bootloader data acquisition !!

See here

http//www.mdpi.com/symmetry/symmetry-10-00023/article_deploy/html/images/symmetry-10-00023-g004.png

The article to learn from is here

http//www.mdpi.com/2073-8994/10/1/23/htm

See here

http//www.mdpi.com/symmetry/symmetry-10-00023/article_deploy/html/images/symmetry-10-00023-g004.png

The article to learn from is here

http//www.mdpi.com/2073-8994/10/1/23/htm

this is an advanced topic …. I am confused there is a lot of mathematical equations … but i search a lot on google … what i understand is

some of experet's said there is an exploit in Qualcomm's processors allow u to extract the master key for FDE ….
the article is here http//bits-please.blogspot.com/2016/06/extracting-qualcomms-keymaster-keys.html

and other expert told me that

Your device model has encrypted user data partition, so even after creating a physical dump, the data is mostly encrypted junk, which needs to be decrypted. In most of the cases the decryption is possible with dictionary attacks and brute force using our own in-lab technology, but it takes time, CPU+GPU cluster power and electrical energy.

We finished a successful decryption of an Android 6.0.1 data partition at the end of the last month

how we can do that what is the tools and hardware needed for perform this types of attack

The blogspot article is fine in its approach. You need CPU and GPU cluster power. The best is you rent AWS server power which is scaleable by your need in relation to time and money, see here

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_clusters.html

By bundling power by clusters you can run the rainbow table and brute force attacks to decrypt.

The blogspot article is fine in its approach. You need CPU and GPU cluster power. The best is you rent AWS server power which is scaleable by your need in relation to time and money, see here

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_clusters.html

By bundling power by clusters you can run the rainbow table and brute force attacks to decrypt.

what to attack exactly userdata.img ? and how this done by which tool ?
and if i attack what i get ? PIN code or encryption key ?
burteforce is the only solution for encrypted images ? i mean is there other methods in forensics company ?

sorry for a lot of questions <3

You are welcome, no problem about questions. As a cryptographer by myself its difficult to explain, we of course have professional tools and scalable resources inhouse. May someone else on Forensic Focus can better explain to you, sorry for that.

Who can help this member, please?

if you want to understand basic of FDE I think the best was explained by László Tóth and Ferenc Spala - look here https://soonerorlater.hu/download/They_thinked_differently_DerbyCon2013.pdf

P.S
It's reflect to FDE 1.0 …after this you can find resources on Internet up to 1.3… future analysis to crack higher version you will need to make at your own

The best is you rent AWS server power which is scaleable by your need in relation to time and money …

With all due respect ) , it seems to me a lot like the SouthPark gnomes plan to get rich

Phase 1) Get AWS computing power
Phase 2) ?
Phase 3) Profit!

😯

jaclaz

Can please someone help this guy with his serious problem?

if you want to understand basic of FDE I think the best was explained by László Tóth and Ferenc Spala - look here https://soonerorlater.hu/download/They_thinked_differently_DerbyCon2013.pdf

P.S
It's reflect to FDE 1.0 …after this you can find resources on Internet up to 1.3… future analysis to crack higher version you will need to make at your own

that topic help me to understand what happen with android encryption … but it's not work with my case i fallow this guide

source http//www.forensicswiki.org/wiki/How_To_Decrypt_Android_Full_Disk_Encryption

o what is the next step should i go to elcomsoft or magnet or whatever ?? do they have the ability to crack android encryption images ?

Upload dump to your FTP and give me access for it - I will check this case and update you on PM.