Monday, December 3, 2012

Cellebrite and Geohot, sitting in a tree...

As part of a recent case, I am reviewing debug logs from Cellebrite Physical Analyzer (v3.5) because I'm having some trouble parsing out e-mail. I've always wondered how much new development Cellebrite performs in regards to the exploits they leverage during iOS physical extractions. Well, here's a little insight:
[INFO ] Loading payload files.
[INFO ] Progress report: [Loading forensic program to device] [Step 1/19] Connecting to device
[INFO ] Progress report: [Loading forensic program to device] [Step 2/19] Enabling code execution (part 1)
[DEBUG] Following is the limera1n log:
limera1n params: 8402b001 0002c000 8403bf9c
Initializing control file upload
Sending pattern buffer
Sending several padding buffers
Sending main payload buffer
Triggering exploit
 Interesting!

No comments:

Post a Comment