语言: Shell


iCloud Bruteforce PoC - 使用MultiCurl
iCloud Bruteforce PoC - with MultiCurl (中文)

另有100%使用iCloud Bruteforce PoC ..

在Ubuntu,Linux Mint,Windows 7和OSX Yosemite上测试过

免责声明:只要您给我信用,请使用此代码执行任何操作(@ Pr0x13) 在此之前,请检查并确保您所在国家/地区的合法使用此工具。 对于任何人对iCloud帐户或iDevice所造成的任何损害,我概不负责。 我写这篇文章的时候并没有利用任何帐户。

这个版本(希望)更强大 -

特征: JTR感谢Word-Mangling

True Bruteforce(如果你有几年等待)


能够强制使用Apple Web Objects Server后端

多卷曲 - 巨大的定时性能提升


依赖关系: PHP5-CLI PHP5卷曲

包含的wordlist取自6个实际数据库泄漏,重复删除和消毒,以更符合苹果密码要求。 Wordlist.lst我只通过排序超过8个字符的密码,删除所有数字通道,删除连续字符(3个字符或更多),删除所有小写密码,没有大写字母的密码和数字。 Mangle.lst略有不同,它包含7个或更多字符的密码,并删除了数字密码。根据您用于修剪的字符集,您可以真正使用它。两者都远非完美,最有可能需要更多清洁。它们仅作为起点提供,您应该真正获得不同的单词列表。请确保它符合Apple的密码要求

Linux注意:如果您还没有它们 “sudo apt-get install php5-cli php5-curl”

Mac注意:Brew需要从这里安装然后从终端“brew install wget”安装 或者只是从源代码编译它


或者从install.sh手动构建目录,下载外部模块,为windows安装curl,为win32 / 64预编译john,应该像这样调用:

C:\ PHP5 \ php.exe -f“C:\ PHP Scripts \ iBrutr” - -arg1 -arg2 -arg3





php iBrutr


php MultiBrutr

示例:$ php iBrutr -u

例如:$ php iBrutr -u -t 10

例如:$ php iBrutr -u -r 10 (关于RandomTime的注释)-r预设默认值为最小3秒,参数设置最大时间

例如:$ php iBrutr -u -m

示例:$ php iBrutr -u -m -w wordlist.lst

例如:$ php iBrutr -u -w wordlist.lst


这使用了GNU公共许可证下的John the Ripper和Crunch。

MultiBrutr是我写的一个例子,它滥用多卷曲来暴力破解两个不同的服务器。 使用它直到其中一个服务器被修复。

干净和添加是我写的一些hacky管道应用程序清理利用管道的单词列表集合 最好的表现。它包含几个正则表达式(希望)满足Apple ID密码要求。通过JTR管道它具有3个这样的平行管道

将你的单词列表命名为0 - * .dic

用法: -c(单词列表的数量)


:$ php add -c 5 | php clean | ./unique wordlist.lst

:$ php add -c 5 -m | php clean | ./unique mangle.lst

                    Until Next Time-    @Pr0x13

本文使用googletrans自动翻译,仅供参考, 原文来自

Yet Another %100 Working iCloud Bruteforce PoC..

Tested on Ubuntu, Linux Mint, Windows 7 and OSX Yosemite

Disclaimer: Do whatever you want with this code as long as you give me credit (@Pr0x13)
Check and make sure its legal in your country to use this tool before doing so.
I'm not responsible for any damage done whatsoever to anyones iCloud account or iDevice.
I Didn't exploit any accounts while writing this.

This version is (hopefully) more robust-

Word-Mangling thanks to JTR

True Bruteforce (if you have a few years to wait)

Automatic Rate Limiter Sensing Feature (Hopefully won’t DDoS apple servers this time) =]

Ability to Bruteforce Apple Web Objects Server backends

Multi-Curl - huge timing performance boost



The included wordlist is taken from 6 actual database leaks, duplicates removed and sanitized to more suit apple password requirements. Wordlist.lst I made by sorting only passwords with more than 8 characters, removed all numeric passes, removed consecutive characters (3 characters or more), removed all lowercase passwords, passwords without a capital letter and also a number.
Mangle.lst is slightly different, it consists of passwords 7 characters or more, and numeric passwords removed. Depending on the charset you use for mangling you can really make use of it. Both are far from perfect and need more cleaning most likely. They are only provided as a starting point, you should really get a different wordlist. Make sure it satisfies Apple’s password requirements here

Linux Note: If you don't already have them
"sudo apt-get install php5-cli php5-curl"

Mac Note:Brew needs to be installed from here then from terminal "brew install wget"
or just compile it from source

Windows Note: Cygwin needs to be installed, and these packages added "php-curl,php-jsonc,wget" (if you get a stat error and john wont compile it will still work but without mangling),

OR manually build directory from, download external module, install curl for windows and john pre-compiled for win32/64,should be invoked like this:

C:\PHP5\php.exe -f "C:\PHP Scripts\iBrutr" -- -arg1 -arg2 -arg3



(if it hangs on downloading, don’t exit just give it some time)

Choose SYSTEM to compile on the left hand side

php iBrutr

OR(while you can until a server is patched)

php MultiBrutr

example:$ php iBrutr -u

example:$ php iBrutr -u -t 10

example:$ php iBrutr -u -r 10
(note about RandomTime) -r has preset default of minimum 3 seconds, argument sets maximum time

example:$ php iBrutr -u -m

example:$ php iBrutr -u -m -w wordlist.lst

example:$ php iBrutr -u -w wordlist.lst

Included in tools is configmake, use that to update config file with your own server info.

This uses John the Ripper and Crunch both available under GNU Public License.

MultiBrutr is an example i wrote of abusing multi curl to brute force two different servers.
Use it until one of the servers are fixed..

clean and add are some hacky pipe apps i wrote to clean a collection of wordlists utilizing pipes for
the best performance. it contains a couple regex that (hopefully) satisfies Apple ID Password Requirements. Pipe it through JTRs Unique with 3 parallel pipes like this

name your wordlists 0-*.dic

-c (number of wordlists)

-m (mangle ready)

:$ php add -c 5 | php clean | ./unique wordlist.lst

:$ php add -c 5 -m | php clean | ./unique mangle.lst

                    Until Next Time-    @Pr0x13