Hackers of India

Android Forensics

By  Manish Chasta  on 04 Dec 2011 @ Clubhack


Presentation Material

Android forensics (Manish Chasta) from ClubHack

Abstract

Videos are listed below

Smartphones can be used in cyber crimes like shooting illegal videos, sexual harassment cases, used by terrorists or for financial crimes. Talk starts with brief introduction of Android internals i.e. Dalvik VM, SQLite database, underlying Kernel. Presentation covers the steps of cyber forensics in context of Android:

Seizing the phone and maintaining its state so that we don’t lose any important data Taking image of the phone memory and memory card. In case of Android, we need to ROOT the device first to take the bit by bit image. Recovering useful data from the image. Device memory can contain extremely valuable data including contact list, call logs, sms, emails, passwords, application data, phone data etc. Analyzing the data to discover evidences. It will cover decrypting the encrypted files, cracking the passwords, recovering deleted files etc. Chain of custody to preserve evidences so that they can be presented in a court of law. The presentation also demonstrates:

Takeaway for the audience: