Does anyone know of an automated method of parsing out chat history and film strips from Google Hello?
I have the paper by J Curl which helped me with an earlier case but this case has over 90 recorded users with who my suspect has communicated and manual reconstruction is very time consuming!
I know that there is EnCase Hello script with version 6.3 but looking at their messageboards it doesn't seem to work at all… roll
Any advice appreciated.
Im in the process of writing a more upto date paper on this, upto ver 2. you can do it manually. Encase are working on a new script as we speak
Simon
I have spent the last 4 days looking at Google Hello.
I have written a program which is able to piece together the evidence from Google Hello and reproduce chat logs which unlike the google hello chat logs contain a date and time per message. Google Hello does not need to be installed as it does not use it at all.
As well as this, when multiple images are sent, google hello's report is unable to piece them into the conversation, instead you get a bunch of images at the bottom which is fairly meaningless.
My program pieces the images into the conversation based upon the order they are sent. I am also in the process of writing a paper based on my findings, so that I can share the information I have.
The program is in Beta test at the moment, and Jonathan has a copy for testing purposes.
Andy.
Beta release of the Google Hello chat extraction program is available. Pm me if you would like a copy.
I'd like to publicly thank Andy for developing his excellent Google Hello extraction program, prompted by my original post.
He has worked all hours to produce this app over the last week, and let me beta test it from its very first incarnation.
Nice one Andy! wink
Thank you very much for those kind words Jonathan. I have to say it has been rather enjoyable to work on.
For the benefit of anyone interested, a beta release is being hosted at -
http//
http//
Login is google
password is hello
Should anyone need an installer, I will gladly create one.
I look forward to your feedback.
Beta 1.0.5 is available now. A few modifications have been made following some good feedback.
I'd like to thank Andy for the work he put in developing the Google Hello extraction program.
i used the program en could restore all my Google Hello chat history.
keep up the work Andy!!
Thank you Carlos, I am pleased to see it being of use to people!
Beta 1.0.6 is now available.
In previous versions, the generated output contained hard coded paths for the images. This worked fine, until the decoded data directories were moved.
It is now possible to move the decoded directory/burn to disc etc etc with the images appearing correctly within the reports.
It would be more useful to know the file format so that tools for other systems might be written, rather than having access only to a closed source .exe file.