Time
5 hours 56 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Transcription

00:00
Hi, everyone. Welcome back to the course. So in the last video, we wrapped up our discussion on android devices. In this video, we're gonna talk about IOS devices.
00:12
So our IOS architecture's so we have our core os layer. So things like your Bluetooth, you know, external accessories are core. Service is layer things like the iCloud in APP purchases sequel light
00:23
media layer. So as an implies things like our graphics, you know, audio or video files,
00:29
then our cocoa touch, our storyboard documents and then things like our notifications as well.
00:34
You just want to understand these different components of the IOS architecture for the exam.
00:41
So the Iowa's boot process. So the normal boot process. You know, we're gonna initialize some components and the muscle check signatures of the lower level boot loader or the L L B. And then we move into the L O B, where that's loaded and then checks the signature of the aye boot, which is a stage to boot loader. And then the I boot is loaded.
00:59
Ah, and checks a colonel and also the device tree sea creatures.
01:03
Um and then you know, from there we move into the colonel and the device trees being loaded on. And then the colonel checks the signature of all user applications.
01:12
Now, if we if we launch this India few, which we'll talk about in just a little bit. But if we launch it India few, then we have the boot Rahm than I B s s and then I beck And then then the Colonel and Rambis. So we eliminate the aye boot in that process.
01:30
So what is D a few mode? Well, this is a ah mode called device firmware upgrade. This allows the device to be restored from any state. So not a not like a normal restore. This is like allowing us to restore it from any state. So as an investigator, this is a good tool to use to get information from the device
01:49
disk image of a phone with sshh. So this is Ah, this number one. It has to be jail broken. So the Iowa's phone has to be Joe broken on dhe. Then this allows us to get an image of the whole disk of the phone so similar to like the DD command that we talked about earlier in this course similar to that command to get a lot to get that bit by bit copy.
02:09
So one way weakened by post basically bypass not by post but bypass. An iPhone pass code is using a tool called I Explorers. So just remember that for your exam, if you need to bypass an iPhone pass code and you see I explorer, that's probably the answer
02:27
I was rooting. So you'll notice a difference here of where android devices like pretty much always said Root in the name you'll see IOS Rudy rooting or jail breaking tools have a lot of different names, right? So that's why I mentioned with the android ones. Just just kind of remember that android his route
02:44
on that way it will help you if you see other answers, you know. Or if you get a question asking about,
02:49
for example, like IOS Devices and Joe breaking them, you'll notice. Know that, like any answer listed that has route is probably not the right answer, right? So just keep that in mind that really will help you on the exam in just in case, it's asked.
03:00
So different tools we can use for Iowa's jailbreaking are gonna be things like Pangu, jailbreak, red snow, geek snow and snow breeze
03:10
seem cloning. So if we wanna clone a SIM card on any any device we can use a tool called Mobile Edit on and remember that for your exam so that allow us to get a logical acquisition. And then we can also use, like, oxygen forensic sweet to grab a physical and file system acquisition as well.
03:30
So their network components
03:32
so not specific to IOS. But I want to mention it. So we have things like our CD. Emma are ej are Aydin also the ah General packet Radio service Global system for mobile communications are time division for multiple access. So again, just some different components.
03:51
You probably don't need to know these for the exam itself.
03:54
I just want to kind of mention him, as is more so of a just in case type of thing.
04:00
So you're not specific to IOS devices but are things that you may possibly see on the exam.
04:09
So just a quick a few post assessment questions here. So, uh, number one, the I explorer tool, could be used to bypass and iPhones pass code. Is that gonna be true riffles.
04:19
All right, so that was true, right? We talked about that. That tool is one that you can use to buy bypass the passcode on an IOS device. So again, just remember that for your exam.
04:30
Our next question Red snow is used to root android phones. Is that gonna be two riffles?
04:35
All right, so that one's false rights. If you remember that, most android job working tools are gonna be labeling as root in the name. So Red Snow is actually for IOS devices.
04:47
Eso this module. We talked about
04:50
different Iowa's device information as well. Some different information about cellular networks in general. In the next month, we're gonna cover reporting so that I'll actually be our last module of the course.

Up Next

Computer Hacking and Forensics

Love the idea of digital forensics investigation? That is what computer forensics is all about. You will learn how to; determine potential online criminal activity at its inception, legally gather evidence, search and investigate wireless attacks.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor