iOS Network Forensics Flashcards
1
Q
Checkm8 definition
A
Exploit that makes a full file system extraction possible.
2
Q
Checkra1n definition
A
Utilising the checkm8 exploit in forensics is
achieved using Checkra1n
3
Q
Wi-Fi and cell site location files in iOS
A
plistprivate/var/root/Library/Caches/location/cache_encrypte dB.db
/private/var/root/Library/Caches/com.apple.wifid/ThreeBars.sqlite
/private/var/root/Library/Caches/com.apple.routined/Cache.sqlite
locationd_cacheencryptedAB_celllocation.txt
4
Q
Iphone backup location
A
/private/var/mobile/Library/Preference/com.apple.mobile.ldbackup.plist
5
Q
iOS files of interest
A
CallHistoryDB
CrashReporter
Wi-Fi Subfolder
SMS Folder
KnowledgeC.db - Database on application usage