Nyocha gbasara iwu nke ndabere HiSuite

Ịwepụta data sitere na ngwaọrụ gam akporo na-esiwanye ike kwa ụbọchị - mgbe ụfọdụ ọbụna siri ikekarịa site na iPhone. Igor Mikhailov, ọkachamara na Group-IB Computer Forensics Laboratory, na-agwa gị ihe ị ga-eme ma ọ bụrụ na ịnweghị ike wepụ data na ekwentị gam akporo gị site na iji usoro ọkọlọtọ.

Ọtụtụ afọ gara aga, mụ na ndị ọrụ ibe m tụlere usoro na mmepe nke usoro nchekwa na ngwaọrụ gam akporo wee bịa na nkwubi okwu na oge ga-abịa mgbe nyocha nyocha ha ga-esi ike karịa maka ngwaọrụ iOS. Ma taa, anyị nwere ike iji obi ike kwuo na oge a eruwo.

M enyochala Huawei Honor 20 Pro n'oge na-adịbeghị anya. Kedu ihe ị chere na anyị jisiri wepụta na nkwado ndabere ya nwetara site na iji ngwa ADB? Ọ dịghị ihe! Ngwa ahụ juputara na data: ozi oku, akwụkwọ ekwentị, SMS, ozi ngwa ngwa, email, faịlụ mgbasa ozi, wdg. Ma ị nweghị ike ị nweta nke ọ bụla. Mmetụta dị egwu!

Kedu ihe ị ga-eme n'ọnọdụ dị otú ahụ? Ngwọta dị mma bụ iji akụrụngwa nkwado ndabere na mpaghara (Mi PC Suite maka ekwentị Xiaomi, Samsung Smart Switch maka Samsung, HiSuite maka Huawei).

N'isiokwu a, anyị ga-eleba anya na ịmepụta na mmịpụta data sitere na Huawei smartphones site na iji ọrụ HiSuite na nyocha ha na-esote site na iji Belkasoft Evidence Center.

Kedu ụdị data agbakwunyere na nkwado ndabere na mpaghara HiSuite?

Ụdị data ndị a gụnyere na nkwado ndabere nke HiSuite:

• data gbasara akaụntụ na okwuntughe (ma ọ bụ akara)
• Ndi ana-akpo
• nsogbu
• SMS na ozi MMS
• e-mail
• multimedia faịlụ
• Ebe nchekwa data
• ihe odide
• ebe nchekwa
• faịlụ ngwa (faịlụ nwere ndọtị.odex, .so, .apk)
• ozi sitere na ngwa (dị ka Facebook, Google Drive, Foto Google, Google Mails, Google Maps, Instagram, WhatsApp, YouTube, wdg)

Ka anyị lebakwuo anya ka esi emepụta nkwado ndabere na mpaghara yana otu esi enyocha ya site na iji Belkasoft Evidence Center.

Na-akwado ekwentị Huawei site na iji ọrụ HiSuite

Iji mepụta nnomi ndabere yana akụrụngwa nwe, ịkwesịrị ibudata ya na webụsaịtị Huawei ma wụnye.

Nbudata HiSuite na webụsaịtị Huawei:

Iji jikọta ngwaọrụ na kọmputa, a na-eji ọnọdụ HDB (Huawei Debug Bridge). Enwere ntuziaka zuru ezu na webụsaịtị Huawei ma ọ bụ na mmemme HiSuite n'onwe ya maka otu esi eme ka ọnọdụ HDB rụọ ọrụ na ngwaọrụ mkpanaka gị. Mgbe ịmechara ọnọdụ HDB, malite ngwa HiSuite na ngwaọrụ mkpanaka gị wee tinye koodu egosiri na ngwa a n'ime mpio mmemme HiSuite na-agba na kọmputa gị.

Window ntinye koodu na ụdị desktọpụ nke HiSuite:

N'oge usoro nkwado ndabere na mpaghara, a ga-ajụ gị ka itinye paswọọdụ, nke a ga-eji chebe data ewepụtara na ebe nchekwa ngwaọrụ. Ntugharị ndabere emepụtara ga-adị n'akụkụ ụzọ ahụ C:/Ndị ọrụ/% Profaịlụ njirimara%/Documents/HiSuite/ndabere/.

