Into the Droid: Gaining Access to Android User Data presented at DEF CON 20

by Thomas Cannon,

Tags: Android Exploitation Mobile Security

Summary : This talk details a selection of techniques for
getting the data out of an Android device in order
to perform forensic analysis. It covers cracking
lockscreen passwords, creating custom forensic
ramdisks, bypassing bootloader protections
and stealth real-time data acquisition. Well
even cover some crazy techniques they may
get you that crucial data when nothing else
will work, or they may destroy the evidence!
Forensic practitioners are well acquainted with
push-button forensics software. They are an
essential tool to keep on top of high case loads
plug in the device and it pulls out the data. Gaining
access to that data is a constant challenge against
sophisticated protection being built into modern
smartphones. Combined with the diversity of
firmware and hardware on the Android platform it
is not uncommon to require some manual methods
and advanced tools to get the data you need.
This talk will reveal some of the techniques forensic
software uses behind the scenes, and will give
some insight into what methods and processes
blackhats and law enforcement have at their
disposal to get at your data. Free and Open Source
tools will be released along with this talk to help
you experiment with the techniques discussed.