±Your Account
Membership:
New Today: 0
New Yesterday: 4
Overall: 24209
Visitors: 35±Latest Webinar
±Latest Articles
· Android Forensics
· Geo-tagging & Photo Tracking On iOS
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
· Geo-tagging & Photo Tracking On iOS
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
±Follow Us
±Latest Jobs
Back to top
Skip to content
Skip to menu
Back to top
Back to main
Skip to menu
Go to page Previous 1, 2, 3, 4
Thanks AlexC
_________________
Institute for Digital Forensics (IDF) - LinkedIn
Mobile Telephone Examination Board (MTEB) - LinkedIn
Mobile Telephone Evidence & Forensics trewmte.blogspot.com
ForensicMobex now MTEB Linkedin Subgroup
Is anyone getting around an Android swipe code
Re: Is anyone getting around an Android swipe code
Posted: Fri Feb 24, 2012 5:39 am
I've been getting some good results with the RIFF box but the JTAG jigs you buy from different vendors are very hit and miss depending on handset model
-
mobileforensicswales - Senior Member
Re: Is anyone getting around an Android swipe code
Posted: Sat Feb 25, 2012 1:54 am
Most of these devices have 2 types of chips (NOR and NAND) or multiple partitions, the RIFF box is good and will get data from the NOR chip and some partitions but after speaking to the developer of the product, they are not interested in reading from the partitions that contain the user data or the NAND chip that also has that type of data. They are generally only interested in the chip or partition that contains the firmware and or OS, hence the purpose of the flasher boxes, to repair these areas so they can get the phone working again........you will need to look at other more advanced JTAG hardware/software to get access to the nitty gritty!
Boxes like the RIFF, ORT, etc. are great for the regular type mobile phones but when you get into the Smartphones, you need to step it up a level. I am not downplaying these tools, great for your tool chest.
Go here for a good read: openocd.sourceforge.net/
Look through the archives and the Documentation heading, great stuff. Best of all, this is open source!
Entry level training will be available at Mobile Forensics World: www.teeltech.com/tt3/f...asp?cid=28
In August of 2012, a full week of advanced JTAG training will be in place from Teel Tech as well. This will include 2.5 days of taking the phone apart, learning soldering skills for attaching wires and putting the phone back together so you can still access it using your forensic tools; then 2.5 days of full on JTAGing that will include advanced tools, methods to locate Test Access Points on the mainboard, using the right jigs, dealing with the data afterwards, decoding and data carving, finding Android passwords, and much more....
I love the JTAG process and feel that this will be a tool we may have to depend on in the near future because the phone companies are restricting our access to the USB path (USB Debugging and locked phones like Tracfones) to get to the user data.
Happy JTAG'ing!
Boxes like the RIFF, ORT, etc. are great for the regular type mobile phones but when you get into the Smartphones, you need to step it up a level. I am not downplaying these tools, great for your tool chest.
Go here for a good read: openocd.sourceforge.net/
Look through the archives and the Documentation heading, great stuff. Best of all, this is open source!
Entry level training will be available at Mobile Forensics World: www.teeltech.com/tt3/f...asp?cid=28
In August of 2012, a full week of advanced JTAG training will be in place from Teel Tech as well. This will include 2.5 days of taking the phone apart, learning soldering skills for attaching wires and putting the phone back together so you can still access it using your forensic tools; then 2.5 days of full on JTAGing that will include advanced tools, methods to locate Test Access Points on the mainboard, using the right jigs, dealing with the data afterwards, decoding and data carving, finding Android passwords, and much more....
I love the JTAG process and feel that this will be a tool we may have to depend on in the near future because the phone companies are restricting our access to the USB path (USB Debugging and locked phones like Tracfones) to get to the user data.
Happy JTAG'ing!
