Hacker Dumps iOS Cracking Tools Allegedly Stolen From Cellebrite

Last year, when Apple refused to unlock the security on an iPhone 5c belonging to the San Bernardino shooter, the FBI turned to an Israeli mobile forensics firm called Cellebrite to find another way into the encrypted iPhone. Now Motherboard reports that a hacker has released files allegedly from Cellebrite that demonstrate how cracking tools couldn't be kept private. From a report: Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite relating to Android and BlackBerry devices, and older iPhones, some of which may have been copied from publicly available phone cracking tools." The ripped, decrypted and fully functioning Python script set to utilize the exploits is also included within," the hacker wrote in a README file accompanying the data dump. The hacker posted links to the data on Pastebin. It's not clear when any of this code was used in the UFED. Many of the directory names start with "ufed" followed by a different type of phone, such as BlackBerry or Samsung. In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene -- a community of iPhone hackers that typically breaks into iOS devices and release its code publicly for free.

Re:Who stole it first..?

[Aaron+B+Lingwood]

You misunderstand the GPL.

I doubt that I am misunderstanding the GPL as my livelihood depends on it.

I may be misunderstanding the terms of the situation or not adequately explaining myself.

It is my understanding that Cellebrite have distributed, through a sale or a lease, this software to law enforcement agencies on multiple ocassions. I may in fact be wrong and Cellebrite may have simply provided a service to decrypt the phones themselves - though this would break the chain of custody and create unreasonable liability. Your argument of internal use exemption would apply in the latter case.

According to Cellebrite's Wikipedia entry, it appears that they are indeed marketing and selling this as a product - distributing the software to law enforcement around the world.

Link to dumps

[Aaron+B+Lingwood]

Link to dumps

Release 1 - the supply chain - a backdoor with backdoors.

In this release find a small sample of the 900GB of mere 'user accounts and basic contact
information' recently liberated from Cellebrite.

The exploit techniques that Cellebrite employ are wrapped in various encryption schemes
in an attempt to protect 'their' intellectual property. The custom routines for
decrypting this lame ass protection are included in this release along with an
accompanying sample .eas (DLL designed to target devices and applications) and .epr
(bootloaders, exploits and shellcode) files.

The more discerning eye will notice that some of the Apple exploits bear a remarkable
resemblance to those available to any teenager interested in the jailbreaking scene;
perhaps not all those tax dollars have been wasted, the Blackberry epr is still worth
a look at.

The ripped, decrypted and fully functioning python script set to utilize the exploits
is also included within.

Download links:
https://mega.nz/#!sZUkSbDT!l74...
https://mega.nz/#!0d9zBQLI!DdK...

Coming soon.....

Release 2 - watching the watchers - pivot to win.

In this release find a small sample of files retrieved via the weaponized Cellebrite
update service deployed on MS Windows based devices and desktops (SYSTEM privs) within
the customer infrastructure.

Analysis of the compression and obfuscation employed by Cellebrite on products supplied to
British MOD juxtaposed with the protection free versions supplied to SOCOM and others is
also included within.

@FBI Be careful in what you wish for.