Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 803 views

    Fake Activation

    Uploaded by

    bankole
    This document provides instructions for spoofing an iOS device's activation status to appear activated without actually activating it. It involves using a disassembler to patch the mobileactivationd binary, changing references from "Unactivated" to "Activated" and "FactoryActivated". This tricks the program into thinking the device is activated when it checks activation status. The patched binary is then copied to the device and reloaded to fake device activation.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Fake Activation

    Uploaded by

    bankole
    803 views3 pages
    This document provides instructions for spoofing an iOS device's activation status to appear activated without actually activating it. It involves using a disassembler to patch the mobileactivationd binary, changing references from "Unactivated" to "Activated" and "FactoryActivated". This tricks the program into thinking the device is activated when it checks activation status. The patched binary is then copied to the device and reloaded to fake device activation.

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides instructions for spoofing an iOS device's activation status to appear activated without actually activating it. It involves using a disassembler to patch the mobileactivationd binary, changing references from "Unactivated" to "Activated" and "FactoryActivated". This tricks the program into thinking the device is activated when it checks activation status. The patched binary is then copied to the device and reloaded to fake device activation.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    803 views3 pages

    Fake Activation

    Uploaded by

    bankole
    This document provides instructions for spoofing an iOS device's activation status to appear activated without actually activating it. It involves using a disassembler to patch the mobileactivationd binary, changing references from "Unactivated" to "Activated" and "FactoryActivated". This tricks the program into thinking the device is activated when it checks activation status. The patched binary is then copied to the device and reloaded to fake device activation.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    You are on page 1of 3
    At a glance
    Powered by AI
    The method presented spoofs the device activation status to show as activated and factory activated by patching references in the mobileactivationd binary.

    You need to use a disassembler like Hopper to locate and change the 'Unactivated' and 'FactoryActivated' references in the binary to 'Activated'.

    You need to add the patched binary to /usr/libexec, rename the original binary, change permissions on the patched binary, and reload the mobileactivationd launch daemon.

    Fake Activation https://exploit3d.com/fake_activation.

    html

    Fake Activation

    Introduction
    Method I will present you today is spoofing device activation status to activated and FactoryActivated. In order to do this we will be patching mobileactivationd binary and precisely we will change 2 Unactivated references to Activated and second FactoryActivated. So when program see that our device isnt activated it will
    activate Unactivated reference which we changed to Activated so device will think it's Activated and it will make us able to finish setup without any problems.

    Requirements:
    - Some knowledge in assemblers and disassemblers.
    - Disassembler :D I will use Hopper v4.
    - checkra1n compatible device.
    - Apple Tech 752 iOS 13.3.1 iCloud Bypass Package from here (we will need tcprelay).

    Patching mobileactivationd:
    First open new terminal window and cd SSH folder inside iOS 13.3.1 iCloud Bypass package and type:

    ./tcprelay.py 44:2222

    Now open another window and type:

    scp -P 2222 root@localhost:/usr/libexec/mobileactivationd /path/to/folder/on/mac

    Open binary in disassembler and look for Unactivated or Activated or FactoryActivated string. You should see this:

    Jump into it's reference and write down "Activated" reference address. In my case it's 0xb68.

    Now jump to "unactivated" reference and assemble it with "Activated" reference address.

    1 of 3 7/7/2020, 2:07 AM
    Fake Activation https://exploit3d.com/fake_activation.html

    If you did correctly "Unactivated" will change into "Activated" reference.

    now jump to "FactoryActivated" reference and write down it's address. 0xb70 in my case.

    Now jump to next and last "Unactivated" reference we are interested in and assemble it with "FactoryActivated" address.

    If you did correctly "Unactivated" will change to "FactoryActivated" address.

    2 of 3 7/7/2020, 2:07 AM
    Fake Activation https://exploit3d.com/fake_activation.html

    That's about it. Now you can save patched binary.


    Now we need to add patched binary to /usr/libexec. To do this first rename original binary to some bullshit name and mount disk as rw.

    mount -o rw,union,update /

    now change original binary name.

    mv /usr/libexec/mobileactivationd /usr/libexec/shit

    Now add patched binary to /usr/libexec

    scp -P 2222 path/to/mobileactivationd_patched root@localhost:/usr/libexec

    Change it's name to mobileactivationd

    mv /usr/libexec/mobileactivationd_patched /usr/libexec/mobileactivationd

    Change permission.

    chmod +x /usr/libexec/mobileactivationd

    Now we need to reload mobileactivationd LaunchDeamon.

    launchctl unload /System/Library/LaunchDaemons/com.apple.mobileactivationd.plist

    launchctl load /System/Library/LaunchDaemons/com.apple.mobileactivationd.plist

    Done your device should be now fake activated :D. My congratulations if you managed to finish this guide.
    Here is video how it should look after you finished it - Video
    Homepage

    3 of 3 7/7/2020, 2:07 AM

    You might also like