Notifications

Clear all

Nokia Lumia 800 [WP7]

4Rensics · 2013-02-05T14:03:03Z

Hi,I'm back again! After my escapades with the BMW key fob I've managed to get a Nokia Lumia 800 land on my lap.I thought it would have been a straightforward download, but XRY and CelleBrite will only at a push extract some images.Oxygen wont even connect to it.I have followed all the XRY/CelleBrite instructions for connecting to the Zune software, but to no avail.A colleague suggested '91 Panda PC Suite' but its not connecting to that. It's almost as bad as a Chinese clone trying to get anything off this thing.I know Windows Phones are not that popular, but has anybody had any success in extracting data [Logical or Physical] off one of these devices.Thanks.

Page 4 / 4 Prev

General (Technical, Procedural, Software, Hardware etc.)

Last Post by PaulSanderson 10 years ago

33 Posts

11 Users

0 Reactions

5,856 Views

RSS

UnallocatedClusters

(@unallocatedclusters)

Honorable Member

Joined: 13 years ago

Posts: 576

05/09/2015 5:35 am

Paul,

I converted the Store.vol file to a plain text file first by changing the file extension to .txt. I did not find anything of interest in the Store.txt file.

Then I used a Hex viewer to search the file Store.vol for interesting text and did not find any.

Apparently I should have used another tool?

ReplyQuote

Rampage

(@rampage)

Reputable Member

Joined: 17 years ago

Posts: 354

25/09/2015 3:10 am

Hi, ESE databases can be parsed using log2timeline/plaso
just feed the file to the tool and it will generate a timeline of elements contained in the ese file.

or take a look here for more informations

http//forensicswiki.org/wiki/Extensible_Storage_Engine_%28ESE%29_Database_File_%28EDB%29_format

ReplyQuote

PaulSanderson

(@paulsanderson)

Honorable Member

Joined: 19 years ago

Posts: 651

25/09/2015 12:08 pm

Hi UA

Not when I replied, but I have since released a Browser extension for my Forensic Toolkit for SQLite to allow my users to browse an EDB/ESE file with my Forensic Browser component.

http//sandersonforensics.com/forum/content.php?242-ESE-EDB-JetBlue-Database-extension-for-the-Forensic-Browser

Cheers
Paul

ReplyQuote

Page 4 / 4 Prev

Android Forensics

I have conducted a logical and partial extraction of a ...

By SgtAndroid , 3 days ago
Article: The Balance Between Digital Forensic Examiners And Digital Evidence Technicians: Expertise Vs. Efficiency

Can digital forensic labs cut backlogs without cutting ...

By Zoe , 4 days ago
Prefetch Question

Hello All, I have a question regarding Windows prefet...

By Forensic_Tester , 4 days ago

8 Forums
15.7 K Topics
92.3 K Posts
314 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed