Difference between revisions of "Apple iPhone"

From Forensics Wiki
Jump to: navigation, search
(Tools)
(External Links)
Line 15: Line 15:
 
== External Links ==
 
== External Links ==
 
* [http://www.apple.com/iphone/ Official web site]
 
* [http://www.apple.com/iphone/ Official web site]
 +
* [http://en.wikipedia.org/wiki/IPhone Wikipedia: iPhone]
 
* [http://github.com/nst/spyphone SpyPhone].  Noted on [http://it.slashdot.org/story/09/12/04/0413235/Malware-Could-Grab-Data-From-Stock-iPhones?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29 Slashdot].
 
* [http://github.com/nst/spyphone SpyPhone].  Noted on [http://it.slashdot.org/story/09/12/04/0413235/Malware-Could-Grab-Data-From-Stock-iPhones?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29 Slashdot].
 
* [https://viaforensics.com/resources/white-papers/iphone-forensics/ iPhone Forensics], by [[Andrew Hoog]], [[Katie Strzempka]], in November 2012. Covers 13x iOS forensic tools and provides detailed information on the results for the iPhone 3G.
 
* [https://viaforensics.com/resources/white-papers/iphone-forensics/ iPhone Forensics], by [[Andrew Hoog]], [[Katie Strzempka]], in November 2012. Covers 13x iOS forensic tools and provides detailed information on the results for the iPhone 3G.

Revision as of 01:47, 28 February 2013

The iPhone is a smartphone made by Apple Inc. and sold with service through AT&T. It can be used to send/receive email (see IPhone Mail Header Format), keep schedules, surf the web, and view videos from YouTube. A large number of forensic products can process iPhones, such as Oxygen Forensic Suite 2010.

In December 2009, Nicolas Seriot presented (PDF) a harvesting application, SpyPhone. This application grabs data as sensitive as location data and a cache of keyboard words. It neither requires jailbreaking nor makes Private API calls (which Apple's App Store does not allow in any application it distributes).

Tools

  • [Cellebrite UFED http://www.cellebrite.com/forensic-solutions/ios-forensics.html]
  • iphone Data Protection is a set of tools that can image and decrypt an iPhone. The tools can even brute-force the iPhone's 4-digit numerical password.
  • Jonathan Zdziarski has released tools that will image iPhones, iPads and iPod Touch. (law enforcement only).
  • libimobiledevice is a library with utilities for backing up iPhones. The output format is an iTunes-style backup that can be examined with traditional tools. They are available in the Debian-testing packages libimobiledevice and libimobiledevice-utils.
  • Nuix Desktop and Proof Finder can detect and analyse many databases from iOS and iPhones and can directly ingest HFSX dd images.

Publications

External Links