ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "Apple iPhone"

From ForensicsWiki
Jump to: navigation, search
m (Changed Oxygen Forensic Suite 2 to Oxygen Forensic Suite 2010)
(External Links)
(28 intermediate revisions by 6 users not shown)
Line 1: Line 1:
The '''iPhone''' is a smartphone made by [[Apple Inc.]] and sold with service through AT&T. It can be used to send/receive [[email]] (see [[IPhone Mail Header Format]]), keep schedules, surf the web, and view videos from YouTube. A large number of forensic products can process iPhones, such as [[Oxygen Forensic Suite 2010]].
+
The '''iPhone''' is a smartphone made by [[Apple Inc.]] and sold with service through AT&T. It can be used to send/receive [[email]] (see [[IPhone Mail Header Format]]), keep schedules, surf the web, and view videos from YouTube. A large number of forensic products can process iPhones, see Tools section.
 +
 
 +
In December 2009, Nicolas Seriot presented a paper [http://seriot.ch/resources/talks_papers/iPhonePrivacy.pdf] in combination with a harvesting application named [http://github.com/nst/spyphone SpyPhone].  This application grabs data as sensitive as location data and a cache of keyboard words.  It neither requires jailbreaking nor makes Private API calls (which Apple's App Store does not allow in any application it distributes).
 +
 
 +
== Tools ==
 +
* Black Bag Technology Mobilyze
 +
* [http://www.cellebrite.com/forensic-solutions/ios-forensics.html Cellebrite UFED]
 +
* EnCase Neutrino
 +
* [http://www.ixam-forensics.com/ FTS iXAM]
 +
* iPhone Analyzer
 +
* [http://code.google.com/p/iphone-dataprotection/ iphone-dataprotection]; a set of tools that can image and decrypt an iPhone. The tools can even brute-force the iPhone's 4-digit numerical password.
 +
* [http://www.iosresearch.org iOS Forensic Research]. [[Jonathan Zdziarski]] has released tools that will image iPhones, iPads and iPod Touch. (law enforcement only).
 +
* [http://katanaforensics.com/products/ Katana Forensics Lantern]
 +
* [http://www.libimobiledevice.org/ libimobiledevice] is a library with utilities for backing up iPhones. The output format is an iTunes-style backup that can be examined with traditional tools.  They are available in the Debian-testing packages '''libimobiledevice''' and '''libimobiledevice-utils'''.
 +
* Logicube CellDEK
 +
* MacLock Pick
 +
* [[.XRY|Micro Systemation .XRY]]
 +
* Mobile Sync Browser
 +
* [[Nuix Desktop]] and [[Proof Finder]] can detect and analyse many databases from iOS and iPhones and can directly ingest HFSX dd images.
 +
* [[Oxygen Forensic Suite 2010]]
 +
* Paraben Device Seizure
 +
* [http://github.com/nst/spyphone SpyPhone]
 +
 
 +
== Publications ==
 +
* Gómez-Miralles, Arnedo-Moreno. [http://openaccess.uoc.edu/webapps/o2/bitstream/10609/11862/1/iPadForensics.pdf Versatile iPad forensic acquisition using the Apple Camera Connection Kit.] Computers And Mathematics With Applications, Volume 63, Issue 2, 2012, pp.544-553.
  
 
== External Links ==
 
== External Links ==
 
* [http://www.apple.com/iphone/ Official web site]
 
* [http://www.apple.com/iphone/ Official web site]
 +
* [http://en.wikipedia.org/wiki/IPhone Wikipedia: iPhone]
 +
* [http://en.wikipedia.org/wiki/IOS_jailbreaking Wikipedia: IOS jailbraking]
 +
* [http://theiphonewiki.com/wiki/Main_Page The iPhone Wiki]
 +
* [http://it.slashdot.org/story/09/12/04/0413235/Malware-Could-Grab-Data-From-Stock-iPhones?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29 Slashdot: Malware Could Grab Data From Stock iPhones]
 +
* [http://seriot.ch/resources/talks_papers/iPhonePrivacy.pdf Apple iOS Privacy], [http://seriot.ch/resources/talks_papers/ios_privacy_hashdays.pdf slides hash days presentation], by [[Nicolas Seriot]], in November 2010.
 +
* [https://viaforensics.com/resources/white-papers/iphone-forensics/ iPhone Forensics], by [[Andrew Hoog]] and [[Katie Strzempka]], in November 2010. Covers 13x iOS forensic tools and provides detailed information on the results for the iPhone 3G.
 +
* [http://media.blackhat.com/bh-ad-11/Belenko/bh-ad-11-Belenko-iOS_Data_Protection.pdf Evolution of iOS Data Protection and iPhone Forensics: from iPhone OS to iOS 5], by [[Andrey Belenko]] and [[Dmitry Sklyarov]], 2011
 +
* [http://www.exploit-db.com/wp-content/themes/exploit/docs/19767.pdf Forensic analysis of iPhone backups], by Satish B, 2012
 +
* [http://www.sans.org/reading_room/whitepapers/forensics/forensic-analysis-ios-devices_34092 Forensic Analysis on iOS Devices], by [[Tim Proffitt]], November 5, 2012

Revision as of 07:35, 28 February 2013

The iPhone is a smartphone made by Apple Inc. and sold with service through AT&T. It can be used to send/receive email (see IPhone Mail Header Format), keep schedules, surf the web, and view videos from YouTube. A large number of forensic products can process iPhones, see Tools section.

In December 2009, Nicolas Seriot presented a paper [1] in combination with a harvesting application named SpyPhone. This application grabs data as sensitive as location data and a cache of keyboard words. It neither requires jailbreaking nor makes Private API calls (which Apple's App Store does not allow in any application it distributes).

Tools

Publications

External Links