Hi to all,
Sorry for asking this without doing a thorough research but I'm doing that now while also asking the question. I was having a discussion and it was said to me that physical acquisition for an android device is not possible if the device is not rooted. I didn't agree with that. My understanding is that it is possible. Rooting makes more things doable but I thought it is not required. So is it a MUST to root the device to acquire a physical image?
Thanks
So is it a MUST to root the device to acquire a physical image?
Software only or hardware is "allowed"?
http//
jaclaz
is it a MUST to root the device to acquire a physical image?
No.
You can use few other ways.
Interesting. So we can say that it is not doable by software only. Hardware needs to be involved.
Different tools use different methods and yes, you also have the hardware path (for example, Chipoff or JTAG).
Cellebrite UFED uses a combination of methods
1) Bootloader (no need for user to root) - this also bypass locked devices
2) Recovery partition (no need for user to root) - lock bypass
3) Built-in temporary root (no need for user to root) - this also bypass locked devices
4) Pre-rooted - when the phone is already rooted
Best regards,
RonS
There are non-rooting ways how to do physical extraction. It really depends on the Android device you have. For example, with Oxygen Forensic Detcetive you do full physical extraction without rooting from Samsung, LG, Mediatek and Spreadtrum chipset devices. The list of supported devices is constantly growing. You can also create JTAG and Chip-off images and import to Oxygen Forensic Detective.
Thanks folks. I'm at your debt. Yes, it is just like you said! They are ways to do it without rooting the device. It is just like I expected or vaguely remembered. I know I have read it somewhere. Heck, even iOS devices can be physically acquired bit by bit without jailbreaking them!!! It is done by using a custom ramdisk or something of this sort.
You can get physical dumps of Samsung Android devices and Spreadtrum Android devices without rooting.
Mobile forensics Device Firmware Upgrade
https://