![oxygen forensics jailbreak oxygen forensics jailbreak](https://www.forensicfocus.com/stable/wp-content/uploads/2021/01/Screenshot-2021-01-09-at-14.04.42.png)
I looked through every single plist and database file, as well as every folder provided to me by Oxygen and found nothing substantial. The majority of the things that had been deleted were not found by Oxygen. Most of the evidence found was evidence that was still on the iPhone. Whether I was looking at data coming from an application, the web browser, the SIM card, or elsewhere I did not find nearly as much evidence as I had expected. I found consistency throughout all the data. I could go into a lot of detail about what I found, but for the sake of this blog, I will leave that for my final report.
![oxygen forensics jailbreak oxygen forensics jailbreak](https://blog.elcomsoft.com/wp-content/uploads/2020/12/epb_keychain_browser.png)
![oxygen forensics jailbreak oxygen forensics jailbreak](https://www.siteprice.org/SiteThumbs/s/secureindia.in.jpeg)
#Oxygen forensics jailbreak code
Before purposely entering the wrong code 10 times, I analyzed the iPhone with Oxygen to see what kind of data I would find and to also see if Oxygen would still work if there was a passcode on the phone (Device Seizure did not). I turned the option on to erase all data on the iPhone after having 10 failed passcode attempts. I added Dunkin Donuts and Champlain’s Bookstore to my bookmarks, and then deleted Dunkin Donuts.Īfter that I created a lock on the iPhone with the passcode 0428. Later, I used Google maps to search for Dunkin Donuts, 175 Lakeside Avenue, and Champlain College. I enabled the application to use my location while taking a video and then deleted the video after emailing it to myself. I then deleted two of the pictures and downloaded the application Record Video, since the iPhone 3G doesn’t have that capability. I took four pictures and turned on the location for two of them. The next day I began taking pictures with the iPhone. They both were different which allowed me to continue with my research. I validated that I was in fact connected to the server by using the iPhone to Google what my IP address was before and after turning on the VPN. Eventually it worked and I was able to browse the web using IPSec. It took some time, as the iPhone had a lot of trouble connecting to the server.
![oxygen forensics jailbreak oxygen forensics jailbreak](https://image.slidesharecdn.com/iosandbbforensics-121213032238-phpapp02/95/ios-and-blackberry-forensics-11-638.jpg)
Note: Above outcome/Result may vary depending on models/Internal storage capacity(data)/mobile etc.The Senator Patrick Leahy Center for Digital InvestigationĪfter a few days, I created three contacts and then deleted two of them. This shows that, In case of iPhone, not much data/artifacts retrieved when you perform jailbreak. Also, metadata of audio file could not retrieved. Deleted data like iMessages, contacts or other artifacts could not be retrieved. * Advance Logical (Physical) Extraction: Since, I performed jailbreak in XRY tool, I could able to retrieve deleted files like multimedia file(such as audio file), installed application data etc. The metadata of audio file was retrieved in Oxygen forensic tools in this case. That mean i am able to retrieve present data only. * Logical Extraction : I retrieved artifacts like whatsApp chat, iMessages, contacts, history, keychain files of twitter, facebook, amazon prime account, call logs, multimedia files(Audios, videos, Images) etc. I not only performed logical extraction but also Advance logical extraction (known physical extraction in case of iPhone) of iphone X (Model: A1865) mobile using Oxygen forensic and MSAB's XRY tool respectively. This article is for specially for digital forensic investigator, digital forensic analyzer, law enforcement agency who are working in digital forensic field and any other person working in digital/cyber/computer/mobile forensic field. The process is easy if you go in heedful way. Today, I performed jailbreak process (Privilege escalation) of iPhone X using MSAB's XRY forensic tool.