ProHoster > Blog > Tsamaiso > Tlhahlobo ea forensic ea li-backups tsa HiSuite

Tlhahlobo ea forensic ea li-backups tsa HiSuite

Tlhahlobo ea forensic ea li-backups tsa HiSuite

Ho ntša lintlha ho lisebelisoa tsa Android ho ntse ho thatafala letsatsi le leng le le leng - ka linako tse ling esita le thata ho fetaho feta ho tsoa ho iPhone. Igor Mikhailov, setsebi sa Sehlopha sa IB Computer Forensics Laboratory, e u bolella seo u lokelang ho se etsa haeba u sa khone ho ntša data ho smartphone ea hau ea Android u sebelisa mekhoa e tloaelehileng.

Lilemong tse 'maloa tse fetileng,' na le basebetsi-'moho le 'na re ile ra buisana ka mekhoa ea ntlafatso ea mekhoa ea ts'ireletso ea lisebelisoa tsa Android mme ra fihlela qeto ea hore nako e tla tla eo ka eona lipatlisiso tsa bona tsa forensic li neng li tla ba thata ho feta lisebelisoa tsa iOS. 'Me kajeno re ka bua ka kholiseho hore nako ena e fihlile.

Haufinyane tjena ke ile ka hlahloba Huawei Honor 20 Pro. U nahana hore re khonne ho ntša eng ho backup ea eona e fumanoeng re sebelisa sesebelisoa sa ADB? Ha ho letho! Sesebelisoa se tletse data: tlhahisoleseling ea mohala, buka ea mohala, SMS, melaetsa ea hang-hang, lengolo-tsoibila, lifaele tsa multimedia, jj. 'Me u ke ke ua ntša leha e le efe ea sena. Maikutlo a tšabehang!

Seo u lokelang ho se etsa boemong bo joalo? Tharollo e ntle ke ho sebelisa lisebelisoa tsa "backup" (Mi PC Suite bakeng sa li-smartphones tsa Xiaomi, Samsung Smart Switch bakeng sa Samsung, HiSuite bakeng sa Huawei).

Sehloohong sena re tla sheba popo le ho ntšoa ha data ho tsoa ho li-smartphones tsa Huawei ho sebelisa sesebelisoa sa HiSuite le tlhahlobo ea bona e latelang e sebelisa Setsi sa Bopaki sa Belkasoft.

Ke mefuta efe ea data e kenyellelitsoeng ho li-backups tsa HiSuite?

Mefuta e latelang ea data e kenyellelitsoe ho li-backups tsa HiSuite:

  • Lintlha tse mabapi le li-account le li-password (kapa li-tokens)
  • Mabitso
  • mathata
  • Melaetsa ea SMS le MMS
  • Email
  • lifaele tsa multimedia
  • Database
  • litokomane
  • polokelong ea lintho tsa khale
  • lifaele tsa kopo (lifaele tse nang le li-extensions.odex, .so, .apk)
  • Lintlha tse tsoang lits'ebetsong (tse kang Facebook, Google Drive, Google Photos, Google Mails, Google Maps, Instagram, WhatsApp, YouTube, joalo-joalo)

Ha re shebeng ka botlalo hore na backup e joalo e entsoe joang le hore na re ka e sekaseka joang ka Setsi sa Bopaki sa Belkasoft.

E tšehetsa smartphone ea Huawei u sebelisa sesebelisoa sa HiSuite

Ho theha kopi ea "backup" ka ts'ebeliso ea beng ba matlo, o hloka ho e jarolla webosaeteng Huawei le kenya.

Leqephe la download la HiSuite webosaeteng ea Huawei:

Tlhahlobo ea forensic ea li-backups tsa HiSuite
Ho kopanya sesebelisoa le komporo, ho sebelisoa mokhoa oa HDB (Huawei Debug Bridge). Ho na le litaelo tse qaqileng webosaeteng ea Huawei kapa lenaneong la HiSuite ka boeona mabapi le mokhoa oa ho kenya HDB sesebelisoa sesebelisoa sa hau sa mohala. Kamora ho kenya HDB mode, bula sesebelisoa sa HiSuite sesebelisoa sa hau sa mohala ebe u kenya khoutu e bonts'itsoeng ts'ebelisong ena fensetereng ea HiSuite e sebetsang komporong ea hau.

Fesetere ea ho kenya khoutu ho mofuta oa desktop oa HiSuite:

Tlhahlobo ea forensic ea li-backups tsa HiSuite
Nakong ea ts'ebetso ea ho boloka, o tla botsoa ho kenya phasewete, e tla sebelisoa ho sireletsa data e nkiloeng mohopolong oa sesebelisoa. Kopi ea "backup" e entsoeng e tla fumaneha tseleng C:/Basebelisi/% Boemo ba mosebelisi%/Documents/HiSuite/backup/.

Ho boloka li-smartphone tsa Huawei Honor 20 Pro:

Tlhahlobo ea forensic ea li-backups tsa HiSuite

Ho hlahloba bekapo ea HiSuite ho sebelisa Belkasoft Evidence Center

Ho sekaseka sephetho sa bekapo u sebelisa Setsi sa Bopaki sa Belkasoft theha khoebo e ncha. Ebe u khetha e le mohloli oa data Setšoantšo sa Mobile. Ho menu e butsoeng, hlakisa tsela e eang bukeng moo "backup" ea li-smartphone e leng teng ebe u khetha faele info.xml.

E hlalosa mokhoa oa ho boloka backup:

Tlhahlobo ea forensic ea li-backups tsa HiSuite
Fesetereng e latelang, lenaneo le tla u susumelletsa hore u khethe mefuta ea li-artifacts tseo u lokelang ho li fumana. Ka mor'a ho qala scan, e-ea tab Motsamaisi oa Mosebetsi ebe o tobetsa konopo Hlophisa mosebetsi, hobane lenaneo le lebelletse hore phasewete ea ho hlakola bekapo e kentsoeng.

konopo Hlophisa mosebetsi:

Tlhahlobo ea forensic ea li-backups tsa HiSuite
Kamora ho hlakola bekapo, Setsi sa Bopaki sa Belkasoft se tla u kopa hore u hlalose hape mefuta ea lintho tsa khale tse hlokang ho ntšoa. Ka mor'a hore tlhahlobo e phethoe, tlhahisoleseding e mabapi le li-artifacts tse nkiloeng li ka bonoa li-tab Case Explorer и Overview .

Liphetho tsa tlhahlobo ea Huawei Honor 20 Pro:

Tlhahlobo ea forensic ea li-backups tsa HiSuite

Tlhahlobo ea "backup" ea HiSuite e sebelisang lenaneo la Mobile Forensic Expert

Lenaneo le leng la forensic le ka sebelisoang ho ntša data ho tsoa ho backup ea HiSuite ke "Mobile Forensic Expert".

Ho sebetsana le data e bolokiloeng ka "backup" ea HiSuite, tobetsa khetho Ho kenya li-backups fensetereng e ka sehloohong ea lenaneo.

Sekhechana sa fensetere ea sehlooho ea "Mobile Forensic Expert" lenaneo:

Tlhahlobo ea forensic ea li-backups tsa HiSuite
Kapa karolong Kenya khetha mofuta oa data eo u ka e rekang Backup ea Huawei:

Tlhahlobo ea forensic ea li-backups tsa HiSuite
Fesetereng e butsoeng, hlakisa tsela ea faele info.xml. Ha o qala ts'ebetso ea ts'ebetso, ho tla hlaha fensetere moo o tla kopuoa ho kenya phasewete e tsebahalang ho hlakola backup ea HiSuite, kapa sebelisa sesebelisoa sa Passware ho leka ho hakanya phasewete ena haeba e sa tsejoe:

Tlhahlobo ea forensic ea li-backups tsa HiSuite
Sephetho sa tlhahlobo ea kopi ea "backup" e tla ba fensetere ea "Mobile Forensic Expert", e bonts'ang mefuta ea lintho tsa khale tse nkiloeng: mehala, mabitso, melaetsa, lifaele, phepelo ea liketsahalo, data ea kopo. Ela hloko palo ea data e nkiloeng lits'ebetsong tse fapaneng ke lenaneo lena la forensic. E kholo feela!

Lethathamo la mefuta ea data e nkiloeng ho tsoa ho backup ea HiSuite lenaneong la Setsebi sa Mobile Forensic:

Tlhahlobo ea forensic ea li-backups tsa HiSuite

Ho hlakola li-backups tsa HiSuite

Seo u lokelang ho se etsa haeba u se na mananeo ana a babatsehang? Tabeng ena, lengolo la Python le entsoeng le ho hlokomeloa ke Francesco Picasso, mosebeletsi oa Reality Net System Solutions, o tla u thusa. U ka fumana lengolo lena ho GitHub, 'me tlhaloso ea eona e qaqileng haholoanyane e ho sehlooho "Huawei backup decryptor."

Backup ea HiSuite e senyehileng e ka romelloa kantle ho naha le ho hlahlojoa ho sebelisoa lisebelisoa tsa khale tsa forensic (mohlala. Autopsy) kapa ka letsoho.

fumanoeng ke

Ka hona, u sebelisa sesebelisoa sa "backup" sa HiSuite, u ka ntša taelo ea boholo ba data ho li-smartphones tsa Huawei ho feta ha u ntša data ho lisebelisoa tse tšoanang u sebelisa sesebelisoa sa ADB. Leha ho na le lits'ebeletso tse ngata tsa ho sebetsa ka mehala ea thekeng, Setsi sa Bopaki sa Belkasoft le Setsebi sa Forensic sa Mobile ke tse ling tsa mananeo a 'maloa a ts'ehetsang ho ntšoa le tlhahlobo ea li-backups tsa HiSuite.

Mohloli

  1. Android Phones Hacked Thata ho feta iPhones Ho ea ka Detective
  2. Huawei Hi-Suite
  3. Setsi sa Bopaki sa Belkasoft
  4. Mobile Forensic Setsebi
  5. Kobackupdec
  6. Huawei bekapo decryptor
  7. Autopsy

Source: www.habr.com

Eketsa ka tlhaloso