iOS 10.3 and iPhone...
 
Notifications
Clear all

iOS 10.3 and iPhone 7's

9 Posts
6 Users
0 Likes
714 Views
(@wernerj100)
Posts: 3
New Member
Topic starter
 

Hi all,

We used Cellebrite to create an Advance Logial Method 2 image because Advance Logial Method 1 is not supported for iPhone 7s. Method 2 only extracts the multimedia and nothing else.

Is there any other forensic software or normal software that can extract all the available data from an iPhone 7 or a device with iOS 10.3 and higher?

 
Posted : 28/07/2017 1:40 am
tracedf
(@tracedf)
Posts: 169
Estimable Member
 

I'm looking at mobile forensics software right now and I tested MOBILedit Forensic Express against my iPhone 6s running 10.3.2. I haven't rigorously verified that it didn't miss anything, but it appeared to pull everything.

Cellebrite is the major player in mobile forensics; are you sure you're using the most recent version? Perhaps you're missing an update?

-tracedf

 
Posted : 28/07/2017 2:28 am
(@wernerj100)
Posts: 3
New Member
Topic starter
 

Hi there, thank you for your response.

Yes we have Physical Analyzer 6.3.5 released now in July

 
Posted : 28/07/2017 2:42 am
 RonS
(@rons)
Posts: 358
Reputable Member
 

All iOS devices are supported.
I assume that you have iTunes installed on your computer that is somehow stuck in a state that prevents PA from starting the method 1 extraction.

I suggest uninstalling and reinstalling iTunes.

Best regards,
Ron

 
Posted : 28/07/2017 2:12 pm
OxygenForensics
(@oxygenforensics)
Posts: 143
Estimable Member
 

You can contact our helpdesk for a demo license of Oxygen Forensic Detective software.
It will not only extract all the basic data, like contacts, calls, messages, and files but also carefully parse and recover lots of app data and passwords.
If iTunes backup in the examined iPhone is encrypted Oxygen Forensic Detective will automatically attempt to find the password to decrypt it.

 
Posted : 28/07/2017 2:14 pm
(@wernerj100)
Posts: 3
New Member
Topic starter
 

Hi Oxygen,

Thank you.

I have submitted a ticket for the Demo license.

We have used your software with a lot of success with Nokia mobile phones.

Should this assist us with the iOS I will motivate the purchase of a new license.
Thanking you in advance

 
Posted : 28/07/2017 2:32 pm
SamBrown
(@sambrown)
Posts: 97
Trusted Member
 

I did a lot of iPhones 7 with method 1. It is definitely possible. Please post the error message that did prevent you to use method 1.
Is it because the backup encryption is enabled? Then using another forensic tool won't help you.

 
Posted : 31/07/2017 8:26 am
OxygenForensics
(@oxygenforensics)
Posts: 143
Estimable Member
 

Oxygen Forensic Detective software has a built-in Passware module that automatically finds passwords to encrypted iTunes backups. You can choose any of the available attacks such as brute-force, dictionary, Xieve, etc. The module uses the latest technologies including distributed processing and GPU acceleration with ATI and NVIDIA boards.

 
Posted : 01/08/2017 12:56 pm
passcodeunlock
(@passcodeunlock)
Posts: 792
Prominent Member
 

iTunes backup passwords can be bruteforced using hashcat as well, in case you look for a freeware solution.

All bruteforce methods are out of scope in case of very long or unique passwords, it doesn't matter what program you use, if the bruteforce will take hundreds of years even with the latest GPU monster boxes )

There might be an exploitable vulnerability to bypass the iTunes passwords, but so far I didn't succeed with none of my tries based on unconfirmed "rumors".

 
Posted : 02/08/2017 1:03 am
Share: