SlideShare ist ein Scribd-Unternehmen logo

Android forensik 4

Als PPTX, PDF herunterladen
Caisar Oentoro
Caisar Oentoro
Technologie
1 von 11
Android Forensic Digital Image Recovery by Group 15
Highlight Step 1 Step 2 Data Step 3 Presentation Identification Preservation Analysis
Sceneario • Format SDCard for testing (full format / fill zero) 1 • Copy evidence file(s) to external & internal memory card 2 • Get images from external & internal memory with USB Image Tools & dd command 2 • Delete the evidence file(s) (in this case as .JPEG image) with local application (ES Explorer) 3 • Get images (again) from external & internal memory with USB Image Tools & dd command 4 • Extract all kind of files from both images with Files Scavenger. 5 • Compares extracted and founded evidences with real file(s) with JPEGNoob 6 • If the same, then recovery process is successfull 7
Phone Identification Android System Info
Data Preservation Creating Internal Memory’s Image Files: dd command : dd if=/dev/mtd/mtdx of=/mnt/sdcard bs=4096
Data Preservation Creating External Memory’s Image Files: 1. Enable USB Mode 2. Create Images with USB Image Tool 3. [Optional] Can use md5 checking
Analysis • Use File Scavenger to acquire all (deleted + hidden) data • Find ‘likely’ successfull recovered digital picture (cause sometimes the recovered image/picture has different name). • Compare real image and recovered image with JPEGSnoop (For JPEG)
Before and After Formatting with Android Format Utility
Comparasion
Conclusion • Recovering data in internal memory card was very hard to do especially if the memory size is small, because usually it will automatically ‘fully deleted’ • In External Memory, deleting files doesn’t delete the real files. The deleted files still resident the memory in, often in the same path.
That’s from us

Empfohlen

How to Recover Deleted Files for Free with Recuva
How to Recover Deleted Files for Free with RecuvaHow to Recover Deleted Files for Free with Recuva
How to Recover Deleted Files for Free with Recuva
maggiemiao
 
Android forensik 1
Android forensik 1Android forensik 1
Android forensik 1
Caisar Oentoro
 
Android forensik 2
Android forensik 2Android forensik 2
Android forensik 2
Caisar Oentoro
 
Smartphone forensic
Smartphone forensicSmartphone forensic
Smartphone forensic
00heights
 
Web Wishes, Intents, Extensions, .. Friedger Müffke, droidcon London 2014
Web Wishes, Intents, Extensions, .. Friedger Müffke, droidcon London 2014Web Wishes, Intents, Extensions, .. Friedger Müffke, droidcon London 2014
Web Wishes, Intents, Extensions, .. Friedger Müffke, droidcon London 2014
Friedger Müffke
 
Sekilas tentang digital forensik
Sekilas tentang digital forensikSekilas tentang digital forensik
Sekilas tentang digital forensik
Agung Subroto
 
Bioteknologi di bidang forensik
Bioteknologi di bidang forensikBioteknologi di bidang forensik
Bioteknologi di bidang forensik
Jessy Damayanti
 
Digital forensic upload
Digital forensic uploadDigital forensic upload
Digital forensic upload
Setia Juli Irzal Ismail
 

Empfohlen

How to Recover Deleted Files for Free with Recuva
How to Recover Deleted Files for Free with RecuvaHow to Recover Deleted Files for Free with Recuva
How to Recover Deleted Files for Free with Recuva
maggiemiao
 
Android forensik 1
Android forensik 1Android forensik 1
Android forensik 1
Caisar Oentoro
 
Android forensik 2
Android forensik 2Android forensik 2
Android forensik 2
Caisar Oentoro
 
Smartphone forensic
Smartphone forensicSmartphone forensic
Smartphone forensic
00heights
 
Web Wishes, Intents, Extensions, .. Friedger Müffke, droidcon London 2014
Web Wishes, Intents, Extensions, .. Friedger Müffke, droidcon London 2014Web Wishes, Intents, Extensions, .. Friedger Müffke, droidcon London 2014
Web Wishes, Intents, Extensions, .. Friedger Müffke, droidcon London 2014
Friedger Müffke
 
Sekilas tentang digital forensik
Sekilas tentang digital forensikSekilas tentang digital forensik
Sekilas tentang digital forensik
Agung Subroto
 
Bioteknologi di bidang forensik
Bioteknologi di bidang forensikBioteknologi di bidang forensik
Bioteknologi di bidang forensik
Jessy Damayanti
 
Digital forensic upload
Digital forensic uploadDigital forensic upload
Digital forensic upload
Setia Juli Irzal Ismail
 
Android forensics an Custom Recovery Image
Android forensics an Custom Recovery ImageAndroid forensics an Custom Recovery Image
Android forensics an Custom Recovery Image
Mohamed Khaled
 
