using adb to extrac...
 
Notifications
Clear all

using adb to extract android

13 Posts
8 Users
0 Likes
938 Views
 Anonymous
Posts: 0
Topic starter
 

hi all, I am trying to use adb.exe to pull info from android.

does anyone know how can I tell it to extract all the folders or some folder.
also does anyone know if it can be used to extract deleted items.

thanks in advance for all the answers.

 
Posted : 09/03/2014 4:58 pm
jhup
 jhup
(@jhup)
Posts: 1442
Noble Member
 

ADB will provide you a "bridge" (ergo the name) to access the phone content; it will not extract data.
The ADB daemon or server on the phone runs when it is enabled (debug/dev mode), and is built into Android.

Since the daemon is not running as root by default, you will only have access to regular files, no slack or deleted information. If you root the device, you will get all allocated, file system data - still no deleted information.

 
Posted : 09/03/2014 6:09 pm
 Anonymous
Posts: 0
Topic starter
 

ADB will provide you a "bridge" (ergo the name) to access the phone content; it will not extract data.
The ADB daemon or server on the phone runs when it is enabled (debug/dev mode), and is built into Android.

Since the daemon is not running as root by default, you will only have access to regular files, no slack or deleted information. If you root the device, you will get all allocated, file system data - still no deleted information.

thank you.

 
Posted : 09/03/2014 7:59 pm
joe_t
(@joe_t)
Posts: 14
Active Member
 

ADB will provide you a "bridge" (ergo the name) to access the phone content; it will not extract data.
The ADB daemon or server on the phone runs when it is enabled (debug/dev mode), and is built into Android.

Since the daemon is not running as root by default, you will only have access to regular files, no slack or deleted information. If you root the device, you will get all allocated, file system data - still no deleted information.

thank you.

That's not entirely true, you can also, for example, fastboot into a rooted environment (like booting a computer from a live cd) and use ADB to pull an entire physical image (providing that the the device is S-OFF). For a great list of Android forensic methods, check out
https://viaforensics.com/resources/reports/android-forensics/physical-techniques/#fastboot

 
Posted : 10/03/2014 12:30 pm
jhup
 jhup
(@jhup)
Posts: 1442
Noble Member
 

How do you pull data from a device instance to dev. machine without knowing the file/directory names? shell requires at least one other tool on the device from /system/bin/.

Those are the two other commands I am aware that maybe able to get some data - but both require something that was not mentioned in the original post.

How can ADB, and ADB alone, "pull an entire physical image"? I would love to learn it.

 
Posted : 10/03/2014 4:59 pm
Zergling
(@zergling)
Posts: 38
Eminent Member
 

How can ADB, and ADB alone, "pull an entire physical image"? I would love to learn it.

That is the point. You can use additional binaries like nanddump or busybox etc. to pull an image via ADB but ADB itself ist just the bridge to execute commands either supported by the phone or through external binaries.

 
Posted : 11/03/2014 1:32 pm
Bitstorm
(@bitstorm)
Posts: 53
Trusted Member
 

I used an alternate recovery to boot an Android to have access to the file systems. You can use ODIN 1.85 and push a recovery in PDA.

What you need a ROM/ Recobvery for the device you need to examine. I used recoveries based on Clock Work Mode (CWM).
The Android Phone needs to be set in boot mode (Samsung vol down + (home) + Power). Connect it to your PC with ODIN running. I used ODIN 1.85 (avalable on different forums). Click inside ODIN on PDA, locate the ROM file for the phone and start flashing. It should display success in the top bar of ODIN. The Android Phone should immedialtely reboot and you need to press some buttons to push it in recovery mode (eg Samsung vol up + (home) + (Power)).

Now you can connect via adb. There's an adb executable on the net or you can use the Android SDKs adb tool. You need to run it from cmd
adb devices ; shows connected devices and should show recovery
adb shell ; connects to the shell of android. The security concept from google doens't force you to enter a PIN 😉
With a recovery you can dd the "sdcard" of the android phone.

 
Posted : 11/03/2014 2:52 pm
Mrke18
(@mrke18)
Posts: 2
New Member
 

In my experience I've downloaded a backup program like MyBackupRoot from the Android Store. After that conduct a full back up of your device. I would then adb pull the MyBackupRoot from my SDcard and that should do the trick. It's kind of a round about way of doing things but its worked for me in the past. Best of Luck

 
Posted : 11/03/2014 3:51 pm
jhup
 jhup
(@jhup)
Posts: 1442
Noble Member
 

So… the statement "not entirely true", is false, ergo my statement is true. mrgreen

How can ADB, and ADB alone, "pull an entire physical image"? I would love to learn it.

That is the point. You can use additional binaries like nanddump or busybox etc. to pull an image via ADB but ADB itself ist just the bridge to execute commands either supported by the phone or through external binaries.

 
Posted : 11/03/2014 5:51 pm
joe_t
(@joe_t)
Posts: 14
Active Member
 

How can ADB, and ADB alone, "pull an entire physical image"? I would love to learn it.

That is the point. You can use additional binaries like nanddump or busybox etc. to pull an image via ADB but ADB itself ist just the bridge to execute commands either supported by the phone or through external binaries.

DD is built into android - also in the various "recovery images".

So, using the technique I mentioned, you can fastboot a telephone into a rooted recovery mod like CWRM into RAM without flashing anything (like booting a computer with a livecd) and use DD over ADB to dump the partitions physically without needing any extra tools or software other than ADB and the image (although you can, of course, if you prefer).

As for where to save the data - you can, for example, insert a large (micro)SD card in the device and dump everything onto that or you can, for example, use adb forward and combine it with netcat to write the images directly to files… lots of possibilities. But you don't have to use anything but adb/fastboot.

 
Posted : 12/03/2014 3:18 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

But you don't have to use anything but adb/fastboot.

AND dd.
You know, like

That is the point. You can use additional binaries like nanddump or busybox etc. to pull an image via ADB but ADB itself is just the bridge to execute commands either supported by the phone or through external binaries.

jaclaz

 
Posted : 12/03/2014 5:31 pm
anithar
(@anithar)
Posts: 1
New Member
 

Sir,

I am using custom recovery image for physical acquisition of Android…While editing the ramdisk in default.prop i set ro.secure=0 and ro.debuggable=1..but i didnt get root access…I am using Samsung Galaxy Trend mobile..What might be the reason?Please anybody provide me suggestion..

 
Posted : 14/05/2014 8:43 am
jhup
 jhup
(@jhup)
Posts: 1442
Noble Member
 

Let me expand, stress and still ask
How can ADB & DD, and ADB & DD alone, "pull an entire physical image"? I would love to learn it.

 
Posted : 15/05/2014 1:37 am
Share:
Share to...