Huawei Honor 20 Pro ndabere smartphone:

Na-enyocha ndabere HiSuite site na iji Belkasoft Evidence Center

Iji nyochaa nkwado ndabere na mpaghara nsonaazụ ya Ụlọ ihe ngosi Belkasoft mepụta azụmahịa ọhụrụ. Wee họrọ dị ka isi iyi data Foto mkpanaka. Na menu na-emepe, ezipụta ụzọ na ndekọ ebe ndabere smartphone dị ma họrọ faịlụ ahụ ozi.xml.

Na-akọwapụta ụzọ ndabere:

Na mpio na-esote, mmemme ahụ ga-akpali gị ịhọrọ ụdị artifact ndị ịchọrọ ịchọta. Mgbe ịmalite nyocha ahụ, gaa na taabụ Task Manager wee pịa bọtịnụ Hazie ọrụ, n'ihi na mmemme na-atụ anya ka paswọọdụ decrypt ndabere ezoro ezo.

button Hazie ọrụ:

Mgbe i mebichara nkwado ndabere na mpaghara ahụ, Belkasoft Evidence Center ga-ajụ gị ka ị kọwapụta ụdị arịa ndị achọrọ ka ewepụtara. Mgbe nyochachara nyocha ahụ, enwere ike ịhụ ozi gbasara ihe ndị ewepụtara na taabụ Akpa Explorer и Overview .

Nsonaazụ nyocha ndabere Huawei Honor 20 Pro:

Nyochaa ndabere HiSuite site na iji mmemme Ọkachamara Mobile Forensic

Mmemme forensic ọzọ enwere ike iji wepụ data sitere na ndabere HiSuite bụ "Onye Ọkachamara Forensic Mobile".

Iji hazie data echekwara na nkwado ndabere na mpaghara HiSuite, pịa nhọrọ Na-ebubata nkwado ndabere na isi mmemme window.

Iberibe nke isi mpio nke mmemme “Mobile Forensic Expert”:

Ma ọ bụ na ngalaba Bubata họrọ ụdị data ị ga-ebubata Nkwado Huawei:

Na mpio mepere emepe, ezipụta ụzọ nke faịlụ ahụ ozi.xml. Mgbe ịmalite usoro mmịpụta ahụ, windo ga-apụta ebe a ga-agwa gị ka itinye paswọọdụ ama ama iji mebie ndabere HiSuite, ma ọ bụ jiri ngwa Passware nwaa ịkọ paswọọdụ a ma ọ bụrụ na amabeghị:

Nsonaazụ nke nyocha nke nnomi ndabere ga-abụ windo mmemme "Mobile Forensic Expert", nke na-egosi ụdị ihe ndị a na-ewepụta: oku, kọntaktị, ozi, faịlụ, ndepụta ihe omume, data ngwa. Lezienụ anya na ọnụọgụ data ewepụtara na ngwa dị iche iche site na mmemme forensic a. Ọ bụ nnọọ nnukwu!

Ndepụta ụdị data ewepụtara na nkwado ndabere na mpaghara HiSuite na mmemme Ọkachamara Mobile Forensic:

Na-ewepụ ndabere HiSuite

Kedu ihe ị ga-eme ma ọ bụrụ na ịnweghị mmemme ndị a magburu onwe ya? N'okwu a, edemede Python mepụtara ma debe ya nke Francesco Picasso, onye ọrụ nke Reality Net System Solutions, ga-enyere gị aka. Ị nwere ike ịhụ edemede a na GitHub, na nkọwa ya nke ọma dị na ederede "Huawei ndabere decryptor."

Enwere ike ibubata na nyochaa ndabere HiSuite nke ezoro ezo site na iji ngwa nyocha ochie (dịka. Mgbochi) ma ọ bụ aka.

Nchoputa

Ya mere, iji HiSuite nkwado ndabere na mpaghara ịba uru, ị nwere ike wepụ usoro nke ukwuu data si Huawei smartphones karịa mgbe wepụ data site na otu ngwaọrụ site na iji ADB utility. N'agbanyeghị ọnụ ọgụgụ dị ukwuu nke akụrụngwa maka ịrụ ọrụ na ekwentị mkpanaaka, Belkasoft Evidence Center na Mobile Forensic Expert so na mmemme forensic ole na ole na-akwado mmịpụta na nyocha nke ndabere HiSuite.

Isi mmalite

1. Ekwentị gam akporo gam akporo siri ike karịa iPhone dịka onye nchọpụta siri kwuo
2. Huawei Hi-Suite
3. Ụlọ ihe ngosi Belkasoft
4. Ọkachamara Forensic Mobile
5. Kobackupdec
6. Huawei ndabere decryptor
7. Mgbochi

isi: www.habr.com