Join Us!

Iphone image RAW us...
 
Notifications
Clear all

Iphone image RAW using linux  

Page 1 / 2
  RSS
nocomp
(@nocomp)
New Member

Hi to all of you, glad to have join this community, i ll feel less lonely then )
I have a question to ask you, how do you proceed for do a real complete image raw of an iphone using linux (or windows)

This is how i do, but the issue i am facing, is that i can never mount the image, either i build an img, a dmg or a .dd

this is how i do, using ssh from a laptop, we are assuming that openssh runs on the iphone

ssh [email protected]_ip dd if=/dev/rdisk0 bs=1M | dd of=iphone.img

what is wrong with that? if i set bs=4096 it doesn t work, i get invalid error.
If you have a better solution for create a raw from an iphone using linux, that interest me a lot!
thx for your time
best regards

Quote
Posted : 17/02/2012 5:15 pm
Doug
 Doug
(@doug)
Active Member

for direct trouble shooting it might be helpful to post up the Hardware and iOS versions you are dealing with.

In relation to tools that can image the iPhone the obvious first question relates to your employment. Are you working in Law Enforcement?

If you are LE then you can apply for free access to the Zdziarski toolset
http//www.iosresearch.org/
They work on both Linux and Mac

Otherwise if you have access to a Mac then Sean at Katana offers a good solution
http//katanaforensics.com/

My personal preference at the moment (due to its Windows and Mac support) would be the offerings from Elcomsoft
http//www.elcomsoft.com/eift.html

There are other solutions that offer iPhone imaging as part of their arsenal such as the Cellebrite Ultimate unit
http//www.cellebrite.com/mobile-forensics-products/forensics-products/ufed-ultimate.html

ReplyQuote
Posted : 17/02/2012 6:06 pm
nocomp
(@nocomp)
New Member

thx doug for your message.
nop i am not working as le, learning forensic on mobile, and planning to pass chfi certification soon.

i tried the katana tool, but installed failed on my mac, ill try to windows solution and let you know.
thxx a lot!
best regards
herve

ReplyQuote
Posted : 18/02/2012 1:11 pm
nocomp
(@nocomp)
New Member

great, no freeware, noway i gonna pay for try…
so there is no reliable way to do a raw of an iphone without a credit card? '(

ReplyQuote
Posted : 18/02/2012 1:17 pm
trewmte
(@trewmte)
Community Legend

Just a suggestion. Have you looked at Ubuntu?

ReplyQuote
Posted : 18/02/2012 1:31 pm
nocomp
(@nocomp)
New Member

hi trewmte,
yep that s what i use, but aside of the dd over ssh, couldn t find any ways/ tutorials for do a raw of an iphone.
can you help?
best regards
herve

ReplyQuote
Posted : 18/02/2012 1:36 pm
trewmte
(@trewmte)
Community Legend
armresl
(@armresl)
Community Legend

Doug, the Elcomsoft version is also LE only so 2 of those choices the majority can't use.

Everyday I am more amazed at the companies that go this route and only supply to LE.

for direct trouble shooting it might be helpful to post up the Hardware and iOS versions you are dealing with.

In relation to tools that can image the iPhone the obvious first question relates to your employment. Are you working in Law Enforcement?

If you are LE then you can apply for free access to the Zdziarski toolset
http//www.iosresearch.org/
They work on both Linux and Mac

Otherwise if you have access to a Mac then Sean at Katana offers a good solution
http//katanaforensics.com/

My personal preference at the moment (due to its Windows and Mac support) would be the offerings from Elcomsoft
http//www.elcomsoft.com/eift.html

There are other solutions that offer iPhone imaging as part of their arsenal such as the Cellebrite Ultimate unit
http//www.cellebrite.com/mobile-forensics-products/forensics-products/ufed-ultimate.html

ReplyQuote
Posted : 18/02/2012 10:29 pm
nocomp
(@nocomp)
New Member

Hi Herve

Because you are looking for possible free solution, a few posts I read that I wasn't sure whether you have read them?

http//jefferytay.wordpress.com/2011/04/25/backing-up-an-ios-device-iphone-ipad/

http//modmyi.com/forums/general-iphone-chat/681068-3gs-3-0-disk-image-dump-failure-leads-brand-new-iphone-users-tale-rage-woe-2.html

http//log.ijulien.com/post/182804914/iphone-3gs-data-recovery

http//ubuntuforums.org/showthread.php?t=1366684

http//www.tuxtree.com/2009/10/how-to-connect-iphoneipod-touch-using.html

hi,
thx a lot for your links, truelly appreciate.
from what i ve read, i ve did the right thing then with my dd command.
the question is, why you can t mount the .img image that is generated?
is it cause of bs=1M ?

best regards
herve

ReplyQuote
Posted : 19/02/2012 3:01 pm
nocomp
(@nocomp)
New Member

Doug, the Elcomsoft version is also LE only so 2 of those choices the majority can't use.

Everyday I am more amazed at the companies that go this route and only supply to LE.

for direct trouble shooting it might be helpful to post up the Hardware and iOS versions you are dealing with.

In relation to tools that can image the iPhone the obvious first question relates to your employment. Are you working in Law Enforcement?

If you are LE then you can apply for free access to the Zdziarski toolset
http//www.iosresearch.org/
They work on both Linux and Mac

Otherwise if you have access to a Mac then Sean at Katana offers a good solution
http//katanaforensics.com/

My personal preference at the moment (due to its Windows and Mac support) would be the offerings from Elcomsoft
http//www.elcomsoft.com/eift.html

There are other solutions that offer iPhone imaging as part of their arsenal such as the Cellebrite Ultimate unit
http//www.cellebrite.com/mobile-forensics-products/forensics-products/ufed-ultimate.html

i agree with you, this is just pathetic, "l337 only" kind of behaviour tthat make you want to shate your app on bittorent once you scored it!

ReplyQuote
Posted : 19/02/2012 3:02 pm
steve91386
(@steve91386)
New Member

You have access to a Mac, and depending on the hardware you are trying to image, Katana Forensics offers a free imaging tool called LanternLite; http//katanaforensics.com/lantern/lanternlite

ReplyQuote
Posted : 19/02/2012 5:29 pm
nocomp
(@nocomp)
New Member

hi steve,
thxx i ve found this one, but couldn t install it on the mac, got an error during install / "lantern lite run preflight script"
#fail #coarsed!

ReplyQuote
Posted : 19/02/2012 5:36 pm
steve91386
(@steve91386)
New Member

hi steve,
thxx i ve found this one, but couldn t install it on the mac, got an error during install / "lantern lite run preflight script"
#fail #coarsed!

Try downloading all the components again and reinstall. I've used this tool extensively with great success, if you've got a device that it supports and you're really looking for a free tool it'd be worth the effort to get it running.

ReplyQuote
Posted : 19/02/2012 5:45 pm
nocomp
(@nocomp)
New Member

i agree with you steve, but what component you talk about? there is just a .zip file to download.

ReplyQuote
Posted : 19/02/2012 5:49 pm
steve91386
(@steve91386)
New Member

i agree with you steve, but what component you talk about? there is just a .zip file to download.

If you got the ZIP from Katana there is a PDF included that has links to firmware downloads for use with RedSnow. I'm not sure whats causing your error, and seeing as it's early morning here I haven't had my coffee idea shoot me a PM and I'd be happy to help you the best I can.

ReplyQuote
Posted : 19/02/2012 5:56 pm
Page 1 / 2
Share: