Pulling data from iCloud backups

Try Elcomsoft Phone Breaker or this one https://github.com/hackappcom/iloot

regards

Pretty much every cell phone tool supports iCloud backups from Apple. When I get a search warrant return from Apple, I run it through Cellebrite, Lantern, and Oxygen.

But, you can review the data manually if you wish. It's all databases, PLists, and such. Nothing too scary.

What feature of Cellebrite are you using to communicate with iCloud in order to download the data?

I have successfully used and own

1) Elcomsoft's Phone Breaker (https://www.elcomsoft.com/eppb.html)

2) Reincubate's iPhone Backup Extractor Pro (http//www.iphonebackupextractor.com/)

I have personally found Elcomsoft to be extremely responsive from a customer support standpoint when I needed help.

Reincubate's tool has reporting features that Elcomsoft's tool does not, whereas Phone Breaker has password cracking, Blackberry handling, and other features that iPhone Backup Extractor Pro does not.

If you only require the iCloud mobile backup download feature and nothing else, Reincubate's tool is far less expensive.

If you need to crack through encrypted mobile backups on occasion, then Elcomsoft's tool is your only choice out of the two.

If you have Passware Kit Forensic, then you can use the iCloud Backup Acquisition under Mobile Forensic to download the files. Then use your tool of choice to analyse the content.

Worked quite well for me in many cases.

I have successfully used and own

1) Elcomsoft's Phone Breaker (https://www.elcomsoft.com/eppb.html)

2) Reincubate's iPhone Backup Extractor Pro (http//www.iphonebackupextractor.com/)

I have personally found Elcomsoft to be extremely responsive from a customer support standpoint when I needed help.

Reincubate's tool has reporting features that Elcomsoft's tool does not, whereas Phone Breaker has password cracking, Blackberry handling, and other features that iPhone Backup Extractor Pro does not.

If you only require the iCloud mobile backup download feature and nothing else, Reincubate's tool is far less expensive.

If you need to crack through encrypted mobile backups on occasion, then Elcomsoft's tool is your only choice out of the two.

Use number 2. That is an awesome easy to use tool.

I recovered over 30k text messages from this using reincubates tool (including deleted). I use another tool and barely got anything off of it.

Thanks guys! I only needed the ability to download data from iCloud. I use Cellebrite for analysis. I'll try Reincubate and then Passware Kit Forensic after and see which I like. It is nice that Reincubate is so cheap.

This posting comes from the manufacturers of Elcomsoft Phone Breaker, a tool that was mentioned earlier in the thread.

Reincubate's iPhone Backup Extractor (as well as every tool other than Elcomsoft Phone Breaker) is based on the open-source project iLoot (https://github.com/hackappcom/iloot). We had a look at the code, and discovered it has lots and lots of issues (e.g. it's unable to decrypt certain files from iCloud backups; its download speed is very slow, especially for subsequent downloads). The code doesn't support 2FA methods other than trusted devices, and doesn't support binary authentication tokens.

AFAIK, the upfront purchase cost for Reincubate is $69 (our tool is $199). However, we were contacted by their customer who asked whether or not Elcomsoft Phone Breaker has a limit on the number of iCloud backups/devices that can be recovered because (as the customer stated) "iPhone Backup Extractor had an undocumented limit of 3 backups, at which point one can only keep using that function by paying outrageous additional yearly fees."

This posting comes from the manufacturers of Elcomsoft Phone Breaker, a tool that was mentioned earlier in the thread.

Reincubate's iPhone Backup Extractor (as well as every tool other than Elcomsoft Phone Breaker) is based on the open-source project iLoot (https://github.com/hackappcom/iloot). We had a look at the code, and discovered it has lots and lots of issues (e.g. it's unable to decrypt certain files from iCloud backups; its download speed is very slow, especially for subsequent downloads). The code doesn't support 2FA methods other than trusted devices, and doesn't support binary authentication tokens.

AFAIK, the upfront purchase cost for Reincubate is $69 (our tool is $199). However, we were contacted by their customer who asked whether or not Elcomsoft Phone Breaker has a limit on the number of iCloud backups/devices that can be recovered because (as the customer stated) "iPhone Backup Extractor had an undocumented limit of 3 backups, at which point one can only keep using that function by paying outrageous additional yearly fees."

I have been researching the different packages Elcomsoft offers. There is the $200 and the $800. Is the $800 package absolutely needed ?