Top 10 free sd card recovery software in 2020
Top 10 free sd card recovery software in 2020Top 10 free sd card recovery software in 2020
Top 10 free sd card recovery software in 2020
Well Wowtail
 
Having Bad Sectors on Hard drive?
Having Bad Sectors on Hard drive?Having Bad Sectors on Hard drive?
Having Bad Sectors on Hard drive?
sangysimmons
 
Hard drive data recovery
Hard drive data recoveryHard drive data recovery
Hard drive data recovery
Yodot
 
Recover Deleted Files from Hard Drive
Recover Deleted Files from Hard DriveRecover Deleted Files from Hard Drive
Recover Deleted Files from Hard Drive
Yodot
 
CNIT 152 8. Forensic Duplication
CNIT 152 8. Forensic DuplicationCNIT 152 8. Forensic Duplication
CNIT 152 8. Forensic Duplication
Sam Bowne
 
Recover Data from Memory Card
Recover Data from Memory CardRecover Data from Memory Card
Recover Data from Memory Card
Yodot
 
Sandisk card recovery guide
Sandisk card recovery guideSandisk card recovery guide
Sandisk card recovery guide
bob simpson
 
Backing up your computer
Backing up your computerBacking up your computer
Backing up your computer
clcewing
 
Stellar phoenix dvd data recovery
Stellar phoenix dvd data recoveryStellar phoenix dvd data recovery
Stellar phoenix dvd data recovery
smith bush
 
Module 02 ftk imager
Module 02 ftk imagerModule 02 ftk imager
Module 02 ftk imager
ParminderKaurBScHons
 
How to Recover Lost Files
How to Recover Lost FilesHow to Recover Lost Files
How to Recover Lost Files
Yodot
 
CNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationCNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic Duplication
Sam Bowne
 
Workshop 2 revised
Workshop 2 revisedWorkshop 2 revised
Workshop 2 revised
peterchanws
 
Memory card recovery software
Memory card recovery softwareMemory card recovery software
Memory card recovery software
memory card recovery
 
Memory stick recovery
Memory stick recoveryMemory stick recovery
Memory stick recovery
Memory Stick Recovery
 
Chapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docx
Chapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docxChapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docx
Chapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docx
christinemaritza
 
One-Byte Modification for Breaking Memory Forensic Analysis
One-Byte Modification for Breaking Memory Forensic AnalysisOne-Byte Modification for Breaking Memory Forensic Analysis
One-Byte Modification for Breaking Memory Forensic Analysis
Takahiro Haruyama
 
Recover Data from Memory Stick
Recover Data from Memory StickRecover Data from Memory Stick
Recover Data from Memory Stick
Yodot
 
Photos inaccessible after "Un mountable volume" error
Photos inaccessible after "Un mountable volume" errorPhotos inaccessible after "Un mountable volume" error
Photos inaccessible after "Un mountable volume" error
Macbook PhotoRecovery
 
D3.JS Data-Driven Documents
D3.JS Data-Driven DocumentsD3.JS Data-Driven Documents
D3.JS Data-Driven Documents
Caisar Oentoro
 
Android forensik
Android forensikAndroid forensik
Android forensik
Caisar Oentoro
 

Weitere ähnliche Inhalte

Ähnlich wie Android forensik 4

Backing up your computer
Backing up your computerBacking up your computer
Backing up your computer
clcewing
 
Workshop 2 revised
Workshop 2 revisedWorkshop 2 revised
Workshop 2 revised
peterchanws
 
Chapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docx
Chapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docxChapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docx
Chapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docx
christinemaritza
 
One-Byte Modification for Breaking Memory Forensic Analysis
One-Byte Modification for Breaking Memory Forensic AnalysisOne-Byte Modification for Breaking Memory Forensic Analysis
One-Byte Modification for Breaking Memory Forensic Analysis
Takahiro Haruyama
 
Photos inaccessible after "Un mountable volume" error
Photos inaccessible after "Un mountable volume" errorPhotos inaccessible after "Un mountable volume" error
Photos inaccessible after "Un mountable volume" error
Macbook PhotoRecovery
 

Ähnlich wie Android forensik 4 (20)

Android forensics an Custom Recovery Image
Android forensics an Custom Recovery ImageAndroid forensics an Custom Recovery Image
Android forensics an Custom Recovery Image
 
Top 10 free sd card recovery software in 2020
Top 10 free sd card recovery software in 2020Top 10 free sd card recovery software in 2020
Top 10 free sd card recovery software in 2020
 
Having Bad Sectors on Hard drive?
Having Bad Sectors on Hard drive?Having Bad Sectors on Hard drive?
Having Bad Sectors on Hard drive?
 
