±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 1 Overall: 32229
New Yesterday: 5 Visitors: 127

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Tom Tom Go Live 825

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page 1, 2  Next 
  

Tom Tom Go Live 825

Post Posted: Tue Jun 12, 2012 4:00 am

Not sure where to post this....

We have a Tom Tom Go Live 825 in but UFED nor XRY support the device. We understand its a network based device for connectivity.

Any ideas?  

triran
Senior Member
 
 
  

Re: Tom Tom Go Live 825

Post Posted: Tue Jun 12, 2012 7:05 am

We have had exactly the same problems with the TomTom Go Live models.

I am unaware of a solution at present.
_________________
There is nothing either good or bad, but thinking makes it so. 

ludlowboy
Senior Member
 
 
  

Re: Tom Tom Go Live 825

Post Posted: Tue Jun 12, 2012 4:19 pm

What is it that you need from the unit?

There are plenty of other ways to get the same data that unit has inside of it, just takes much more investigation.

- triran
Not sure where to post this....

We have a Tom Tom Go Live 825 in but UFED nor XRY support the device. We understand its a network based device for connectivity.

Any ideas?

_________________
Why order a taco when you can ask it politely?

Alan B. "A man can live a good life, be honorable, give to charity, but in the end, the number of people who come to his funeral is generally dependent on the weather. " 

armresl
Senior Member
 
 
  

Re: Tom Tom Go Live 825

Post Posted: Tue Jun 12, 2012 11:57 pm

- armresl
What is it that you need from the unit?

There are plenty of other ways to get the same data that unit has inside of it, just takes much more investigation.

- triran
Not sure where to post this....

We have a Tom Tom Go Live 825 in but UFED nor XRY support the device. We understand its a network based device for connectivity.

Any ideas?


Good old -> historical journeys and destinations.  

triran
Senior Member
 
 
  

Re: Tom Tom Go Live 825

Post Posted: Wed Jun 13, 2012 3:46 am

Maybe not much help but....

I am examining a Tomtom GO Live 1000. The only thing I have managed to extract so far, is "Favorites". With the help of the software "MyTomtom", I saved the .ov2 file from the gps.
Next step is to figure out how to extract the information from the .ov2 in a nice and clean way.

When connected the gps does not show up as a drive (ie x:). It would be nice to have some sort of SDK or similar to be able to connect to the gps. Have googled a lot but did not come up with anything relevant.
XRY and Cellebrite does not work with Tomtom GO Live 1000.

Could anybody point me in the right direction or give me a hint?

Best regards
//D  

Differentlayer
Member
 
 
  

Re: Tom Tom Go Live 825

Post Posted: Mon Jun 18, 2012 3:28 am

I've been told that there is no solution at the moment for this problem. The people of UFED are working on it.
Some people already posted some usefull tips :
* you can open your webbrowser and type 169.254.255.1/pcmi/
The favourites file can be downloaded from here
* some other commands :
169.254.255.1/mpnd/status
169.254.255.1/mpnd/progress
169.254.255.1/mpnd/trigger
169.254.255.1/mpnd/logintoken
169.254.255.1/mpnd/assocpreconf
169.254.255.1/mpnd/settings
169.254.255.1/sa/hello
169.254.255.1/sa/goodbye.

Greetz,  

Bacchero
Newbie
 
 
  

Re: Tom Tom Go Live 825

Post Posted: Fri Jun 07, 2013 8:54 am

I have carried out TomTom Forensics on a number of devices over the last few years quite successfully. Today I thought I'd try my own, 1 year old TomTom Go Live 1005 in order to refresh my knowledge.
Nothing I do will allow it to connect to my forensic workstation in a visible state in order to image it.

Forensic Wiki (and other resources) all say something along the lines of
"... The newer TomTom models do not appear as a mass storage device when connected to Windows. They run a Linux operating system and are only accessed via their built in Webserver using the myTomTom program (a replacement for TomTomHome). They cannot currently by examined forensically..."

Running the web browser commands given in this thread work and allow me to copy out the Favourites OV2 file. That file contains Favourites that are current and favourites that have been deleted buts so far, I cannot establish any markers that identify which is which.

The settings file gives me the device serial number and my email address as the registered user.

Beyond that, I cannot get anything else out of the TomTom.

Are we seriously saying that my TomTom Go Live 1005, which is packed full of information about where I have been, A to B itineraries that have been planned and sometimes deleted, what phone I have, etc., cannot be imaged or examined, forensically or otherwise?  

DickPeake
Newbie
 
 

Reply to topicReply to topic

Share and Like this forum topic to get more replies




Page 1 of 2
Go to page 1, 2  Next