownership of it on my domain, 'forgot my password' and go from there.

But for some reason it only shows the first letter.

 

ideas?


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#2 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,549 posts

Posted 08 January 2018 - 07:30 PM

In theory you can just factory reset these things by USB attachment then use iTunes or a 3rd party utility.

 

Have a friend who's iPhone is in a similar situation but not got my hands on it to test out yet.



#3 Jeruselem

Jeruselem

    Guru

  • Atomican
  • 14,714 posts
  • Location:Not Trump-Land

Posted 09 January 2018 - 12:51 AM

I'm assuming there was no tracking system in place to track what device was given to who?


“We’re not going to stop the wheel. I’m going to break the wheel.” - Daenerys Targaryen

 

"We have some of the most beautiful hookers in the world" - Putin to Trump


#4 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,549 posts

Posted 09 January 2018 - 01:41 AM

Probably something like MAC address which you'd need to have the thing booted up to look at... then again if it's hitting up the domain for authentication then you should be able to find it out once it connects by Wifi.

But then it's only useful if someone has bothered to maintain an asset register entry linking MAC to whoever is the user of the thing.


Edited by Rybags, 09 January 2018 - 01:44 AM.


#5 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,512 posts
  • Location:QLD

Posted 09 January 2018 - 08:38 AM

In theory you can just factory reset these things by USB attachment then use iTunes or a 3rd party utility.

 

Have a friend who's iPhone is in a similar situation but not got my hands on it to test out yet.

 

Nope, that trick got me past the PIN lock, but the iClous lock happens when you connect to WiFi.

Checks the product ID.

 

I can't even see serial headers on the board to tap into.....

This is going to be a matter of finding every ipad user who starts with K ><


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#6 Jeruselem

Jeruselem

    Guru

  • Atomican
  • 14,714 posts
  • Location:Not Trump-Land

Posted 09 January 2018 - 08:52 AM

Short of hacking that apple 🍎 database, or finding a way to completely wiping the iPad of all data, looks like you are stuck.

“We’re not going to stop the wheel. I’m going to break the wheel.” - Daenerys Targaryen

 

"We have some of the most beautiful hookers in the world" - Putin to Trump


#7 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,512 posts
  • Location:QLD

Posted 09 January 2018 - 09:52 AM

I guess buy a shattered one, and replace the mainboard?

 

I do have some contacts inside apple, I might ask them to look at people who are using our domain.

I'm sure they're not allowed to PROVIDE the info, but he can talk from memory ;)


Edited by Master_Scythe, 09 January 2018 - 09:53 AM.

Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#8 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,549 posts

Posted 09 January 2018 - 11:24 AM

Seems it's probably not possible if it's a newer device.   They beefed up security to prevent users factory resetting so easily as a theft prevention measure.

 

Still, I do suspect you might be able to get the MAC out of it if it can connect to a wifi network though what use if it's not kept in a local database.

 

The problem with new logic board is that it'll probably cost 80% or more the price of replacing the entire device anyway.



#9 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,512 posts
  • Location:QLD

Posted 09 January 2018 - 11:32 AM

Seems it's probably not possible if it's a newer device.   They beefed up security to prevent users factory resetting so easily as a theft prevention measure.

Still, I do suspect you might be able to get the MAC out of it if it can connect to a wifi network though what use if it's not kept in a local database.

The problem with new logic board is that it'll probably cost 80% or more the price of replacing the entire device anyway.

 

Yeah, it's pretty bullshit.

We had law enforcement go in, in person, and they still refused to help.

 

I don't want the fucking password, I just need to know the email address so we can start working through it.

 

Whoever in apple decided a SINGLE letter was enough, was a fucking braindead retard, and I'll say that to their face.

We have 2000 employees, "Oh, there's a K in the name" isn't fucking helpful.

 

We can get a court order seizing their records of customers related to our business, as we're related to law enforcement; but it's a fuckload of effort to unlock an ipad.


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#10 Jeruselem

Jeruselem

    Guru

  • Atomican
  • 14,714 posts
  • Location:Not Trump-Land

Posted 09 January 2018 - 12:51 PM

That's why I don't buy 2nd hand iphones or ipads, if they are icloud locked you are just stuffed with a brick.

At least with an android device you can load some kinda android system on it via your PC.


Edited by Jeruselem, 09 January 2018 - 09:31 PM.

“We’re not going to stop the wheel. I’m going to break the wheel.” - Daenerys Targaryen

 

"We have some of the most beautiful hookers in the world" - Putin to Trump


#11 Jeruselem

Jeruselem

    Guru

  • Atomican
  • 14,714 posts
  • Location:Not Trump-Land

Posted 11 January 2018 - 11:11 AM

I don't suppose it could have an "accident" and claim the insurance hey


“We’re not going to stop the wheel. I’m going to break the wheel.” - Daenerys Targaryen

 

"We have some of the most beautiful hookers in the world" - Putin to Trump


#12 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,512 posts
  • Location:QLD

Posted 18 January 2018 - 09:37 AM

I don't suppose it could have an "accident" and claim the insurance hey

 

Nah it's too old to warrant the premium.

