TMCnet News

Elcomsoft Decrypts User Online Passwords and iPhone Device Secrets
[June 20, 2018]

Elcomsoft Decrypts User Online Passwords and iPhone Device Secrets


MOSCOW, June 20, 2018 /PRNewswire/ -- ElcomSoft Co. Ltd. updates iOS Forensic Toolkit, the company's mobile forensic tool for extracting data from iPhones, iPads and iPod Touch devices. Version 4.0 adds the ability to extract and decrypt all users' passwords and other device secrets (such as tokens, certificates and encryption keys) stored in the system keychain. In addition, the new release can now obtain iOS crash logs even on devices without a jailbreak, giving investigators insight on the apps used in the past that are not currently installed.

In iOS Forensic Toolkit 4.0, physical acquisition support is available for all 64-bit Apple devices (iPhone 5s, 6/6s/7/8/Plus, iPhone SE and iPhone X) where jailbreak can be installed.

Decrypting User Online Passwords and Device Secrets

In iOS, most passwords to the user's online accounts, authentication tokens, certificates, encryption keys, payment data and app-specific credentials are stored in a the most protected and highly secure area called the keychain. The keychain is securely encrypted with a hardware-specific key. n 64-bit hardware (iPhone 5s and all newer iOS devices), this key is additionally protected with Secure Enclave. Until today, no third-party forensic solution existed to extract and decrypt keychain items from 64-bit iOS devices with Secure Enclave. iOS Forensic Toolkit 4.0 adds the ability to extract and decrypt keychain items during the course of physical acquisition, successfully bypassing Secure Enclave protection on jailbroken devices.



Access to Crash Logs

Crash logs are an important part of the evidence that are not included into a local backup but may be extractable from the device. From a forensic point of view, crash logs may contain the list of installed and uninstalled apps. ?rash log entries by apps no longer installed can lead to an assumption that the app was installed on the device at least up to the date and time specified in the crash log entry. Crash logs can be extracted from iOS devices with or without a jailbreak.


Elcomsoft iOS Forensic Toolkit 4.0 is immediately available in Mac edition, while Windows edition will be released promptly.

About ElcomSoft

Founded in 1990, ElcomSoft Co.Ltd. develops state-of-the-art computer forensics tools, provides computer forensics training and computer evidence consulting services. Since 1997, ElcomSoft has been providing support to businesses, law enforcement, military, and intelligence agencies. ElcomSoft tools are used by Fortune 500 corporations, governments, and major accounting firms.

Contact: Olga Koksharova, [email protected]

 

Cision View original content:http://www.prnewswire.com/news-releases/elcomsoft-decrypts-user-online-passwords-and-iphone-device-secrets-300669331.html

SOURCE ELCOMSOFT Co. Ltd.


[ Back To TMCnet.com's Homepage ]