iOS Restriction How to Crack Passcode using brute attack

How to Crack Passcode using brute attack force method

Crack iOS Restriction Passcode

Crack iOS Restriction Pass-codes using brute force.

iOS Restriction Brute Force v2.1.0 – Crack any iOS Restriction Passcodes With Python.

This version of the application is written in Python, which is used to crack the restriction passcode of an iPhone, iPad, and iPod

take advantage of a flaw in unencrypted backups allowing the hash and salt to be discovered.


BruteForce is a small application for Mac and Linux which attempts to find the restrictions passcode for an iOS device

(iPhone, iPad or iPod Touch) by brute force examination of its iTunes backup, without needing to jailbreak the device.

  1. Clone/install repository using the terminal
     git clone && cd 
  2. Make sure to use iTunes or libimobiledevice to backup the iOS device to your computer
  3. Run terminal and type with the auto option

how does this work?

This code was made with the Passlib python module. the first step tries the top 20 four-digit pins, then Try birthdays between

1900-2017 and for last module method use Brute force pins from 1 to 9999.

Download latest version: iOSRestrictionBruteForce v2.8.6


Download latest version

iOSRestrictionBruteForce v2.1.0

The brute-force attack is still one of the most popular password cracking methods.

Nevertheless, it is not just for password cracking.

Brute-force attacks can also be used to discover hidden pages and content in a web application.

This attack is basically “a hit and try” until you succeed.

This attack sometimes takes longer, but its success rate is higher.

In this article, I will try to explain brute-force attacks and popular

tools used in different scenarios for performing a brute-force attack to get desired results.

What is a Brute-force attack?

Brute-force attack when an attacker uses a set of predefined values to attack a target and analyze the response until he succeeds.

Success depends on the set of predefined values.

If it is larger, it will take more time, but there is a better probability of success.

The most common and easiest to understand example of the brute-force attack is the dictionary attack to crack the password.

In this, the attacker uses a password dictionary that contains millions of words that can be used as a password.

Then the attacker tries these passwords one by one for authentication.

If this dictionary contains the correct password, the attacker will succeed.

In a traditional brute-force attack, the attacker just tries the combination of letters and numbers to generate password sequentially.

However, this traditional technique will take longer when the password is long enough.

These attacks can take several minutes to several hours or several years depending on the system used and the length of the password.

To prevent password cracking by using a brute-force attack, one should always use long and complex passwords.

This makes it hard for an attacker to guess the password, and brute-force attacks will take too much time.

Most of the time, WordPress users face brute-force attacks against their websites.

Account lockout is another way to prevent the attacker from performing brute-force attacks on web applications.

However, for offline software, things are not as easy to secure.

Similarly, for discovering hidden pages, the attacker tries to guess the name of the page, sends requests, and sees the response.

If the page does not exist, it will show response 404 and on success, the response will be 200.

In this way, it can find hidden pages on any website.

Brute-force is also used to crack the hash and guess a password from a given hash.

In this, the hash is generated from random passwords and then this hash is matched with a target hash until the attacker finds the correct one.

Therefore, the higher the type of encryption (64-bit, 128-bit or 256-bit encryption) used to encrypt the password, the longer it can take to break