I'm genuinely surprised that Police can't demand the NAME on the device.

I know apple can't decrypt things by force, or provide passwords;

But the name is CLEARLY in plain text somewhere (as it shows some of it).

 

"This device was recovered, who's was it?"

"Awwwwm we can't tell you, we're above the law despite having that info in plain text"


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#13 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,549 posts

Posted 18 January 2018 - 10:46 AM

The name might not necessarily be available without logging in.

 

To perform authorized login the phone would only need to send IMEI and the userid and password that the user has entered to the iCloud server.

Whether this is how it works, NFI.  But in a corporate sense its a friggen ridiculous way to run things.

 

From a quick look around it seems the general consensus is you can be SOL even if you know the userid but not the password.

And it seems there's plenty of scam sites around willing to take your moneys for no service provided in this area.

 

Isn't there sufficient control to change your Wifi parameters in the locked state?  Possibly you can get the IMEI details as well.



#14 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,512 posts
  • Location:QLD

Posted 18 January 2018 - 12:06 PM

The name might not necessarily be available without logging in.

 

To perform authorized login the phone would only need to send IMEI and the userid and password that the user has entered to the iCloud server.

Whether this is how it works, NFI.  But in a corporate sense its a friggen ridiculous way to run things.

 

From a quick look around it seems the general consensus is you can be SOL even if you know the userid but not the password.

And it seems there's plenty of scam sites around willing to take your moneys for no service provided in this area.

 

Isn't there sufficient control to change your Wifi parameters in the locked state?  Possibly you can get the IMEI details as well.

 

I can retrieve the password just fine, because I can tell it's one of OUR domain email accounts.

So I'll just put a redirect on, or take over the email while I reset password.

It's all above board; its not a personal device, its a company device.

 

Just that k.......@p.........au isn't enough to know. We have multiple users whos name start with K.

And knowing this is an old user, tons who also are now left.

 

to be able to show the 'K @ p .au' part, the email address MUST be in plain text.


Edited by Master_Scythe, 18 January 2018 - 12:06 PM.

Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#15 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,549 posts

Posted 18 January 2018 - 12:11 PM

Maybe... or maybe it only makes the obscured id accessible.

For unique identification they'd need to use the IMEI since multiple devices could share the same email/AppleID account, so in theory they could just store the obscured email ID + a hash of the full ID.

 

Getting info on this, or anything complex Apple related really is a treasure hunt.  The fly-shit to pepper ratio of Apple information via searching on the net is about 5 times that of Windows stuff.



#16 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,512 posts
  • Location:QLD

Posted 18 January 2018 - 02:02 PM

Maybe... or maybe it only makes the obscured id accessible.

For unique identification they'd need to use the IMEI since multiple devices could share the same email/AppleID account, so in theory they could just store the obscured email ID + a hash of the full ID.

 

Getting info on this, or anything complex Apple related really is a treasure hunt.  The fly-shit to pepper ratio of Apple information via searching on the net is about 5 times that of Windows stuff.

 

Luckily I DO know someone who works in Apple. In the Level3 support.

So perhaps I can get him to look for me.

 

We shall see. And I shall report back.


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#17 Rybags

Rybags

    Immortal

  • Super Hero
  • 35,549 posts

Posted 18 January 2018 - 02:06 PM

Ask him for one what's the lack of any commonsense behind having a concealed userid prompt and no unique identifying info available which inevitably causes such clusterfucks in a corporate environment.



#18 Master_Scythe

Master_Scythe

    Titan

  • Hero
  • 20,512 posts
  • Location:QLD

Posted 19 January 2018 - 09:01 AM

Ask him for one what's the lack of any commonsense behind having a concealed userid prompt and no unique identifying info available which inevitably causes such clusterfucks in a corporate environment.

 

It also means if someone steals the ipad, or it's lost and recovered, you can't email the owner.

And neither can police.


Wherever you go in life, watch out for Scythe, the tackling IT support guy.

"I don't care what race you are, not one f*cking bit, if you want to be seen as a good people, you go in there and you f*ck up the people who (unofficially) represent you in a negative light!"


#19 Jeruselem

Jeruselem

    Guru

  • Atomican
  • 14,714 posts
  • Location:Not Trump-Land

Posted 19 January 2018 - 09:51 AM

 

Maybe... or maybe it only makes the obscured id accessible.

For unique identification they'd need to use the IMEI since multiple devices could share the same email/AppleID account, so in theory they could just store the obscured email ID + a hash of the full ID.

 

Getting info on this, or anything complex Apple related really is a treasure hunt.  The fly-shit to pepper ratio of Apple information via searching on the net is about 5 times that of Windows stuff.

 

Luckily I DO know someone who works in Apple. In the Level3 support.

So perhaps I can get him to look for me.

 

We shall see. And I shall report back.

 

 

Friends in high fruity places?


“We’re not going to stop the wheel. I’m going to break the wheel.” - Daenerys Targaryen

 

"We have some of the most beautiful hookers in the world" - Putin to Trump





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users