XRY’s iOS Passcode Cracking Exploit Exposed By @Chronic

Last week, we showed you how easy it is for security agencies to crack an iOS device’s four-digit passcode by using a software named ‘XRY’ and extract information like GPS location, call logs, contacts, messages and more. While the XRY demonstration video has now been removed from YouTube, Will Strafach a.k.a @Chronic has posted details (via 9to5Mac) revealing the real truth behind XRY’s iPhone passcode cracking exploit.

He explains that the software does not use any jailbreak exploits but rather loads a custom ramdisk by using GeoHot’s ‘limera1n’ exploit. He further said that anyone could put together their own ramdisk using open source tools. He continued that the “two-minute” claim of Micro Systemation is only true if a passcode is “0000.”

Here is @Chronic‘s explanation:

“Due to the not-so-techincally-informed reporters writing about the XRY software, this fact has been overlooked. Personally, I think it’s a pretty important fact. The simpliest way to “thwart” the use of this software on your phone would be to get the latest model, because (as people who are farmilliar with jailbreaking know) the limera1n exploit is fixed in the bootrom of the A5 (iPad 2 and iPhone 4S) as well as the A5X (iPad 3) chip.”

This clearly means that XRY cannot be used on iPhone 4S, iPad 2 or the new iPad, something most publications have not yet reported!