New iCloud Lock screen exploits released by SoNick_14 this week. This new exploit will not unlock your iphone but its a really amazing bug on iOS icloud ID screen. The good thing of this New exploit is, you can try it and inject your code and find new methods to bypass icloud or crash to the springboard.
New icloud Bypass Exploit ( inject code into icloud lock screen ).
This only works on Activation lock screen on any iphone and ipad.
This is the code you must use to trigger the XSS, it works on iPhone 4 7.1.2 & iPhone 4s 8.4.1, feel free to test it in newer devices!
Email: @”/><html><![CDATA[<script>alert(“SONICK14”);</script>]]></html><buttonRow name=”1
Password: 3 spaces tap next and you’ll trigger the alert! Have fun!
- Connect to any Wi-Fi network
- Press next, get to Apple ID login and password request
- Enter there following line and password
This bug can have a lot of potential for developers it will let inject code and create new flaws in the icloud lock OS. For those who followed my blog know that in times icloud lock screen had a similar bug that allowed to bypass icloud lock and open web pages, also used by icloud DNS bypass captive portal.
Update: ICLOUDDNSBYPASS update this exploit to improve his icloud dns portal.