iCloud Activation Lock Bypass with R0bf0rdsn0w

iH8Sn0w Releases R0bf0rdsn0w – iCloud Activation Lock Bypasser?

iH8Sn0w seems to have released a tool dubbed as “R0bf0rdsn0w“, allegedly an iCloud activation lock bypass. However, he has archived this iCloud activation bypasser tool and made it nearly impossible for most of the people to unarchive it, as it requires to follow some seriously complicated steps to figure out the password required to unarchive the R0bf0rdsn0w zip files.

For those not familiar with the iCloud activation lock feature: with iOS 7 or later, Apple introduced a new feature in Find My iPhone called Activation Lock, which is enabled by default when you setup Find my iPhone on your device. The iCloud Activation lock makes it harder for anyone to use or sell a lost or stolen iPhone, iPad or iPod Touch. Activation lock requires the owner’s Apple ID and password to turn off Find My iPhone, sign out of iCloud and erase and reactivate your device. In short, a lost or stolen device, with iCloud activation lock enabled, becomes useless without owner’s Apple ID and password.

In response to a petition at change.or, iH8sn0w announced the release of R0bf0rdsn0w as a universal iCloud Activation Lock Bypasser. Here’s what he posted on the blog about R0bf0rdsn0w.

Good night.
Whoever grabs the key first gets my heart.
FTR, you’ll need an A5 (s5l8940x) iBoot exploit to get the password. Let the games begin.
Full instructions are posted on the site.”

Yes. After the change.org petition reached so many petitioners. How could I NOT release this?
Thieves worldwide unite!
The universal iCloud Activation Lock Bypasser is finally here.

r0bf0rdsn0w banner

Here are the instructions to get the zip password to unarchive the iCloud activation lock bypass tool:

How do you get the zip password you’re asking? Easy… (no survey bullshit)

  1. Encrypt the string “r0bf0rdsn0w-r0bf0rdsn0w-r0bf0rdsn0w-r0bf0rdsn0w!!” with the s5l8920x AES GID key.
  2. You know you got this right when the IV is… E6A9B03D9670523CFA8849A23A28722E
  3. This part was posted on twitter…
  4. Decrypt the outputted IV+Key from the s5l8920x with the s5l8930x AES GID key.
  5. You know you got this right when the KEY is… 027132EF9D79AE6CD38E1E2CD3ED9080860EF53ED1CBA6D8395BDBCF541C1E2B
  6. Finally, encrypt the outputted IV+Key from the s5l8930x with the s5l8940x AES GID key.
  7. You know you got this right when the IV starts with F8A555D2 and the KEY starts with F4DFD3CB.
  8. The password is the final IV+Key from above, 32-bit endian byte flipped.

Enjoy! 🙂
* Password will be posted publicly (without the effort from above) when this method is patched.

You can also find some sample code at the bottom of the R0bf0rdsn0w site as a hint if you’re trying to figure it out.

While we are aware the tool is release on Apple Fools and it’s hard to unarchive it, still iH8Sn0w has insisted this is real. We’ve not tried it. Good luck to those making an effort.

Download R0bf0rdsn0w

54 comments… add one

Leave a Comment