activation lock

Two hackers have created a tool that they claim can bypass Apple’s ‘Activation Lock.’ It’s called ‘doulCi, and it uses a man-in-the-middle attack to intercept users’ Apple ID credentials as well as unlock devices disabled by the highly-lauded security feature.

The hack utilizes a vulnerability in iTunes for Windows that has to do with verifying security certificates. And apparently, all you have to do to get it to work is plug in the device to a computer, and alter a file, directing it to an alternate server instead of iCloud…

According to security researcher Mark Loman, the bug in the Windows version of iTunes was either a beginner’s mistake, or was left in intentionally to allow intelligence agencies to access iCloud. Apple recently fixed a similar vulnerability in OS X and iOS.

Here’s how AquaXetine and MerrukTechnolog, aka Team doulCi (iCloud backwards), describe the attack:

doulCi is the worlds first Alternative iCloud Server, and the world’s first iCloud Activation Bypass. doulCi will bypass and activate you iDevice for you when you are stuck at the Apple activation menu. So, why would you use it? For example, if you have forgotten your Apple ID and password or no longer have access to your old itunes-email account then its impossible to regain control of your Apple Product!! doulCi is the solution that will enable you to can regain permenant access.

We haven’t seen video proof of the attack in action, but the hackers have demonstrated its efficiency by sharing screenshots of ‘calls to Apple’s iCloud activation service.’ A number of other users are also sharing screenshots, showing the hack worked for them.

Evad3rs team member and long-time hacker MuscleNerd notes:

It appears that even after a successful attack, where an iPhone disabled by Activation Lock is un-bricked, the device is still SIM-locked. But according to one of the team members, a carrier fix is on the way. The pair say more details are coming Thursday night.

As malicious as the hack is, the two say their only goal was to alert iPhone and iPad users to how unsafe iCloud is. Apple has been made aware of the issue, but until it releases a proper fix, users are advised not to access iCloud services over public Wi-Fi networks.

  • Oh shit. People who have iCloud (probably everyone), for public wifi you should download something like Cloak, an excellent VPN.

    • it’s irrelevant to public wifi, thats not how this works.

    • it’s an activation server, not an iCloud server. All this does is send a fake activation through a malicious fake iTunes server. and it isn’t permanent.

      • ✪ aidan harris ✪

        Exactly and since you don’t know whose in control of the public wifi you may or may nit be using a malicious sys admin could route all traffic from iCloud to “Insert fake hactivation server here”. This is still inherantly possible over a VPN of course but the chances are slim due to VPN’s being managed carefully and reviewed often…

      • all this does is spoof the phone to think it is activated. this would be 100% irrelevant to anything else.

    • ✪ aidan harris ✪

      Just my personal opinion but you shouldn’t use Cloak since they log an awful lot of data (that and their servers are based solely in the US):

      “When you use Cloak to secure your connection, we collect:
      The number of bytes you’ve sent and received
      The amount of time you’ve been connected
      The IP address you’re connected from
      The assigned (virtual) IP address on our VPN network
      The initial packet of each TCP connection (which does not include user content) and the first 64 bytes (essentially the headers) of the initial datagram of each UDP exchange.
      WE KEEP THIS INFORMATION FOR AT MOST SIXTEEN (16) DAYS, AFTER WHICH WE PERMANENTLY DELETE IT.
      We call this information your “personal session information” and it is the most sensitive data we collect. We treat it that way. If you’d like to know more, we wrote about this in great detail in a recent blog post.”

    • Sel

      HEY BRO. I JUST WANT TO ASK IF YOU HAVE ICLOUD BYPASS. I TRIED SO MANY TIMES TO DOWNLOAD THE BYPASS BUT IT TAKES 1MILLION SECONDS TO WAIT, SO IF YOU HAVE A BYPASS CAN YOU PLS SEND TO MY EMAIL chiicelestial08@gmail.com. PLEASE NEED YOUR HELP 🙁

      • Lahcen

        If you want remove icloud account or unlock your iphone we offer you trust sevice 100% at the best price just in 24h/7days we will remove your find my iphone off
        For mor information please contact admin@thegreatonlineshop.com

      • cody

        how

      • sam

        I have 23 that I need removed

  • onesimpleclickk

    I don’t use iCloud at all.