-
sideshow018 - Senior Member
Re: Is anyone getting around an Android swipe code
Posted: Sat Feb 25, 2012 3:34 am
Whilst discussing gesture pattern locking, has anyone tried this?
moshe.nl/android/
_________________
Institute for Digital Forensics (IDF) - LinkedIn
Mobile Telephone Examination Board (MTEB) - LinkedIn
Mobile Telephone Evidence & Forensics trewmte.blogspot.com
ForensicMobex now MTEB Linkedin Subgroup
moshe.nl/android/
_________________
Institute for Digital Forensics (IDF) - LinkedIn
Mobile Telephone Examination Board (MTEB) - LinkedIn
Mobile Telephone Evidence & Forensics trewmte.blogspot.com
ForensicMobex now MTEB Linkedin Subgroup
-
trewmte - Senior Member
Re: Is anyone getting around an Android swipe code
Posted: Tue Feb 28, 2012 8:43 am
I've not tried the recovery method personally, but certainly if you can recover the hash (what ever way), that page worked last time I tried it.
-
AlexC - Senior Member
Re: Is anyone getting around an Android swipe code
Posted: Tue Feb 28, 2012 2:50 pm
- AlexCI've not tried the recovery method personally, but certainly if you can recover the hash (what ever way), that page worked last time I tried it.
Thanks AlexC
_________________
Institute for Digital Forensics (IDF) - LinkedIn
Mobile Telephone Examination Board (MTEB) - LinkedIn
Mobile Telephone Evidence & Forensics trewmte.blogspot.com
ForensicMobex now MTEB Linkedin Subgroup
-
trewmte - Senior Member
Re: Is anyone getting around an Android swipe code
Posted: Thu Mar 15, 2012 12:54 am
Here is an interesting request made to the US Court by the FBI seeking Google to reveal user gesture locking code and other user data.
ia700805.us.archive.or...26.1.0.pdf
Maybe our resident US examiners can explain a few tech issues.
PUK, in common parlance, refers to a PIN Unlocking Key generated for a (U)SIM Card by the manufacturer of a particular (U)SIM. The PUK under these circumstances can be held by the manufacturer, network operator or maybe recorded on some point of sale material at the time (U)SIM was sold to consumer.
However, is PUK being used in the US in some other way in relation to handsets? Is it an acronym? Or was the person filing the search warrant slightly confused as to what PUK is and what Google can actually provide?
Talking of revealing gesture lock codes, I seem to remember reading a thread at FF about a new discovery? Any clues
Apparently, so we are told, the FBI Agent did request the Search Warrant and Affidavit not to be revealed but, whoever had responsibility, didn't seal the Warrant and Affidavit, thus enabling revelation to the world at large.
_________________
Institute for Digital Forensics (IDF) - LinkedIn
Mobile Telephone Examination Board (MTEB) - LinkedIn
Mobile Telephone Evidence & Forensics trewmte.blogspot.com
ForensicMobex now MTEB Linkedin Subgroup
ia700805.us.archive.or...26.1.0.pdf
Maybe our resident US examiners can explain a few tech issues.
PUK, in common parlance, refers to a PIN Unlocking Key generated for a (U)SIM Card by the manufacturer of a particular (U)SIM. The PUK under these circumstances can be held by the manufacturer, network operator or maybe recorded on some point of sale material at the time (U)SIM was sold to consumer.
However, is PUK being used in the US in some other way in relation to handsets? Is it an acronym? Or was the person filing the search warrant slightly confused as to what PUK is and what Google can actually provide?
Talking of revealing gesture lock codes, I seem to remember reading a thread at FF about a new discovery? Any clues
Apparently, so we are told, the FBI Agent did request the Search Warrant and Affidavit not to be revealed but, whoever had responsibility, didn't seal the Warrant and Affidavit, thus enabling revelation to the world at large.
_________________
Institute for Digital Forensics (IDF) - LinkedIn
Mobile Telephone Examination Board (MTEB) - LinkedIn
Mobile Telephone Evidence & Forensics trewmte.blogspot.com
ForensicMobex now MTEB Linkedin Subgroup
-
trewmte - Senior Member