2. Chain Of Trust – Normal Mode
BootRom
Low Level
Bootloader
iBoot
Kernel User Applications
2
3. Chain Of Trust – DFU Mode
BootRom
iBSS
iBEC
Kernel RAM DISK
3
4. Breaking the Chain Of Trust
limera1n BootRom
Patch iBSS
Patch iBEC
Patch Kernel
Custom RAM
DiSK
4
5. Forensics
Creating & Loading forensic toolkit on to the device without damaging the
evidence
Establishing a communication between the device and the computer
Bypassing the iPhone passcode restrictions
Reading the encrypted file system
Recovering the deleted files
5
6. References
iPhone data protection in depth by Jean-Baptiste Bédrune, Jean Sigwald
http://esec-lab.sogeti.com/dotclear/public/publications/11-hitbamsterdam-
iphonedataprotection.pdf
iPhone data protection tools
http://code.google.com/p/iphone-dataprotection/
‘Handling iOS encryption in forensic investigation’ by Jochem van Kerkwijk
iPhone Forensics by Jonathan Zdziarski
iPhone forensics white paper – viaforensics
Keychain dumper
25C3: Hacking the iPhone
The iPhone wiki
6
7. Thank You
Satishb3@securitylearn.net
http://www.securitylearn.net
7