Hard drive data recovery
Hard drive data recoveryHard drive data recovery
Hard drive data recovery
 
Recover Deleted Files from Hard Drive
Recover Deleted Files from Hard DriveRecover Deleted Files from Hard Drive
Recover Deleted Files from Hard Drive
 
CNIT 152 8. Forensic Duplication
CNIT 152 8. Forensic DuplicationCNIT 152 8. Forensic Duplication
CNIT 152 8. Forensic Duplication
 
Recover Data from Memory Card
Recover Data from Memory CardRecover Data from Memory Card
Recover Data from Memory Card
 
Sandisk card recovery guide
Sandisk card recovery guideSandisk card recovery guide
Sandisk card recovery guide
 
Backing up your computer
Backing up your computerBacking up your computer
Backing up your computer
 
Stellar phoenix dvd data recovery
Stellar phoenix dvd data recoveryStellar phoenix dvd data recovery
Stellar phoenix dvd data recovery
 
Module 02 ftk imager
Module 02 ftk imagerModule 02 ftk imager
Module 02 ftk imager
 
How to Recover Lost Files
How to Recover Lost FilesHow to Recover Lost Files
How to Recover Lost Files
 
CNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationCNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic Duplication
 
Workshop 2 revised
Workshop 2 revisedWorkshop 2 revised
Workshop 2 revised
 
Memory card recovery software
Memory card recovery softwareMemory card recovery software
Memory card recovery software
 
Memory stick recovery
Memory stick recoveryMemory stick recovery
Memory stick recovery
 
Chapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docx
Chapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docxChapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docx
Chapter 8 Common Forensic ToolsOverviewIn this chapter, youl.docx
 
One-Byte Modification for Breaking Memory Forensic Analysis
One-Byte Modification for Breaking Memory Forensic AnalysisOne-Byte Modification for Breaking Memory Forensic Analysis
One-Byte Modification for Breaking Memory Forensic Analysis
 
Recover Data from Memory Stick
Recover Data from Memory StickRecover Data from Memory Stick
Recover Data from Memory Stick
 
Photos inaccessible after "Un mountable volume" error
Photos inaccessible after "Un mountable volume" errorPhotos inaccessible after "Un mountable volume" error
Photos inaccessible after "Un mountable volume" error
 

Mehr von Caisar Oentoro

Mehr von Caisar Oentoro (6)

D3.JS Data-Driven Documents
D3.JS Data-Driven DocumentsD3.JS Data-Driven Documents
D3.JS Data-Driven Documents
 
Android forensik
Android forensikAndroid forensik
Android forensik
 
Greedy algorithm
Greedy algorithmGreedy algorithm
Greedy algorithm
 
Mini magazine
Mini magazineMini magazine
Mini magazine
 
Metode SMART
Metode SMARTMetode SMART
Metode SMART
 
How Reflex Works
How Reflex WorksHow Reflex Works
How Reflex Works
 

Kürzlich hochgeladen

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Kürzlich hochgeladen (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

Android forensik 4

  • 1. Android Forensic Digital Image Recovery by Group 15
  • 2. Highlight Step 1 Step 2 Data Step 3 Presentation Identification Preservation Analysis
  • 3. Sceneario • Format SDCard for testing (full format / fill zero) 1 • Copy evidence file(s) to external & internal memory card 2 • Get images from external & internal memory with USB Image Tools & dd command 2 • Delete the evidence file(s) (in this case as .JPEG image) with local application (ES Explorer) 3 • Get images (again) from external & internal memory with USB Image Tools & dd command 4 • Extract all kind of files from both images with Files Scavenger. 5 • Compares extracted and founded evidences with real file(s) with JPEGNoob 6 • If the same, then recovery process is successfull 7
  • 4. Phone Identification Android System Info
  • 5. Data Preservation Creating Internal Memory’s Image Files: dd command : dd if=/dev/mtd/mtdx of=/mnt/sdcard bs=4096
  • 6. Data Preservation Creating External Memory’s Image Files: 1. Enable USB Mode 2. Create Images with USB Image Tool 3. [Optional] Can use md5 checking
  • 7. Analysis • Use File Scavenger to acquire all (deleted + hidden) data • Find ‘likely’ successfull recovered digital picture (cause sometimes the recovered image/picture has different name). • Compare real image and recovered image with JPEGSnoop (For JPEG)
  • 8. Before and After Formatting with Android Format Utility
  • 10. Conclusion • Recovering data in internal memory card was very hard to do especially if the memory size is small, because usually it will automatically ‘fully deleted’ • In External Memory, deleting files doesn’t delete the real files. The deleted files still resident the memory in, often in the same path.