ProHoster > Блог > Gudanarwa > Binciken shari'a na madadin HiSuite

Binciken shari'a na madadin HiSuite

Binciken shari'a na madadin HiSuite

Ciro bayanai daga na'urorin Android yana ƙara wahala kowace rana - wani lokacin ma mafi wahalafiye da daga iPhone. Igor Mikhailov, ƙwararre a Laboratory Forensics Computer Group-IB. yana gaya muku abin da za ku yi idan ba za ku iya cire bayanai daga wayarku ta Android ta amfani da daidaitattun hanyoyin ba.

Shekaru da yawa da suka gabata, ni da abokan aikina mun tattauna abubuwan da ke faruwa a cikin haɓaka hanyoyin tsaro a cikin na'urorin Android kuma mun yanke shawarar cewa lokaci zai zo da binciken binciken su zai zama mafi wahala fiye da na'urorin iOS. Kuma a yau za mu iya cewa da gaba gaɗi cewa wannan lokaci ya zo.

Kwanan nan na sake nazarin Huawei Honor 20 Pro. Me kuke tsammanin mun sami nasarar cirewa daga madadin da aka samu ta amfani da kayan aikin ADB? Babu komai! Na'urar tana cike da bayanai: bayanin kira, littafin waya, SMS, saƙon take, imel, fayilolin multimedia, da sauransu. Kuma ba za ku iya fitar da ko ɗaya daga cikin wannan ba. Mugun ji!

Me za a yi a irin wannan yanayi? Kyakkyawan bayani shine a yi amfani da kayan aikin ajiya na mallaka (Mi PC Suite don wayoyin hannu na Xiaomi, Samsung Smart Switch don Samsung, HiSuite don Huawei).

A cikin wannan labarin za mu dubi ƙirƙira da kuma fitar da bayanai daga wayoyin hannu na Huawei ta amfani da kayan aikin HiSuite da binciken su na gaba ta amfani da Cibiyar Shaida ta Belkasoft.

Wadanne nau'ikan bayanai ne aka haɗa a cikin madadin HiSuite?

Ana haɗa nau'ikan bayanai masu zuwa a cikin madadin HiSuite:

  • bayanai game da asusu da kalmomin shiga (ko alamu)
  • cikakkun bayanai
  • kalubale
  • SMS da saƙonnin MMS
  • e-mail
  • multimedia fayiloli
  • Database
  • da takardu
  • rumbun adana bayanai
  • fayilolin aikace-aikacen (fayil ɗin tare da kari.odex, .so, .apk)
  • bayanai daga aikace-aikace (kamar Facebook, Google Drive, Hotunan Google, Google Mails, Google Maps, Instagram, WhatsApp, YouTube, da sauransu).

Bari mu bincika dalla-dalla yadda ake ƙirƙirar irin wannan madadin da kuma yadda ake tantance shi ta amfani da Cibiyar Shaida ta Belkasoft.

Ajiye wa wayar Huawei ta amfani da kayan aikin HiSuite

Don ƙirƙirar kwafin madadin tare da abin amfani na mallakar mallaka, kuna buƙatar zazzage shi daga gidan yanar gizon Huawei kuma shigar.

HiSuite zazzage shafin akan gidan yanar gizon Huawei:

Binciken shari'a na madadin HiSuite
Don haɗa na'urar tare da kwamfuta, ana amfani da yanayin HDB (Huawei Debug Bridge). Akwai cikakkun bayanai game da gidan yanar gizon Huawei ko a cikin shirin HiSuite da kansa kan yadda ake kunna yanayin HDB akan na'urar tafi da gidanka. Bayan kunna yanayin HDB, kaddamar da aikace-aikacen HiSuite akan na'urar tafi da gidanka kuma shigar da lambar da aka nuna a cikin wannan aikace-aikacen a cikin taga shirin HiSuite da ke gudana akan kwamfutarka.

Tagar shigarwar lamba a cikin nau'in tebur na HiSuite:

Binciken shari'a na madadin HiSuite
A lokacin aikin ajiyar, za a umarce ku da ku shigar da kalmar sirri, wanda za a yi amfani da shi don kare bayanan da aka ciro daga ƙwaƙwalwar na'urar. Kwafin ajiyar da aka ƙirƙira zai kasance tare da hanyar C:/Masu amfani/% Bayanin mai amfani%/Takardu/HiSuite/ajiyayyen/.