    • Framboogle

      You’re stupid

    • ✪ aidan harris ✪

      This isn’t possible. Every iPhone owner with a modern iPhone uses iCloud in some way, shape, or form even if it’s only under the hood, behind the scenes…

      • Elias Chao

        Well, he didn’t say he has an iPhone or iPad.

      • Voodoo Priest

        well thought hahaha

      • Edgar Barrios

        well he never said he was a human

      • jodld

        you killed it

      • jalebi Singh

        Alot of iPads on ebay say iCloud locked…. What does this mean?
        I know somewhat of tech, built my PC, but dont understand what the iCloud lock is.

    • T.N.T

      oh good for you ! :))

  • Framboogle

    There is no such thing as “truly secure”. It’s only a matter of time before Activation Lock got bypassed.

    • Death

      man cmon help me i need to bypass activation on my ipad…i got no idea about previous apple id….help….m stuck at activation for weeks now…:(

  • Tony

    Why not use icloud? The hack bypassed the activation of a device. So if my device is pass coded that would stop the hack correct? Just confused is all.

    • Wraith

      Nop because you can restore the device and the passcode will no longer be active, of course your device will be erased in the process.

      • Rowan09

        According to my understanding of what MuscleNerd said it will not work if you do a restore, you’ll still have the same issue which is no cell service. Sorry disregard.

  • Pop May

    excuse me guys, can u help me to unlock my passcode on iphone4. im forgot my passcode and i dont want to lose anything inside it

    • Rickm_jr

      Do a restore from backup?
      Or if you’re clever enough and jailbroken there are alternative ways that I refuse to post here.

      • Pop May

        how can you help me then? please

    • use a bruteforce attack. like always remove spaces adn such.

      forum . gsmhosting(.) com /vbb/f456/iphone-4-ios-7-x-x-passcode-read-windows-only-1777408/

      • ✪ aidan harris ✪

        Brute force would take ages with a reasonably secure password. If the op is jailbroken there are definitely quicker ways to obtain the device password…

  • XboxOne

    This is not good!

  • jzack

    i hope apple will patch this hack tool..

  • Same old story; nothing is unhackable…

    • ✪ aidan harris ✪

      Did Apple ever market it as unhackable? Apple is a major target who welcomes such hacks. Most people seem to forget that every single hack makes iOS a lot more secure. In regards to ‘nothing is unhackable’ if quantum computing takes off this will be true more than ever sooner or later…

      • Did I imply Apple claimed it’s unhackable?

        ” Most people seem to forget that every single hack makes iOS a lot more secure”

        You could say that about every OS out there, including Windows.

        ” In regards to ‘nothing is unhackable’ if quantum computing takes off this will be true more than ever sooner or later…”

        K…

      • Jade ‘Boogie’ Johnson

        ummm that’s the life of hacking and making patches! there is NEVER A SAVE SYSTEM internet, iOS your email Nothing when they make a patch tehres gonna be some smart hacker out there who cracks it and it starts all over Its a game of cat and mouse. You forget that MOST OF THE NSA and CIAS best assets were once criminals and what not who were bought out for there service

    • Rowan09

      Agree. No matter what happens anything electronic can be hacked.

  • Chun-Li aka ThunderThighs

    I was able to use it. Saying it is sim lock isn’t fully true. Works great. Now Apple just needs to fix there mistake

  • justme

    that’s why Sn0wbreeze didn’t launch a jailbreak tool for iOS7. to create a custom iOS7 then you can access via iTools to the root system and delete the lock folder or sometng related to the activation (first run).
    And I agree with that, if this works = more thefts 🙁

    • you can do this on an iPhone 4 really easily, even snoop the passcode.

