Medusa Box - Sony X...
Clear all

Medusa Box - Sony Xperia (Read Full Flash) - .ful File?

5 Posts
4 Users
0 Reactions
Posts: 2
New Member
Topic starter

I have downloaded the flash memory of two PIN locked Sony Xperia's (models LT18i & LT15i) using a Medusa Box we recently bought. The software outputs the files in a .ful format, which appears to be proprietary format and not the usual .bin format i was hoping for. Looking at the dumps in hex, the headers start with 'OCTOPUS'.

Is there a way of converting these to a standard bin file which could be decoded with Cellebrite etc?


Posted : 08/12/2014 2:54 pm
Posts: 274
Reputable Member

This dump is encrypted using the flasher box software is encrypting the dump. The only way to get around it is to beg the dev for a decoder or port scan

Posted : 08/12/2014 7:27 pm
Posts: 45
Eminent Member

If I recall properly, when you are saving your dump file, there is a drop down box for file type. You can save it as a proprietary encrypted file, or as a plain binary file. Doesn't help decrypt your file, but check next time you save, the file type you saving it as.

Posted : 10/12/2014 11:17 pm
Posts: 2
New Member
Topic starter

Cheers for the replies guys.

I checked the drop down menu again and the only file-type option is 'Full Flash Read .FUL' unfortunately.

I've tried the port scan method, using a trial copy of 'Device Monitoring Studio' (USB version, selecting 'Raw Data View' in the monitoring window). I then saved the hex data from the 'Read' window and imported it into Cellebrite (trying a couple of profiles). They all recover the same thing, 400 calls, 5 chat conversations,1 Email, 3429 SMS Messages, however none of them decode the file system.

I tried to carve the PIN code but nothing happened. I tried a couple of PIN recovery scripts (such as CCL's) and they also failed, they find a SALT but no HASH.

Posted : 11/12/2014 3:01 pm
Posts: 84
Trusted Member

Try the Octoplus Box, it gives you the option of either file type, the .bin option will give you what you need…..B

Posted : 27/12/2014 1:37 pm