Cookie Policy Questo sito utilizza cookies. Continuando nella navigazione acconsenti all'uso dei cookies.

Continua Scopri di piu

Reality Net System Solutions

News

30 05 2016

Windows Phone 8 Forensics su Digital Forensics Magazine

Un articolo sull’analisi forense di smartphone con sistema operativo Windows Phone 8 scritto da Mattia Epifani e Francesco Picasso è stato pubblicato sul numero di Maggio 2016 di Digital Forensics Magazine.

Maggiori informazioni e l’abstract completo dell’articolo sono disponibili sul sito web di Digital Forensics Magazine.

01 02 2016

iOS 9 Forensics su Digital Forensics Magazine

Un articolo scritto da Mattia Epifani e Pasquale Stirparo è stato pubblicato su Digital Forensics Magazine.

Maggiori informazioni e l’abstract completo dell’articolo sono disponibili sul sito web di Digital Forensics Magazine

17 12 2015

Presentazione “Life on Clouds, a forensics overview” al DFRWS 2016 EU

La nostra short presentation “Life on Clouds, a forensics overview” è stata accettata per il DFRWS 2016 EU che si terrà  a Losanna dal 29 Marzo al 1 Aprile 2016.

Abstract della presentazione

Nowadays most part of our life is “on the cloud”: each personal device (PC, smartphone, tablet, digital camera, etc.) is constantly connected with cloud services, like Dropbox, Google Drive, iCloud and others.
In the last few years al lot of commercial tools were released to acquire data from cloud services in a forensically sound manner, but most of them are properly focused on data acquisition and do not include extraction of metadata added by cloud service providers.
In our research we tried to retrieve as much as possible information from service providers using official APIS released by vendors.
In this presentation, we will show the result of our research, focusing in particular on Dropbox and Google services, presenting some python scripts, analyzing actual functions and future development.
We will analyze connection details and metadata than can be accessed using APIS, discovering, for example, that using Google APIS it is possible to retrieve various information like Google Photo metadata (even if such files are not visible on Google Drive clients) or Comments on shared files.
Moreover we will present some interesting findings about the possibility to retrieve files and metadata also on public files that were accessed by a user though Google drive.

 

16 12 2015

Presentazione “Discovering Windows Phone 8 artifacts and secrets” al DFRWS 2016 EU

La nostra short presentation “Discovering Windows Phone 8 artifacts and secrets” è stata accettata per il DFRWS 2016 EU che si terrà  a Losanna dal 29 Marzo al 1 Aprile 2016.

Abstract della presentazione

The mobile operating system Windows Phone 8 has reached during 2015 in Europe the third position after Android and iOS for number of devices sold. The aim of this short presentation is to describe the techniques in use to extract data from Windows Phone 8 devices and obtain, when possible, a forensic image of the internal NAND and provide an overview of the most interesting artifacts that can be recovered. In particular partition structure, file system artifacts, native applications (address book, call history, SMS/MMS messages, internet history/cache/cookies, calendar), multimedia files (images, audio, videos, documents), configurations (Windows Registry) and third party apps (e.g. WhatsApp, Facebook and Skype) will be discussed. The presentation will also describe how to crack the Windows Phone pin, obtain the windows user password and decrypt ActiveSync credentials like password and Oauth. Tools to automatically perform these actions are available on authors GitHub page (https://github.com/dfirfpi/hotoloti/) and related posts are available and continuously updated on http://blog.digital-forensics.it/