A Hacker Can Easily Crack Your iPhone Passcode by using brute force, he can crack the passcode and unlock your phone without any data loss, According to his research. When the iPhone is plugged in, keyboard input has precedence over the phone's passcode limit feature. The brute-force attack forces the handset to process all the different passcodes at once, bypassing iOS' erase data tool.
Earlier this month, we told you that on iOS 12, Apple's USB Restricted Mode will prevent the proprietary Lightning USB port on the iPhone from being used to communicate with other devices if the phone has not been unlocked within the past hour.
A hacker needs to take advantage of this interrupt request and send one long string of inputs instead of sending one passcode at a time. The attack only works after the device is booted up because there are more routines running.
Hickey initially took to Twitter to share what he believed were incredible findings: a way to "brute force 4/6digit PIN's without limits" [sic].
Hickey even posted a video of the hack in action, which supposedly bypassed Apple's security protections, by permitting him to enter as many passcodes as he wanted - even on the latest OS (iOS 11.3). By "modding" the iOS, you can download applications from third-party websites and stores, customize the interface of the device, etc. This video showed what was original believed to be a bypass exploit for the erase data function, however the SEP is not actually processing the majority of the input PIN's due to the aforementioned feature in iOS.
That's thought to have been one of the reasons why Apple is rolling out a new feature called USB Restricted Mode in its upcoming iOS 12 update, which is said to make it far more hard for police or hackers to get access to a person's device - and their data. This can be done by enumerating each code from 0000 to 9999 in one string with no spaces.
Let's just say the vulnerability is real, but it would take days just to crack the iPhone using multiple passcode combinations. In order to access that encrypted information, iPhones and iPads require users to enter a four- or six-digit passcode to protect the device that they choose during set-up.