±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35875
New Yesterday: 3 Visitors: 185

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

LS LS676 - Encrypted device - Oxygen Forensic

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2 
  

the_Grinch
Senior Member
 

Re: LS LS676 - Encrypted device - Oxygen Forensic

Post Posted: Feb 28, 19 21:48

Again I don't have Oxygen, but my experience with other tools is that if you pull an encrypted extraction from a device and it wasn't decoded then you don't have the means to enter a password or brute force it.

The likely scenario is they are able to pull an extraction, but are unable to decrypt the data thus you aren't seeing anything. As far as other products go, I know of none that provides you the means of running passwords against the extraction in the hopes of unencrypting the data and bypassing any wiping or lockout security implementations.  
 
  

arcaine2
Senior Member
 

Re: LS LS676 - Encrypted device - Oxygen Forensic

Post Posted: Feb 28, 19 23:24

- the_Grinch

The likely scenario is they are able to pull an extraction, but are unable to decrypt the data thus you aren't seeing anything. As far as other products go, I know of none that provides you the means of running passwords against the extraction in the hopes of unencrypting the data and bypassing any wiping or lockout security implementations.


According to release notes from current version of Oxygen Forensic Detective it is possible for that chipset. They did not specify if it's universal across all devices or just some are supported. It seems to be different from what UFED does.


Decryption of physical dumps with the known password for Android devices based on Qualcomm Snapdragon MSM8909 chipset.
 
 
  

OxygenForensics
Senior Member
 

Re: LS LS676 - Encrypted device - Oxygen Forensic

Post Posted: Mar 01, 19 14:26

The software doesn't just "pull an encrypted extraction". It also performs the code on the device pulls data with partially decrypted keys. So, it's not "running passwords against the extraction". It's running passwords against key-related data as the rest of the decryption/bruteforce process can be done offline.  
 

Page 2 of 2
Page Previous  1, 2