Ajiyayyen wayowin komai da ruwan Huawei Honor 20 Pro:

Binciken shari'a na madadin HiSuite

Yin nazarin madadin HiSuite ta amfani da Cibiyar Shaida ta Belkasoft

Don bincika sakamakon madadin ta amfani da Cibiyar Shaida ta Belkasoft haifar da sabon kasuwanci. Sannan zaɓi azaman tushen bayanai Hoton Wayar hannu. A cikin menu wanda ya buɗe, saka hanyar zuwa kundin adireshi inda madadin wayowin komai ya kasance kuma zaɓi fayil ɗin bayani.xml.

Ƙayyadaddun hanyar zuwa madadin:

Binciken shari'a na madadin HiSuite
A cikin taga na gaba, shirin zai sa ku zaɓi nau'ikan kayan tarihi waɗanda kuke buƙatar nemo. Bayan fara sikanin, je zuwa shafin Task Manager kuma danna maballin Sanya ɗawainiya, saboda shirin yana tsammanin kalmar sirri don warware ɓoyayyen madadin.

button Sanya ɗawainiya:

Binciken shari'a na madadin HiSuite
Bayan cire bayanan ajiyar waje, Cibiyar Shaida ta Belkasoft za ta tambaye ka ka sake tantance nau'ikan kayan tarihi da ake buƙatar ciro. Bayan an gama bincike, ana iya duba bayanai game da kayan tarihi da aka ciro a cikin shafuka Case Explorer и Overview .

Sakamakon bincike na madadin Huawei Honor 20 Pro:

Binciken shari'a na madadin HiSuite

Binciken madadin HiSuite ta amfani da shirin Kwararrun Ƙwararru ta Wayar hannu

Wani shirin bincike wanda za'a iya amfani dashi don cire bayanai daga madadin HiSuite shine "Masanin Forensic na Wayar hannu".

Don aiwatar da bayanan da aka adana a madadin HiSuite, danna kan zaɓi Ana shigo da madogara a cikin babban shirin taga.

Juzu'i na babban taga na shirin "Mobile Forensic Expert" shirin:

Binciken shari'a na madadin HiSuite
Ko a cikin sashe Shigo zaɓi nau'in bayanan da aka shigo da su Huawei madadin:

Binciken shari'a na madadin HiSuite
A cikin taga da yake buɗewa, saka hanyar zuwa fayil ɗin bayani.xml. Lokacin da ka fara aikin cirewa, taga zai bayyana inda za a tambaye ku ko dai shigar da sanannen kalmar sirri don ɓata madadin HiSuite, ko amfani da kayan aikin Passware don gwada wannan kalmar sirri idan ba a sani ba:

Binciken shari'a na madadin HiSuite
Sakamakon bincike na kwafin ajiyar zai zama taga shirin "Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwaƙwalwa na Ƙadda ) , wanda ke nuna nau'in kayan aikin da aka samo: kira, lambobin sadarwa, saƙonni, fayiloli, abincin taron, bayanan aikace-aikace. Kula da adadin bayanan da aka fitar daga aikace-aikace daban-daban ta wannan shirin bincike. Yana da girma kawai!

Jerin nau'ikan bayanan da aka fitar daga madadin HiSuite a cikin shirin ƙwararrun Kwararru na Wayar hannu:

Binciken shari'a na madadin HiSuite

Yanke madogaran HiSuite

Me za ku yi idan ba ku da waɗannan shirye-shirye masu ban mamaki? A wannan yanayin, rubutun Python wanda Francesco Picasso, ma'aikacin Reality Net System Solutions ya haɓaka kuma ya kiyaye shi, zai taimaka muku. Kuna iya samun wannan rubutun a GitHub, kuma ƙarin bayaninsa yana cikin labarin "Huawei madadin decryptor."

Ana iya shigo da madadin HiSuite da aka ɓoye sannan a bincika ta amfani da kayan aikin bincike na yau da kullun (misali. Tsinkaya) ko da hannu.

binciken

Don haka, ta amfani da kayan aiki na madadin HiSuite, zaku iya fitar da tsari na girman bayanai daga wayoyin hannu na Huawei fiye da lokacin fitar da bayanai daga na'urori iri ɗaya ta amfani da mai amfani ADB. Duk da ɗimbin yawan abubuwan amfani don aiki tare da wayoyin hannu, Cibiyar Shaida ta Belkasoft da ƙwararrun Forensic ta Wayar hannu suna cikin ƴan shirye-shiryen binciken shari'a waɗanda ke goyan bayan hakar da bincike na madadin HiSuite.

Sources

  1. Wayoyin Android An Yi Wa Hannu Da Wahala Fiye Da IPhone A Cewar Wani Dan Sanda
  2. Huawei Hi-Suite
  3. Cibiyar Shaida ta Belkasoft
  4. Masanin Ilimin Wayar Hannu
  5. Kobackupdec
  6. Huawei madadin decryptor
  7. Tsinkaya

source: www.habr.com

Add a comment