This write-up will provide detailed description on how to bypass Guided Access mode on Apple iPhones.
- Temporarily restrict your iOS device to a single app
- Disable areas of the screen that aren’t relevant to a task, or areas where an accidental gesture might cause a distraction
- Disable the hardware buttons
-
Press the Home button once.
- Use Touch ID.
- If you're not using Touch ID on your device, follow these steps to end a Guided Access session:
-
Triple-click the Home button.
- Enter the Guided Access passcode.
You can read more about this in here: https://support.apple.com/en-au/HT202612
There are numerous articles online, which talks about how Guided Access Mode security allows you to handover your phone to someone without worrying about them to get out of the app and read your messages or look into your private photos.
-
How to use Guided Access to secure your iPad or iPhone: https://www.computerworld.com/article/3162738/apple-ios/how-to-use-guided-access-to-secure-your-ipad-or-iphone.html
-
How to Use Guided Access Feature to Secure Your iPhone: http://www.tweaklibrary.com/2017/07/06/how-to-use-guided-access-feature-to-secure-your-iphone/
-
How to Use Guided Access for Security Reasons: https://snapguide.com/guides/use-guided-access-for-security-reasons/
-
How to Put an iPad Into “Kiosk” Mode, Restricting It to a Single App: https://www.howtogeek.com/252670/how-to-put-an-ipad-into-kiosk-mode-restricting-it-to-a-single-app/
- User privacy
- Data leakage
- False sense of security while using Guided Access mode
Please follow the steps to break out of the Guided Access mode and see users text messages, photos, notes and reminders.
-
Go to settings and turn on the Guided Access feature
-
It allows user to set the passcode. Set the passcode so that user cannot disable the feature and snoop into other application.
-
Open Safari Browser on the device and press the home button thrice to put the phone into Guided Access Mode or Kiosk Mode. Here the user assumes that one should not be able to read or use other applications on the phone as the phone is in Guided Access mode.
- Try to call the application directly from the URL using hard links.
- To open: Mail type: message://
- To open: Messages type: sms://
- User gets the warning message saying that the “Guided Access is enabled. Triple-click the home button or use Touch ID to exit”. Basically, at this point of time user can’t access the message application and hence can’t read any text messages on the device.
- On clicking the home button thrice user needs to put the PIN to access other applications on the phone.
- Now, click on the share option in the Safari Browser to see where can we share the Browser link.
-
Click on the Message icon
-
It opens the Message application inside Guided Access mode. Now click on the ⊕ button to see the contact details.
-
Choose the individual contact from the contacts and one can read all the text messages between 2 parties even though one is using Guided Access mode.
-
Same goes for the other applications. Share the link from Browser with Notes or Reminders application to get access to sensitive information from those applications.
- Going into Photos is bit tricky from the Browser, however, it's not impossible.
-
After clicking on the ⊕ button and choosing the contact name long press on the contact name from the messaging application.
-
This opens the contact application with edit option as shown below
-
Click on edit button allows a user to upload a photo for a contact.
-
Click on "Choose Photo" option which will open photo album of a user.
-
User gets full access to photo album from Guided Access Mode
- While browsing to other non-iOS applications, Apple check for Guide Access Mode and doesn't allow one to look into that application. For eg: using share from Safari to read Whatsapp or Gmail messages.
I hope you find this information useful. If you have any questions, ideas or suggestions - just tweet me on @ManiarViral
Happy hunting!