Friday, October 27, 2017

How Not to Bypass Activation Lock on an iPhone 4S

We recently tried to bypass Activation Lock (i.e. iCloud Lock) on an iPhone 4S of ours.  It didn't work, but for posterity, here is what we did.

First we googled around, and downloaded the so-called "iPhone Hacktivate Tool".  There are lots of dead links to this tool, but here is one that worked for us - and in case that link dies, here is one hosted by us.

Trying to run the hacktivate tool, we kept getting the error "INIT FAILED (mux thread)".  To get past it, we had to install a 32-bit version of iTunes (based on the comments on this post).  The regular 32-bit iTunes installer will not install on a 64-bit PC, but this version of iTunes "for older video cards", as a 64-bit installer for 32-bit iTunes, will.

With 32-bit iTunes installed, we were able to run the Hacktivate tool.  By this time we had been warned on IRC several times that hacktivating a 4S would be impossible, since there was no bootrom exploit for the 4S - but we were determined to try it anyway.  There weren't any clear error messages from the hacktivate tool.  After it finished we excitedly stared at the Apple logo for several minutes.

Then we realized that the iPhone was stuck in a boot loop.  Getting it out of the boot loop was a pain.  We could get the device into recovery mode, and we weren't 100% sure if we could get it into DFU mode, since iTunes would no longer recognize it no matter what we did.  After much googling we discovered this post describing our exact problem: an iPhone 4S stuck in a boot loop, and iTunes not recognizing it in recovery or DFU mode.  The solution described in that post was to connect the iPhone to a computer without iTunes, put it into DFU mode, then disconnect it and connect it to a computer with iTunes.  We did this, and luckily it worked.

So now our phone is no longer in a reboot loop, but is back to Activation Lock.  Good work, Apple.  Very robust.

If anyone knows how to crack the Activation Lock on an iPhone 4S, or rather fuzz the USB connection to search for exploits, etc. etc., we would appreciate the info.

No comments:

Post a Comment