      • justme

        yep, I knew that, but with iPad 4 was more difficult or even impossible until this.

      • muazz

        i had try for ipad4 retina…. boom………got bypass easy 123 with doulci…..

  • Stuart Grandin

    doulCi isn’t actually iCloud backwards.. Close but not quite there lol

  • Ram4ever

    Does this mean.. We can install 7.0.6 over 7.1.1 and still proceed with Apple activation

    • Spacewalk

      I get the idea of what you are trying to say, if icloud activation could be bypassed, wouldn’t the same concept work to bypass which ios version we choose to install?

    • Palmer Paul

      Unfortunately not. The process by which Apple checks the version you are attempting to restore to is a bit more complicated than just checking a server (although I believe it was just that up until the iPhone 3GS). This is where SHSH blobs come in. Blobs consist of two parts: APTicket and APNonce. The APTicket is device specific and specific to the version you’re attempting to restore to. Apple will only “sign” (create) APTickets when a firmware is the latest version; this is known as the signing window (there are a couple of exceptions to this, but Apple has become more careful to close the signing window within hours of the release of a new firmware). “So why can’t one just create this file themselves?”, you might ask. Well this is where the APNonce comes in. Introduced in iOS 5, the APNonce is a randomly generated number, that Apple will verify at the time of install. Therefore, all restores to non-latest firmwares are virtually out of the question, the exception being if someone discovers a boot rom exploit which would allow us to bypass this check entirely.

  • Sigurd Boe

    I think that their method of deliverance is flawed. If it were up to me, the flaw would have been brought to Apple with a deadline to fix their problem before releasing it publicly. With the threat that if they did not release a fix that then it would have been released public, but if they did release a fix then the hacktivation would not have been released.

    Just my opinion though.

  • Arianna Nora

    That will be to much loss for the apple company if their security system has been hacked.

    • Palmer Paul

      Not really. It happens all the time, and although I haven’t looked at the source code of iTunes for Windows, it sounds like a really quick fix.

    • Romi Arya

      No its Just loss of consumer of apple whom bought IPhone Officially.. and stolen by someone either missed somewhere, stealer they will use this kind of service and get unlocked… Hacking just show the weakness of system security and its part of program its show the eligibility of person(Hacker) that’s, they are more brilliant compression to officially engineers but dint get good chance and collage degree in student life.

  • Joseph an

    excuse me guys how can i use doulci for bypass activation lock on my iPhone 5s ? i couldn’t found anything please anyone who to know help me

  • Arianna Nora

    lol by chaing the mobile we can get this.

    • Viliami Tuanaki

      what?

  • Colleen Osbaldo

    They all are bloody ashole ….

  • Fardeen Beharry

    can this method be used to unlock the iphone from carrier?

  • ✪ aidan harris ✪

    “users are advised not to access iCloud services over public Wi-Fi networks.”

    Just an fyi but you shouldn’t access any services over public wifi and if you must then make sure you using a VPN of some sort…

  • mlee19841

    7.1.2 here we come.

    • RAZA

      plz help me iphone4s 16gb IMEI: 013073004589315 iclod problm

      • mlee19841

        whats the problem

  • Since I’m a android user I’m not sure on the answer.. But isn’t there anyway to not have the phone activated when purchased and I mean full purchased not carrier subsidized.

    Cause having something you legally own being able to be disabled doesn’t sound kosher to me.

    • Rowan09

      Yes if you purchase an unlocked phone you activate it yourself. Activation lock is a secure feature Apple introduced in IOS 7. It only allows a user to restore an iPhone/iPod/iPad if they know their iTunes password. This hack allows a user to skip the process and gain access to the make screen. In all the other IOS before 7, all you need to do was put the phone in DFU mode and just do a simple restore.

  • Sunny

    In android you can actually make it dead so thieves cant be able to do shit, this tool will only help thieves with stolen iphones

  • Fabio Rodrigues

    it was possible for iphone 4 for quite a few months now, but it was a little trickier to make, and also didn’t unlock the gsm radio, wich only turned the device into an ipod extra charged

  • Eni

    where can i find this tool?

