Getting past locks (Yes another post but with a different angle)

Question

iPhone 7

Released September 16, 2016. Model 1660, 1778 Available as GSM or CDMA / 32, 128 or 256 GB / Rose gold, gold, silver, black, and jet black.

2264 Questions View all

Question Closed

db862017 @db862017

Rep: 1

Posted: Jul 21, 2018

Options

Getting past locks (Yes another post but with a different angle)

Hi folks,

Yes I know this has been spoken about soo many of times but I'm hoping this is a different take on it.

By Locks I mean Activation / iCloud etc. Yes that topic ' yet' again.

Here is the plan:

- One iPhone completely beyond repair (liquid for IE) but with a copy of a recent backup before being knackered.

- One iPhone of the exact model as the one above, locked "and" confirmed to not be stolen by local authorities / IMEI not blocked.

*I must stress this is "only" for legitimate purposes / reasons only*

Now it'd be fair to say if you made an identical copy (persuming it could be read) of the liquid damaged EEPROM / BB / Nand and implemented it on the locked phone, it would become in a loose sense identical to the liquid damaged phone and act as the liquid damaged phone did before it got damaged.

But that'd require moving those chips over. Massive pain I am sure we all can agree on.

So I'm curious how to escape this whole having to move chips across part.

Lets focus on the three chips:

NAND: Well this is the least of the worries, a direct clone can be made without removal.

BB (Baseband): SN / MLB / BT numbers, Color, Country etc would have to be changed over? Is IMEI a must if not IMEI iCloud locked?

EEPROM: What data needs to be brought over?

I've got the tools to directly access these chips without removing them from the logic board.

I again stress, this is for legitimate purposes only. The laws in my country differ from what is set in Apples Guidelines and whilst US Apple might not see someone as a owner, they are seen as the sole owner in the country I reside. So while doing the above may be breach of Apples Guidelines it's not against the law IMO and still perfectly fine to do this on the provision that you install a OS like Ubuntu on the phone instead.

Now lets see where this goes. I'm trying to take a different approach on this.

Answer this question I have this problem too

Is this a good question?

Yes No

Score 0

Add a comment

2 Answers

mayer @mayer Rep: 685.3k MacHale Enterprises 3.4k 1.1k 2.6k · Answer 1 · 2018-07-21T16:54:35-07:00

Most Helpful Answer

mayer @mayer

Rep: 685.3k

MacHale Enterprises

3.4k

1.1k

2.6k

Posted: Jul 21, 2018

Options

When you go to restore it is going to ask you for the passcode on the iPhone you want to restore to. If you do not have that …………….

Was this answer helpful?

Yes No

Score 2

2 Comments:

Let me try and understand this.

I'd like to be as clear as possible:

The liquid damaged phone I have a backup before it failed, the passcode, iCloud details etc.

So if I'm doing the restore and it asked for the liquid damaged phones passcode, I'd be fine? .. But I thought pass codes were stored on Nand?

Jul 21, 2018 by db862017

db862017 I think what @mayer is referring to is the fact that you still need the passwords to unlock the phone. "directly access these chips without removing them from the logic board." I am sure that this information will not be readily available. The FBI paid $1mil to get this done so I don't see that you will get it on here for free :-) Best of luck to you and let us know how itworks out.

Jul 22, 2018 by oldturkey03

Add a comment

Minho @refectio Rep: 221.4k 15 289 807 · Answer 2 · 2018-07-22T11:09:51-07:00

What exactly is the point of this exercise? Are you trying to access data from the liquid damaged board?

You need the CPU/NAND/Baseband CPU/ EEPROM as a matched set.

NAND: It is encrypted so even if you can fully clone it, it doesn't do much and quite frankly, it's a lot easier to transfer the NAND over than go through the steps necessary to clone it. If it's damaged, then the data is lost.

Baseband: There is no known way to read/program the Baseband CPU. You can put another BB CPU in place to extract data but not to operate the phone.

EEPROM: Not much is known about what's in this IC and what it contains. Again, it's easier to transfer it over.

CPU: You forget to mention the most important element. The CPU has a secure enclave that contains the coded information. No one...and I mean NO ONE has publicly been able to figure this out on the iPhone 7 and above. If someone has, it is secret information and they are likely charging hundreds of thousands of dollars, if not millions of dollars for it's use (see @oldturkey03 reference above).

Again...the whole question is 'what's the point?'. If you want access to data, then in China they are already transplanting the coded IC's to known-good logic boards for data retrieval. If the NAND or CPU are damaged internally, then there's nothing you can do.

With all due respect to the fantastic contributors on this forum, no one here is going to help you solve this because it is a) - unnecessary and b) unfeasible for the average fixer/repair tech. You'll have better luck hanging out in hacker forums.