Password breaker for iPhone backups
Elcomsoft's iPhone Password Breaker (EPPB) promises to recover the passwords of protected iPhone backups. This is said to allow access to stored data such as addresses, SMS archives, apps, calendar items, photos, call logs, email account details as well as the browser cache and history. The breaker works offline and does not require iTunes.
So far, however, there is only a beta version (direct download) which uses (currently rather short) English, German and Russian word lists to attempt the recovery of the correct password. The H's associates at heise Security found that the German word list appears slightly strange, containing virtually none of the terms that can usually be found in password lists – items such as "Strukturproblem" or "Steuerhinterziehungsbranche" are only likely to be used as passwords by rather shrewd individuals.
The final version is to support user-defined dictionary attacks and permutations – accelerated by current ATI and Nvidia graphics cards via Stream SDK or CUDA as well as multi-core CPU support. EPPB runs on Windows7, Vista and XP and can apparently crack the backups of generation 2G, 3G and 3GS iPhones as well as first, second and third generation iPod Touch models. The vendor did not, however, mention what the price for the final version will be.
Elcomsoft also offers other software such as Distributed Password Recovery (EDPR). Apart from WPA passwords, EDPR can also recover the passwords used in Office, Adobe Acrobat, PGP, Lotus Notes as well as Windows and Unix passwords.
- iPhone OS 3.1.3 fixes vulnerabilities, a report from The H.