(05-30-2018, 05:00 AM)royce Wrote:
Hey, can you explain a bit more about what you meant by "input problems" with the device? Is it possible that the password might be something like one of your suspected passwords, but with letters missing or anything like that?
[SOLVED] You absolutely killed it with your advice! Thank you so much..
[Details]
Only to contribute to information here for others should there be a soul interested, I leave a long explanation of how your help and my tireless studies into this topic lead to the retrieval of the password and how this problem came to be. My thanks to you and your valuable advice taking stabs at this issue that actually has plagued quite a few people! You sent me off in useful directions that allowed me to get my priceless information back.
I ran rock you without permutations (didn't know how at the time).. no dice. Further inspired by your advice, I learned how to do this to make the dictionary more useful, as well as combing keychain data compiled from various apple devices I own (root stored password collections from everything [POP3/Websites]).. including some old phones and iPads I haven't used in a long time, and compiled a custom prior password dictionary. Ran the dictionary with permutations and variants and hashcat nailed it clean in about 9 minutes. After some investigation here is what had happened. On my windows computer, I had fallen into the advertising of a program touted to be superior to iTunes for device and backup management and freedom, and used it to make a backup and mess with files on my device. I apparently entered in a random variation of a past password because it forced me to set one at that time. Four months go by and I finish the semester and used my Mac (iTunes) to create (on my Mac) what I believed was a clean and initial backup. I have subsequently learned that if you EVER made an encrypted backup at any point in the lifetime of the apple device, the password and encryption will be automatically applied to any and all future back ups created in either iTunes or any other back-up software used on any platform. So essentially (until recent IOS updates) you were literally screwed if you forgot the password or it wasn’t something you have used before, and all past and future backups will be locked in this way as the password follows the kernel. Their solution as it stands is the advice I was given to “seek 3rd party services”, or reset the device settings which removes the forced encryption, but does not fix nor allow you to access prior backups as a result of doing this, only allows you to make new backups without encryption if desired; from that point forward. Where I received a replacement, the kernel did not have a stored password, and thus I was confused when iTunes didn’t have any problem creating unencrypted backups of it, nor prompt me to set a password. So I was correct in that the backup made a few weeks ago before wiping the device was not chosen by me to be encrypted at that time, and thus I believed the defective device left me a glitch of a parting gift. But it was sins of the past that persisted (the earlier backup).