Just curious if anyone has attempted this?
UFED PA allows unlimited attempts but you have to manually enter the password (which makes me wonder why UFED don't include a brute forcer as part of PA. Allow us to set the parameters for the attempt then walk away and let PA run the crack attempt)
Which IPhone (and O/S) are you trying it with?
Not that it would make any difference, but i'm pretty sure you can set the UFED to crack the password. I think the purpose of allowing you to attempt it, is to prevent the password from being 9999 and you having to wait until the end.
UFED PA will crack the simple password (4 digits), I'm talking about the complex password which you can set which can be anything you can type on the keyboard. This option doesn't appear when it's a 4 digit password, PA just gives you the option of cracking it.
The other alternative is a third party cracker that will work with PA by taking advantage of the text box where you can enter the password.
I've only limited experience in the past using crackers and generally only do it when there is a specific need so I'm not sure what might work.
My bad. Wasn't aware IPhones had the ability to have complex passwords like that. I was just under the impression it was a 4 pin only.
I think the biggest consideration would have to be the amount of time it would take to break a complex password, unless you have some idea of what it might be. In theory, we could all be dead before the program figured it out.
In theory, we could all be dead before the program figured it out.
In that case, I'd make sure to bill by the hour.
There are some instances where time is not a major factor, and yes if the password is truly long and complex brute forcing won't get the result in our lifetime, however most good brute forcers will give you some control and options to work with.
For example allowing you to set the minimum/maximum length and the characters. I know from experience that people are lazy so they might set the complex password then will more than likely just use only lower case letters and maybe, maybe a number. So we limit the keyspace to lowercase letters and numeral and then set the crack running.
Add a dictionary crack to the mix first before the brute forcing and then you have a better chance of cracking it.
I have previously set up 'crowbar dmg' on a Mac laptop and left that running for 2 years to crack an encrypted DMG file from a suspects computer. I got the password and cracked it…so while not really viable for the corporate world LE sometimes can have that time to just leave things running and see what happens.
It's mainly about adding functionality to an already fantastic tool, and for me having the cracking as part of PA was a logical step.
If you have an idea what it is in text, you can boot the phone up forensically using the UFED, then attempt lettered passwords manually. It will salt and hash them live and tell you whether its right. I have had this work successfully typing in known passwords from the offenders computer.
If you don't believe me put a word password on the phone, boot it up forensically using the ram disk in pa and type the password in. When you get it right it gives you the green tick and will decode the emails etc.
Adam,
I am happy that you like our tool.
Some of the above idea's are in the pipeline.
Ron
I suspected they might be Ron 😉 but it's good to know for sure.
@ mobileforensicswales Yes I was aware of that and tested it and you are spot on that is an option I can use particularly when the owner of the phone knows the password might be one of a few but can't quite remember.
I was thinking more in terms of when no password is known or suspected.
But it sounds like my wish will come true at some point in the future )