iphone forensics on ios5
Post on 28-Jun-2015
1.324 Views
Preview:
TRANSCRIPT
iPhone ForensicsiPhone Forensics
Satish BEmail: satishb3@securitylearn.net
Chain Of Trust – Normal Chain Of Trust – Normal ModeMode
2
BootRom
Low Level Bootloader
User Applications
iBoot
Kernel
Chain Of Trust – DFU ModeChain Of Trust – DFU Mode
3
BootRom
iBSS
RAM DISK
iBEC
Kernel
Breaking the Chain Of Trust Breaking the Chain Of Trust
4
BootRom
iBSS
Custom RAM DiSK
iBEC
Kernel
limera1n
Patch
Patch
Patch
ForensicsForensics
5
Creating & Loading forensic toolkit on to the device without damaging the evidence
Establishing a communication between the device and the computer
Bypassing the iPhone passcode restrictions
Reading the encrypted file system
Recovering the deleted files
ReferencesReferences
6
iPhone data protection in depth by Jean-Baptiste Bédrune, Jean Sigwaldhttp://esec-lab.sogeti.com/dotclear/public/publications/11-hitbamsterdam-iphonedataprotection.pdf
iPhone data protection tools http://code.google.com/p/iphone-dataprotection/ ‘Handling iOS encryption in forensic investigation’ by
Jochem van Kerkwijk iPhone Forensics by Jonathan Zdziarski iPhone forensics white paper – viaforensics Keychain dumper 25C3: Hacking the iPhone The iPhone wiki
Thank YouThank You
7
Satishb3@securitylearn.net
http://www.securitylearn.net
top related