OTB 1.1.2 iPhone unlock: Progress Report

macgeek News
0 Comments

g0tcha and I finally managed to get the NCK (unlock code) value from the french iPhone
with the help of Geohot. Thanks mate.

It looks like this: “UnlockCode” = “NO=111111111111111&”;

The ‘1′ are to be replaced with digits, so I guess that the unlock code is 15 digits long.
Way too long for a bruteforce attack…

We doubt the unlock code has any correlation with any device ids, it is more likely
that Apple has it stored in a database for every single iPhone.

Reversing continues…

More detais in the extended post…

The NCK code is transfered during activation of your iPhone.
A plist file is created on the iPhone, and then sent to Apple webserver.
If the iPhone is unlocked in Apple’s database, it will reply with the unlock code.

We have managed to send an activation request to apple webserver and catch the NCK.

Leave a Reply

Your email address will not be published. Required fields are marked *