The end of fun, Apple have just patched
Here is appleID password bruteforce pOc. It's only p0c, so there is no
- MultiThreading feature
- Save-State-On-Exception feature
do it yourself
It uses Find My Iphone service API, where bruteforce protection was not implemented. Password list was generated from top 500 RockYou leaked passwords, which satisfy appleID password policy. Before you start, make sure it's not illegal in your country.
Be good :)
Follow us on twitter @hackappcom