Hi,
Doing some security testing/learning in my home lab again, this time using an iOS phone.
Does anyone know how the Two-Factor-Authentication for iOS devices determines whether the device logging in is indeed a 'Trusted Device'?
Does it use the MAC address of the device, the IP address, a file on the device?
I'm using a Kali box to see if I can log in to the iCloud without it asking for Two-Factor-Authentication; tricking the login in to thinking that the Kali box is actually the trusted iOS phone. In order to do so, I need to narrow down how the iOS login determines that the device is trusted.
So far, I've found;
I assume this means that a file must be saved on the device somewhere?
Thank you.