Hi Folks,
Need help for the subjected topic.
1. How ufed decrypt the whatsapp data for iphones?
2. How oxygen decrypt the whatsapp data from iphone?
Please help...
Not sure about Oxygen but i don't think UFED decrypts WhatsApp. UFED just accesses the un-encrypted database files and interprets that for the user.
Cellebrite's latest release of Physical Analyzer touts being able to parse out Whats App. Haven't tried it yet so I can't say what it parses out.
Both products have a nice list with supported devices and supported app versions.
Please be a bit more specific, tell us your device specs, operating system, app version, etc.
In Case of iPhone, If you acquire the data from unlocked iPhone you will get all the WhatsApp chat there is no need to manually decrypt the database.
In the second scenario if you want to download WhatsApp chat backup from the iCloud, then via Credentials and then OTP is sufficient to decrypt the DB by Oxygen Forensic Cloud.
Hi Folks,
Need help for the subjected topic.
1. How ufed decrypt the whatsapp data for iphones?
2. How oxygen decrypt the whatsapp data from iphone?
Please help...
Oxygen Forensic Detective can fully extract WhatsApp data from iPhones. You can read more about all our WhatsApp extraction methods in this brochure https://oxygen-forensic.com/uploads/doc_guide/Whatsapp_forensics.pdf
you have to do APK downgrade to collect WhatsAPP from Android via Cellebrite.
@cs1337 How exactly do you do an APK downgrade on an iPhone which is the type of phone this question is about. Also, if you get a full physical (FDE) or a full filesystem (FBE) on an android phone you don't need to do an APK downgrade to get Whatsapp data.
@cs1337 How exactly do you do an APK downgrade on an iPhone which is the type of phone this question is about. Also, if you get a full physical (FDE) or a full filesystem (FBE) on an android phone you don't need to do an APK downgrade to get Whatsapp data.
my mistake. that's what i get for skimming the message. You shouldn't need to do anything for iPhone as WhatsAPP will be included in an advanced logical.
Most androids I come across you cannot perform a full physical image on without rooting the device which is not something we do as the phone needs to be returned in the same state it was received.
Most androids I come across you cannot perform a full physical image on without rooting the device which is not something we do as the phone needs to be returned in the same state it was received.
A side-side question, if I may.
When is the phone returned, on average, in your experience?
I mean, a phone is seized, then imaged/investigated, then (possibly after some explicit decision by a judge or high rank investigator) returned.
How long does the process take?
jaclaz