Posts Tagged ‘authentication tokens’

Extracting and Using iCloud Authentication Tokens

Thursday, November 30th, 2017

In our previous blog post, we wrote everything we know about authentication tokens and Anisette data, which might allow you to bypass the “login, password and two-factor authentication” sequence. Let us have a look at how you can actually extract those tokens from a trusted computer and use them on a different computer to access a user’s iCloud account. Read Part 1 and Part 2 of the series.

Extracting Authentication Tokens from a Live System (Windows)

Extracting authentication token from a live system is as easy as running a small, stand-alone executable file you get as part of the Elcomsoft Phone Breaker package. The tool is called ATEX (atex.exe on Windows), and stands for Authentication Token Extractor.

Using the tools is extremely simple. Make sure you are logged on under the user you’re about to extract the token from, and launch ATEX with no arguments. The file named “icloud_token_<timestamp>.txt” will be created in the same folder where you launch the tool from (or C:\Users\<user_name>\AppData\Local\Temp if there are not enough permissions).