  • Gaddzie

    We r still yet to see such proof. I have an iPhone 5 that Is activation locked. The phone is mine. I bought it new but just forget the code as I lost it under my bed. I found it about 2 months later. After I bought another 4s. I have been looking everywhere as Apple refuse to help. I have even taken it in to there store. Please help Doulci if you can. Gaddis at msn dot com

  • Gaddzie

    Sorry any1 that can help. Need ASAP gaddzie at msn dot com

  • Jan Vincent

    I need help. There’s a guy who sold a phone from me via “Fb” when he gave me the apple id it sais It is disabled. He did not contact me anymore and i cant use my iphone 5 anymore. Is there a chance to remove it and make my own or can someone who can remove it so i can use it ? Please answer thanks

  • Jan Vincent

    I need help. There’s a guy who sold a phone from me via “Fb” when he gave me the apple id it sais It is disabled. He did not contact me anymore and i cant use my iphone 5 anymore. Is there a chance to remove it and make my own or can someone who can remove it so i can use it ? Please answer thanks

  • Junior

    soo is there anyway to bypass the activation lock or no just asking….

  • Mario Hyman

    I mean…are you guys surprised that iCloud is being defeated.? Anything and I mean anything that is built by man..can be unbuilt by man. A Gold standard rule of thumb to put in your pipes and puff on for while..

  • quis5550

    can’t get location screen after entering magic line only activate iphone pls help

  • Lue3000

    my iphone 4s is icloud activation locked please help yobed@me.com

  • alexpar79878

    lol who has time on waiting for server to be online
    bypassicloud7activation dot com

  • Bobi Guru

    Learn here how to bypass icloud activation lock on your iPhone or iPad. This is the best official service where you can easily do it for free. bypassicloudactivationlock7 wordpress com

  • Joe

    can you send me iphone activation tool joe_is_back2001@yahoo.com

  • Joe

    can you send me iphone activation tool joe_is_back2001@yahoo.com

  • danny

    doulci are frauds, they have created this buzz to gain money from their website traffic.
    even on their facebook page they deactivated replies or comments so that people can just see what was posted previously.

    They also claim a downgrade from 7.1 to ios 5 was done however all they show is an iphone currently running on ios 5.1 and it shows that the iphone states there is an update available.

  • Waleed Asif

    i have unlock my iphone 4 but not activite sim card ?????? please solution ??????? contact me my whats app number 00923324034691

  • ameen

    Please Help me iPad 4 unlock

    • jason henfield

      i ended up using ievade activator to activate my ipad air running ios 7, was a little tricky to find but its the only program thats currently working after the apple update hope this helps

      • stelioinacio

        Hi can you please send me ievade software, I have been trying to find it for weeks and the download link at byteupload is not working. My email is stelioinacio@gmail.com

  • Esteban Gonzalez

    dose this still work?

  • Taribo

    anyone who can help me activate my iphone 4 please help…………….my info -chidz23@gmail.com

  • Art Chapa

    Someone just sold me an iPad with iCloud lock, does Duolci works to unlock it?

  • Susan Leong

    Hi, Can anyone help me how to bypass Apple id lock for my Iphone 6?

  • Jyoti Sharma

    Flat fee and simple tech support is 25dollarsupport

  • Matt

    I need help. I have an ipad 2 running ios 9.something. I can’t get into it. I need some way to bypass the icloud activation. It’s asking for m to login with the icloud user info that’s associated with this ipad. It’s my father-in-law’ and he can’t remember it and to make matters worse he changed email accounts awhile ago and doesn’t have access to that either. Can anybody hlp get around this activation lock? matthewstrom@yahoo.com

  • mary walker

    You can contact cybervenom6@gmail.com if you need help. He helped me.

  • Azharul Alam

    man cmon help me i need to bypass activation on my iPhone…i got no idea about previous apple id….help..