September 2008
Intermediate to advanced
140 pages
3h 31m
English
Content preview from iPhone ForensicsBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 4. Forensic Recovery
In the previous chapter, you learned how to install a recovery toolkit on the iPhone. When the toolkit is installed, an OpenSSH daemon begins accepting connections on the device, and a Unix world is ready to service requests from the examiner. This chapter walks you through the process of configuring the iPhone to communicate with your desktop on the same Wi-Fi network so you can recover the raw media partition. Once recovered, you’ll be introduced to data recovery tools for carving and validating files, which you’ll use for further recovery of deleted files.
Configuring Wi-Fi and SSH
The media partition must be recovered over Wi-Fi, so your wireless network must be configured to connect the iPhone and desktop machine. Depending on the level of integrity your examination requires, the following options are available, each with differing levels of complexity:
Use an insecure access point with or without an encrypted tunnel or MD5 digests
Use a WPA-encrypted or WEP-encrypted access point
Use an ad-hoc network
WEP-encrypted networks suffer from an initialization vector vulnerability, where
a malicious actor could deduce the network key by watching encrypted
traffic as it flows across the network. This means that a WEP-encrypted
network is susceptible to potential tampering while your data is in
transit. To counter this, you may choose to use a network supporting WPA
(Wi-Fi Protected Access), which is
newer and more secure. Alternatively, the md5 utility, installed ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.