Several years ago I set a passcode on my iPad so that I couldn’t accidentally purchase something inside an app. Unfortunately, for whatever reason I didn’t use my “regular” passcode. I finally sat down and “hacked” my own iPad so that I could make a few purchases, mostly apps that I use and I wanted to get rid of the silly advertising.
I followed the instructions at iphonebackupextractor.com.
To calculate the SHA-1 hash, I used the form at hash.online-convert.com and the “shasum” command on the OS X command line.
To do the actual hex editing, I used the wonderfully easy-to-use tool Hex Fiend.
The steps are a bit convoluted, and yes, you can brick your device. But if you’re careful and follow the instructions closely, you should be fine.
And next time, write down your passcode somewhere safe.