Current state of iC...
 
Notifications
Clear all

Current state of iCloud Backup Collections

13 Posts
5 Users
0 Reactions
4,125 Views
(@zeroonezero)
Active Member
Joined: 7 years ago
Posts: 16
Topic starter  

It's weird that AXIOM, Cellebrite and Elcomsoft's capabilities are all currently not working, but some of the commercial (i.e. "non-forensic") third-party iCloud management utilities are working fine.

I wonder what's going on there…

Perhaps it is due to the way the forensic programs interact with the iCloud. Can you provide a few utilities that allows for the exporting of iCloud backups?


   
ReplyQuote
(@mcman)
Estimable Member
Joined: 15 years ago
Posts: 189
 

Also, any news from Magnet regarding AXIOM's cloud capabilities on this front?

Long story short, Apple broke the cloud connection for all tools as mentioned. We fixed it in AXIOM 2.4 for all except accounts with 2FA. We fixed the 2FA in AXIOM 2.5 but then Apple made another change that broke it again for us (and other tools).

Isn't really anything new, just like apps change, the APIs and methods tools use to access the cloud data can change on a whim so it's a bit of a cat and mouse game. Should affect all tools that I know of. I'd be curious as to which other tools weren't impacted and what methods they use. Feel free to reach out directly if you have any questions.

Jamie McQuaid
Magnet Forensics


   
ReplyQuote
benfindlay
(@benfindlay)
Estimable Member
Joined: 16 years ago
Posts: 142
 

Perhaps it is due to the way the forensic programs interact with the iCloud. Can you provide a few utilities that allows for the exporting of iCloud backups?

Sure - I've had some PMs about this too, but thought it best to share publically.

I've recently tested AnyTrans, from imobie (available from https://www.imobie.com/anytrans/ ) and found it currently works.

There are a number of other tools I've used previously, such as dr.fone (available from https://drfone.wondershare.com/iphone-data-recovery.html ) although I've not tested this one recently.

Again, these aren't "forensic" so use with caution. The AnyTrans tool for example lets you delete the backups, so be careful which buttons you click! They are intended for management of your own accounts/commercially owned devices etc.

These tools typically have 'business' licencing options avaiable to allow use for non-personal purposes which should satisfy any procurement reules anyone might have to obey.

And of course, I would strongly recommend testing first on a dummy account before using 'in anger'!

Ben


   
ReplyQuote
Page 2 / 2
Share: