While iOS 12 is perhaps the best mobile OS released by Apple to date, it has its cons, one of which is security. Videosdebarraquito found a passcode bypass on Sep 26 that provided access to the iPhone photos and contacts through its lock screen. While that security flaw has been patched already, Videosdebarraquito has discovered a new one that impacts the iPhones on iOS 12.1.1 beta and iOS 12.1.
On 30th October, the popular Videosdebarraquito channel on YouTube by Jose Rodriguez displayed a bypass vulnerability working in iOS 12.1.1 and iOS 12.1 – this time utilizing the new Group FaceTime feature of Apple.
In the video, it can be seen that by just a couple of standard inputs, users are able to access the contacts of locked handset if the iPhone has a phone call activated – all through the FaceTime Group chat. However, unlike a previous bypass, it doesn’t provide access to the images.
Guide to Accessing Contacts by Bypassing iOS 12.1 and iOS 12.1.1 Lock Screen
Anyone can use the bypass yourself to see someone’s phone numbers, contacts and emails. All you require is a phone no of a device running iOS 12.1.1 or iOS 12.1 – after that, just follow these steps to access their entire list of contacts.
- Make a call to the locked device. The instructions that remain have to be performed the locked device.
- Take the call
- From the call menu screen, select FaceTime.
- Tap the 3 dots (…) at the bottom right corner on iOS 12.1 or swipe up at the bottom (on the panel) if you’re using iOS 12.1.1).
- Choose ‘Add Person’, and then tap ‘+’ on the top right.
- You’ll now be able to see all of the contacts on the iDevice, including any addresses, emails, and contact data that may be saved.
If you want to test the bypass, better do it quickly, as it won’t last for long. And though it might look like something that was intentionally put in iOS 12.1 or iOS 12.1.1, it was likely meant to be closed behind passcode security, Touch ID, or Face ID.