Difference between pages "Oxygen PM II" and "Pine Header Format"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
(Added for case with no hostname)
 
Line 1: Line 1:
===Oxygen Phone Manager II for Symbian OS Smartphones===
+
[[Pine]] composes headers in the following format:
  
Oxygen Phone Manager II for Symbian OS smartphones v2.7.6 is an extended forensic mode of data access which is compatible with Windows and supports a wide range of phone-connectivity options, including Bluetooth. While users gain total access to the content of Symbian-powered phones, they leave data untouched with no noticeable changes.
+
<pre>Date: Tue, 6 Mar 2007 11:10:36 -0500 (EST)
 +
From: Sender Name <sender@host.com>
 +
To: Getter Name <getter@otherhost.com>
 +
cc: Other Person <somebody@somehost.com>
 +
Subject: The subject text
 +
Message-ID: <Pine.LNX.4.64.0703061056380.29699@host.com></pre>
  
The program reads the content of a phone and stores it as an image on the hard drive. This relieves users from running synchronization and ensures faster data access with more efficient processing. Oxygen Phone Manager II consists of options to access and edit contacts, calendar items, to-do tasks, messages and multimedia content. The data can also be exported to other standard applications, such as MS Outlook and Address Book etc. The image saved to the hard drive also serves as a backup copy. It protects you against accidental loss of valuable forensic evidence. It ensures fast migration between phones of different models and producers. At the same time, Oxygen Phone Manager II allows a full-scale interactive access to phone content. You can use PC to edit and send out messages, create or import contacts, access and modify multimedia content. The program is a go-between that immediately translates content changes between two operating systems. They can access contacts, calendar, to-dos and the gallery from a tree of expandable folders. There is a details panel in the phone browser that shows the file size and other attributes. It also shows the overall size and number of images, melodies and video clips, and their drive in which they are present (local, flash card or ROM).
+
Using the function <tt>generate_message_id</tt> in the file <tt>reply.c</tt> we can see that the format for the Message-ID line is a series of fields separated by periods, followed by the <tt>@</tt> symbol and the hostname of the sending machine. The fields are
  
Separate windows show contacts, calendar items and to-dos. The fields accessible from menus and submenus in Symbian media appear in one grid and are easy to revise. It has an Outlook-style interface provides access to Unicode SMS, MMS, e-mail and other messages. It offers many options that you have in an email service such as file attachment support, a reply with the original message included, a one-click attachment playback, and others.  
+
# The word <tt>Pine</tt>
 +
# A three letter version of the operating system name (e.g. <tt>LNX</tt> for Linux)
 +
# The major version of Pine
 +
# The minor version of Pine
 +
# A number YYMMDDHHmmssX, Where YY is the last two digits of the year, MM the current month, DD the current day of the month, HH the current hour, mm the current minute, ss the current second, and X is either a zero or one depending on the number of seconds.
 +
# The current process ID number
  
Oxygen Phone Manager II Forensic Edition Features at a Glance –
+
Note that the timestamp in the Message-Id may not necessarily match the <tt>Date</tt> line.
+
* No data can be loaded into the program
+
* No changes can be written to the phone
+
* Support for Symbian-powered smartphones (Nokia, Sony Ericsson, Motorola, BenQ, Panasonic, Vodafone, etc.)
+
* Support for cable and wireless connectivity (IrDA, Bluetooth)
+
* Interactive access to contacts, calendar items, to-dos, messages, and multimedia content
+
* Ability to save phone contents to a hard drive and flash drives
+
* Support for Unicode SMS, MMS, e-mail, BIO and other message formats
+
* Ad-hoc data editing in separate edit windows
+
* Data export and import capabilities to PST, WAB, CSV, XML and other formats
+
* Support for RNG, MID, WAV, AMR, AWB, MP3, AU, and XMF multimedia formats
+
* Contact editing from both phonebook and vCard window
+
* Easy management of meetings, reminders, anniversary, and other calendar items
+
* Add-ons for Arabic, Croatian, Dutch, French, German, Hungarian, Italian, Polish, Russian, Slovak, Spanish, Turkish languages
+
  
===Oxygen Phone Manager II for Nokia, Samsung, Mobiado Cell Phones===
+
The hostname can be [[ROT-13]] encrypted on some configurations. If the hostname is not defined, the value <tt>huh</tt> will be used.
 
+
===Links===
+
[http://www.opm-2.com/Forensic/ Oxygen Phone Manager II Forensic Edition]
+

Latest revision as of 14:34, 6 March 2007

Pine composes headers in the following format:

Date: Tue, 6 Mar 2007 11:10:36 -0500 (EST)
From: Sender Name <sender@host.com>
To: Getter Name <getter@otherhost.com>
cc: Other Person <somebody@somehost.com>
Subject: The subject text
Message-ID: <Pine.LNX.4.64.0703061056380.29699@host.com>

Using the function generate_message_id in the file reply.c we can see that the format for the Message-ID line is a series of fields separated by periods, followed by the @ symbol and the hostname of the sending machine. The fields are

  1. The word Pine
  2. A three letter version of the operating system name (e.g. LNX for Linux)
  3. The major version of Pine
  4. The minor version of Pine
  5. A number YYMMDDHHmmssX, Where YY is the last two digits of the year, MM the current month, DD the current day of the month, HH the current hour, mm the current minute, ss the current second, and X is either a zero or one depending on the number of seconds.
  6. The current process ID number

Note that the timestamp in the Message-Id may not necessarily match the Date line.

The hostname can be ROT-13 encrypted on some configurations. If the hostname is not defined, the value huh will be used.