Difference between pages "JTAG Forensics" and "Talk:Linux Logical Volume Manager (LVM)"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
(Created page with "Should we change :To make the volume group known to the system :vgexport $VOLUMEGROUP to :To make the volume group known to the system :vgimport $VOLUMEGROUP ? vgexport ma...")
 
Line 1: Line 1:
== Definition ==
+
Should we change
=== From Wikipedia ([http://en.wikipedia.org/wiki/Joint_Test_Action_Group http://en.wikipedia.org/wiki/Joint_Test_Action_Group ]): ===
+
  
Joint Test Action Group (JTAG) is the common name for what was later standardized as the IEEE 1149.1 Standard Test Access Port and Boundary-Scan Architecture. It was initially devised for testing printed circuit boards using boundary scan and is still widely used for this application. Today JTAG is also widely used for IC debug ports. In the embedded processor market, essentially all modern processors support JTAG when they have enough pins. Embedded systems development relies on debuggers talking to chips with JTAG to perform operations like single stepping and breakpointing. Digital electronics products such as cell phones or a wireless access point generally have no other debug or test interfaces.
+
:To make the volume group known to the system
 +
:vgexport $VOLUMEGROUP
  
=== Forensic Application ===
+
to
  
JTAG forensics is an acquisition procedure which involves connecting to the Standard Test Access Port (TAPs) on a device and instructing the processor to transfer the raw data stored on connected memory chips. Jtagging supported phones can be an extremely effective technique to extract a full physical image from devices that cannot be acquired by other means.
+
:To make the volume group known to the system
 +
:vgimport $VOLUMEGROUP
 +
?
  
== Tools and Equipment ==
+
vgexport makes volume groups ''unknown'' to the system, vgimport makes exported volumes ''known'' to the system. See also [http://www.tldp.org/HOWTO/LVM-HOWTO/recipemovevgtonewsys.html this]. You should also remember, that both vgexport/vgimport alter the data on the physical device. I also added "loop" option to the mount command example, since "-o ro" may alter the data in the file system (replay the journal, etc) [[User:.FUF|.FUF]] ([[User talk:.FUF|talk]]) 10:19, 7 May 2014 (CDT)
 
+
* [[JTAG and Chip-Off Tools and Equipment]]
+
 
+
== Procedures ==
+
 
+
* [[JTAG HTC Wildfire S]]
+
* [[JTAG Huawei TracFone M865C]]
+
* [[JTAG Huawei TracFone H866C]]
+
* [[JTAG Huawei U8655]]
+
* [[JTAG Huawei Y301-A1 Valiant]]
+
* [[JTAG LG L45C TracFone]]
+
* [[JTAG LG P930 (Nitro HD)]]
+
* [[JTAG LG E960 (Nexus 4)]]
+
* [[JTAG Samsung Galaxy Centura (SCH-S738C)]]
+
* [[JTAG Samsung Galaxy S3 (SGH-I747M)]]
+
* [[JTAG Samsung Galaxy S4 (SGH-I337)]]
+

Latest revision as of 11:19, 7 May 2014

Should we change

To make the volume group known to the system
vgexport $VOLUMEGROUP

to

To make the volume group known to the system
vgimport $VOLUMEGROUP

?

vgexport makes volume groups unknown to the system, vgimport makes exported volumes known to the system. See also this. You should also remember, that both vgexport/vgimport alter the data on the physical device. I also added "loop" option to the mount command example, since "-o ro" may alter the data in the file system (replay the journal, etc) .FUF (talk) 10:19, 7 May 2014 (CDT)