Jonathan Zdziarski ...
 
Notifications
Clear all

Jonathan Zdziarski : Waterboard

14 Posts
11 Users
0 Likes
1,036 Views
4Rensics
(@4rensics)
Posts: 255
Reputable Member
Topic starter
 

I came across this (on Reddit of all places!)

IOS Forensic Acquisition tool Waterboard

Looks interesting. Probably doesn't do much more than CelleBrite, but apparently its been taken down already? Maybe because of his claim he can acquire over cellular??? 😯

Anybody seen this (or know where a copy might be floating around!)

… for testing purposes lol

4R

 
Posted : 14/06/2013 1:59 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

If I may (and partially OT oops ) the name of the thingy is not exactly what I would call "good taste" 😯 .

Anyway
https://twitter.com/JZdziarski/status/344984789729828864

Temporarily took waterboard offline while we work out a few issues.

http//webcache.googleusercontent.com/search?q=cacheup3PYdtirBAJwww.zdziarski.com/blog/%3Fp%3D2385+&cd=3&hl=en&ct=clnk&client=opera

What is Waterboard?

Waterboard is an iOS forensic imaging tool, capable of performing an advanced logical acquisition of iOS devices by utilizing extended services and back doors in Apple’s built-in lockdown services. These service can bypass Apple’s mobile backup encryption and other encryption to deliver a clear text copy of much of the file system to any machine that can or has previously paired with the device. Acquisition can be performed via usb, or across any
wireless network where the device can be reached. Additionally, if you’re a federal law enforcement agency, you may also have the technical ability to skirt around a mobile carrier’s firewall, and acquire your target over cellular, possibly without their knowledge. (NOTE device pairing must still first be performed via usb, so there is not a widespread security risk).

Waterboard can be compiled either as a command-line utility for OSX or as a full blown GUI application for either OSX or the iPad / iPad Mini, to perform acquisitions using one of Apple’s connection dongles, such as the Lightning-to-USB adapter.

jaclaz

 
Posted : 14/06/2013 3:38 pm
4Rensics
(@4rensics)
Posts: 255
Reputable Member
Topic starter
 

Yes the name is a little on the borderline isn't it… 😯

Oh maybe its only down then for a while.

I'm sure it doesn't do too much more than CelleBrite Physical, but as a free tool that can be added to the aresnal without £1000's of dongles, its defo something to try.

 
Posted : 14/06/2013 7:29 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

Oh maybe its only down then for a while.

Believe me or not ? , at first sight I read "drown" in the above. 😯
wink

jaclaz

 
Posted : 14/06/2013 8:13 pm
PaulSanderson
(@paulsanderson)
Posts: 651
Honorable Member
 

I dont see waterboard as a bad taste name - we shold make an effort to not be so sensitive )

 
Posted : 14/06/2013 9:44 pm
(@bbking13)
Posts: 15
Active Member
 

He says on Twitter … "Temporarily took waterboard offline while we work out a few issues."

 
Posted : 14/06/2013 10:35 pm
(@jonathan)
Posts: 878
Prominent Member
 

I dont see waterboard as a bad taste name - we shold make an effort to not be so sensitive )

My opinion is that the name, like most of his blog posts, are in bad taste. I stumbled across his blog feeling like this ) but left feeling like this 😯

Like I say, it's my opinion.

 
Posted : 15/06/2013 12:30 am
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

I dont see waterboard as a bad taste name - we shold make an effort to not be so sensitive )

Sure ) , I have an idea idea for a name for a new line of forensic evidence carrying containers and faradays bags

Extraordinary Renditions ®

but I have somehow the feeling that it won't become popular outside the US, and most probably not even there wink .

jaclaz

 
Posted : 15/06/2013 1:34 am
(@randomaccess)
Posts: 385
Reputable Member
 

whilst the name of jz's tool is not great i have faith in the mans ability
he wrote the injection tool that was later adapted by cellebrite and xry for iphone acquisitions
as well as documentation explaining whats being done. these tools were LE only but he did release his documentation recently.

would like to try this new tool out and see how it works

 
Posted : 15/06/2013 9:12 am
(@xennith)
Posts: 177
Estimable Member
 

ITT people who make a living out of watching some of the most horrific child abuse videos that criminality has managed to create get bent out of shape by a little bit of tongue in cheek hacker humour.

The name is fine, the tool is great. Now quit whining.

 
Posted : 16/06/2013 3:49 am
Page 1 / 2
Share: