Pieces0310

取证须让证物说话,莫妄以自我心证来给案情下定论.切忌画靶射箭,为找而找. 取证的根基仰赖经验与判断,在IT各领域的经验愈丰富,愈能看出端倪. 取证须善用工具,但不过度依赖工具.工具只能帮你缩小可能范围,但无法告诉你答案,仍需靠人进行分析判断.

首页 新随笔 联系 订阅 管理
  155 随笔 :: 0 文章 :: 67 评论 :: 11万 阅读

随笔分类 -  Mobile Phone Forensics

1 2 3 4 下一页

摘要:Someone mentioned that APK Downgrade Extraction no longer works on Android 14, and regardless of the mobile forensic tool used, it is impossible to su 阅读全文
posted @ 2024-05-19 16:17 Pieces0310 阅读(393) 评论(0) 推荐(0) 编辑

摘要:With the increasing severity of cybersecurity threats on mobile devices, awareness of personal privacy protection is also growing. Consider this scena 阅读全文
posted @ 2024-03-01 21:56 Pieces0310 阅读(59) 评论(0) 推荐(0) 编辑

摘要:Naver LINE has a little-known feature called 'All Albums' represented by a seemingly inconspicuous icon in the top-right corner of the chat interface. 阅读全文
posted @ 2024-02-27 13:24 Pieces0310 阅读(98) 评论(0) 推荐(0) 编辑

摘要:A friend of mine Ellen she asks me to give her a hand. Couple days ago she tried to extract LINE chat history from a Samsung smartphone running Androi 阅读全文
posted @ 2022-10-15 10:10 Pieces0310 阅读(265) 评论(0) 推荐(0) 编辑

摘要:Have you guys heard about "Dual Messengers" on iDevice as below pic? A friend of mine Angel she's been using "Dual Messengers" on her iPhone for a lon 阅读全文
posted @ 2022-08-14 13:31 Pieces0310 阅读(183) 评论(0) 推荐(0) 编辑

摘要:Couple days ago Oxygen Forensic Detective v14 showed up as below link: https://blog.oxygen-forensic.com/android-app-downgrade/ https://www.forensicfoc 阅读全文
posted @ 2021-09-24 22:53 Pieces0310 阅读(423) 评论(0) 推荐(0) 编辑

摘要:A friend of mine she told me that she's disappointed in some mobile forensic tools. Why? Because some goes wrong when running APK Downgrade Extraction 阅读全文
posted @ 2021-06-03 10:42 Pieces0310 阅读(1840) 评论(0) 推荐(0) 编辑

摘要:Now some mobile forensic tools take advantage of Checkra1n to jailbreak iDevices. If something goes wrong, those mobile forensic tools fail to jailbre 阅读全文
posted @ 2021-05-26 20:06 Pieces0310 阅读(381) 评论(0) 推荐(0) 编辑

摘要:If you'd like to know where your sweatheart has been, no need to setup any spy GPS tracker on her/his car... All you have to do is to take a peek at h 阅读全文
posted @ 2021-04-26 23:05 Pieces0310 阅读(253) 评论(0) 推荐(0) 编辑

摘要:Since I mentioned about "Second Space", let's take a look at Samsung "Secure Folder". This built-in feature for Samsung smartphones is a secret space 阅读全文
posted @ 2020-06-02 23:26 Pieces0310 阅读(604) 评论(0) 推荐(0) 编辑

摘要:Have you guys heard about a pretty good feature called "Second Space"? Manufacturers like Xiaomi,Huawei... offer "Second Space" feature which allows u 阅读全文
posted @ 2020-05-07 14:02 Pieces0310 阅读(815) 评论(0) 推荐(0) 编辑

摘要:Yesterday a friend of mine Kirby came to me with a smartphone and she wanted me to do her a favor. She showed me some contacts in an app called "LINE" 阅读全文
posted @ 2019-08-02 23:10 Pieces0310 阅读(484) 评论(0) 推荐(0) 编辑

摘要:One cannot be in two places at once. Do you know what's "Dual Apps"? Manufactures like Xiaomi,Oppo,Huawei offer "Dual Apps" feature which allows users 阅读全文
posted @ 2019-04-16 23:23 Pieces0310 阅读(647) 评论(2) 推荐(0) 编辑

摘要:Now it's more and more difficult for forensic tools to extract evidence from smartphone running Android 7 and above. Maybe you could acquire physical 阅读全文
posted @ 2019-03-17 22:26 Pieces0310 阅读(1315) 评论(0) 推荐(0) 编辑

摘要:近年来的安卓手机取证相较过往,可以施展的手法是愈来愈受限了,大体上可以安卓7.0做为一个分野,在安卓7.0以上的高版本明显有以下反取证的特性出现: 1. 降级(Downgrade)搭配ADB Backup的技法无法备份到App的数据,如此一来即便你知道嫌疑犯明明有用WeChat等IM,但却苦无方法可 阅读全文
posted @ 2018-12-30 14:52 Pieces0310 阅读(1554) 评论(0) 推荐(0) 编辑

摘要:A friend of mine she was frustarted in extracting WeChat chat messages from suspect's smartphone running Android 7.x. The situation is that no pattern 阅读全文
posted @ 2018-12-19 23:26 Pieces0310 阅读(881) 评论(0) 推荐(0) 编辑

摘要:最近有则取证相关的消息,链接如下,光看标题便知道与Apple的Face ID有关. https://www.cnet.com/news/fbi-unlocked-an-iphone-x-by-forcing-the-suspect-to-use-face-id/ 看完内容之后,我不争气地笑出声来,没 阅读全文
posted @ 2018-10-14 21:03 Pieces0310 阅读(346) 评论(0) 推荐(0) 编辑

摘要:取证说穿了其实就是攻防,这本是正义与邪恶的对决,亦即执法单位与嫌疑犯两者之间的事,但现实生活中要比这复杂多了. 怎么说呢?举个例子大家便理解了.取证人员费尽心思,用尽各种手法,努力地想要自手机上提取重要迹证,以还原真相,除暴安良.但此时手机厂商却跳出来了,她说为了保障个人隐私,因此她们必须致力于提升 阅读全文
posted @ 2018-07-22 09:45 Pieces0310 阅读(461) 评论(0) 推荐(0) 编辑

摘要:前不久脸书执行长祖克柏在国会听证会上,被参议员杜宾问道:”你愿意和大家分享一下昨晚待的旅店名字吗?” 只见祖克柏沉默良久,缓缓吐出”不”字. 杜宾乘胜追击,再问道:”在过去这星期你曾和谁以简讯联系过呢?你是否愿意和大家分享一下他/她们的姓名呢?” 祖克柏的回答依旧是”不”. 杜宾可真的是高手中的高手 阅读全文
posted @ 2018-04-19 23:08 Pieces0310 阅读(336) 评论(2) 推荐(0) 编辑

摘要:近日手机取证领域传出令人震撼的消息,知名取证大厂Cellebrite宣称可破解任何版本,任何机型的iDevice,连最新的iPhone X也逃不过. 若真属实,代表着iOS的取证又重现光明.只是不确定能维持多少时日的光明就是~ 为何这么说呢?毕竟,要视Cellebrite能做到对iDevice无所不 阅读全文
posted @ 2018-03-03 23:22 Pieces0310 阅读(348) 评论(2) 推荐(0) 编辑

1 2 3 4 下一页
点击右上角即可分享
微信分享提示