New Today: 0
New Yesterday: 4
· Geo-tagging & Photo Tracking On iOS
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
How are some SMS encoded within blackberry memory?
Subforums: Mobile Telephone Case Law
Parsed text is:
Let me know when we can have a phone conversation.
In Hex, this phrase is stored as:
03 29 00 17 32 A4 8C 4F 28 DB 69 84 E7 23 C6 41 0F B7 8E 31 EA 76 FB 6E 4C 2B 0E B8 70 75 CE 25 DC 1D 0C 00 00 00 03 29
Other text messages are stored in plain ASCII but I can't figure out what the pattern is, as it appears that both sent and inbox messages are encoded either way. Usually I can sweep the parsed text messages, and look up in the values tab to see how the message is encoded. Most times it's some form of 7Bit PDU encoding.
Is there something else I should be looking for to properly decode this?
Any insight is appreciated!
I have learned this through my contacts and friends from the Northland (Canada), who see BBs much more than we do.
This may be what you are seeing. Just a thought.
Detective, Las Vegas Metro Police Department
Instructor - TeelTech
- Senior Member
So RonS, I'm not sure if you can speak to this, but is there a publicly released method for identifying some of these texts? I've been asked to see if I can find fragments of deleted texts, but I'm not getting any hits, even on keywords that are in allocated SMS already parsed. So I can't do a proper search not knowing how the texts are encoded. Are you able to speak to how Cellebrite PA identifies SMS and decodes it, so that I can attempt to do it myself within Cellebrite PA? I'd understand if you can't release that info.
- Senior Member