Has anyone examined a Nokia n900 I’ve seen this article (http//
I have an n900. I bought it thinking I could use it here in Korea. It turns out I couldn't so it has been a $600 alarm clock for me.
Getting root is easy assuming you have physical access. If i remember right you just type chroot or simply root. I will update if I am wrong when I get home tonight (my tonight)
As the N900 runs the Linux-derived Maemo OS, you can just use standard Linux commands to gain root access. If memory serves me correctly, there is a terminal application somewhere on the phone which should be your starting point.
Interestingly, dd is available on the device meaning you can create an image file for analysis in the forensic tool of your choice!
I think to get full root access you need to install rootsh on the N900 and to do this you have to connect the phone to the internet which I would like to avoid. I've explored the option of installing openSSH from a memory card but you still need root access which I cant get.
Hi si666,
I am just in the middle of one of these right now.
If you have a password the only thing you can do is reset the phone to its defaults.
We did some tests on this and found that if you reset the handset using the free SDK tools available via the maemo project (don't think there are many pages relating to the N900) you can get access and it doesn't deleted all of the files.
Basically the resetting wipes the partition containing the application data (so potentially applications containing data will be lost) and it disables the code. You can retrieve the code if you wish, but once its gone it may not be needed.
The wiping leaves the home partition intact if my memory serves me well, so contacts, calls, messages etc should still be present.
Once you have wiped the handset using the dd access you can copy the contents of the home partition to a memory card, use a lab one ;), and then you can extract the home.dd file.
This file should contain SQL database files with the calls and messages. Contacts are also stored but they are in a slightly different format (not SQL I think).
I will give you some more details if you want. I should be finishing it today.
Home this helps, but the SDK sites are really good for this, they give you the commands you need to use in the dd.
Regards
Keelan
Btw, just a quick update, you can mount dd images in FTK. You can then browse it as a disk essentially.
Thanks Keelan,
Any more details would be great. I have already got the event log (calls, sms) but I need to get the web history and any msn/facebook logs if possible. Pease let me know how you get on.
Thanks
If the handset was used to browse the web there should be a few artefacts.
Try looking for .feedservice entries (E.g. .feedservice/facebook).
.ash_history (for web history).
.bookmarks
.browser_typed_urls
Try looking at .osso-abook, this contains contacts and may contain some skype contacts too.
The address book is not stored in an SQL DB format. It stores the contacts as vcards.
You might be able to use a program like scalpel to carve these out of the file.
I think it stores them as text in that file, put the file in a hex reader and you should be able to see them.
I am just trying to get my results into excel format at the moment. Using SQLite Expert is really good at getting hold of most of the stuff.
Will keep you posted.
Oh and btw if you look under .modest it might contain emails etc.
E.g. .modest/local_folder and .modest/cache/mail
.ash_history (for web history).
That file should contain commands that have been typed into the shell.
You'll find the browser history in
, as on a typical GNU computer.