±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 34804
New Yesterday: 0 Visitors: 157

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

bootloader data acquisition !!

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page 1, 2, 3, 4, 5, 6, 7, 8, 9  Next 
  

bootloader data acquisition !!

Post Posted: Sun Feb 04, 2018 6:06 am

hello all after a long time ....
im working in case with Xiaomi Redmi 4 (4X) model : mag138 and the Chipset : Qualcomm MSM8940 Snapdragon 435 .... the phone is locked via pin Sad and the bootloader is also locked by default ... check result via fastboot :

C:\adb>fastboot oem device-info
...
(bootloader) Device tampered: false
(bootloader) Device unlocked: false
(bootloader) Device critical unlocked: false
(bootloader) Charger screen enabled: true
(bootloader) Display panel:
OKAY [ 0.051s]
finished. total time: 0.052s

according to Oleg Afonin from elcomsoft :
Finally, some devices come with locked bootloaders and no service mode or bootloader exploits. These will be the toughest to acquire, as live imaging will probably be your only option when it comes to physical acquisition.

so what to do ?? is there any exploit for this model to bypass the botloader !! and does the chip-off will help in this case ??  

qassam22222
Senior Member
 
 
  

Re: bootloader data acquisition !!

Post Posted: Sun Feb 04, 2018 6:53 am

There should be a testpoint on the mainboard to force phone to boot into EDL/QDLoader 9008 mode and make physical dump in that mode with some tools but encryption will be a problem. I do believe both Redmi 4 and 4x are encrypted by default.  

arcaine2
Senior Member
 
 
  

Re: bootloader data acquisition !!

Post Posted: Sun Feb 04, 2018 10:49 am

- arcaine2
There should be a testpoint on the mainboard to force phone to boot into EDL/QDLoader 9008 mode and make physical dump in that mode with some tools but encryption will be a problem. I do believe both Redmi 4 and 4x are encrypted by default.


i think there is a several ways(hardware and software ) to enter EDL mode u can read this :


and



but what next !! i dont have UFED Sad any free tool to do that ?  

qassam22222
Senior Member
 
 
  

Re: bootloader data acquisition !!

Post Posted: Sun Feb 04, 2018 12:43 pm

From my experience with newer Xiaomi devices, software methods are already blocked unless you're able to boot the device and use "adb reboot edl". Modified cable (so called edl cable) was blocked in many devices last year. The only working option to enter edl mode is testpoint on mainboard.
I know couple paid hardware (CM2QLM, Volcano, NCK Box etc) or software (Uni-Android etc) methods to make full dump but don't know any free. Best bet would be to look for firmware compatibile with QPST eMMC Download software, load it and use a button called "switch device to DLOAD" which should switch device from 9008 mode to 9006 mode (Qualcomm MMC Storage) that would allow you to make dump with any tool. I'm not sure this will work on those devices since they may not support 9006 mode anymore.  

arcaine2
Senior Member
 
 
  

Re: bootloader data acquisition !!

Post Posted: Mon Feb 05, 2018 4:29 am

- arcaine2
From my experience with newer Xiaomi devices, software methods are already blocked unless you're able to boot the device and use "adb reboot edl". Modified cable (so called edl cable) was blocked in many devices last year. The only working option to enter edl mode is testpoint on mainboard.
I know couple paid hardware (CM2QLM, Volcano, NCK Box etc) or software (Uni-Android etc) methods to make full dump but don't know any free. Best bet would be to look for firmware compatibile with QPST eMMC Download software, load it and use a button called "switch device to DLOAD" which should switch device from 9008 mode to 9006 mode (Qualcomm MMC Storage) that would allow you to make dump with any tool. I'm not sure this will work on those devices since they may not support 9006 mode anymore.


it did not work my friend Sad i cant switch it from 9008 to 9006 mode Sad
this is the testpoint :


\i send an email to salvationdata and they replay :
Thanks for you question!

Our Qualcomm physical extraction in SPF can extract data from Redmi 4(4X), but, if the Android version is based on 6.0 or higher and the data extracted is encrypted.

As we don't provide decryption service, so I suggest you do physical extraction by using our SPF

so it's timne to give up or what ?  

qassam22222
Senior Member
 
 
  

Re: bootloader data acquisition !!

Post Posted: Mon Feb 05, 2018 9:55 am

Dont Feed Criminals  

RolfGutmann
Senior Member
 
 
  

Re: bootloader data acquisition !!

Post Posted: Mon Feb 05, 2018 11:04 am

- RolfGutmann
Dont Feed Criminals


Again? Shocked

We already got your opinion:
www.forensicfocus.com/...7/#6587707

It is tiring, besides senselessly hostile towards qassam22222.

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 

Page 1 of 9
Go to page 1, 2, 3, 4, 5, 6, 7, 8, 9  Next