Mobile Forensics:Magnet AXIOM Acquiring Android

การตรวจพิสูจน์อุปกรณ์สื่อสารเคลื่อนที่ที่ใช้ระบบปฏิบัติการแอนดรอยด์

Forensic Imaging & DATA Extraction

Magnet AXIOM

Magnet AXIOM is another powerful, commercial digital forensic product capable of acquiring, processing. and analyzing mobile devices, including those running Android operating systems.

(Lenovo TAB M8 TB-8505X ) Android OS 10 

How to enable the hidden Developer options and USB debugging

Developer options are used by developers to do system test. To avoid misuse, Android system 

automatically hides Developer options. To enable it, refer to below steps:

1. Touch Advanced Menu on Home screen.
    
2. Tap Settings.
    
3. Tap About tablet.
    
4. Seven taps on Build number until “You are now a developer” or “No need, you are already a developer” pops out.
    
5. Tap Developer options on Settings interface.
    
6. Turn on USB debugging.
    
7. Tap OK to allow USB debugging.

USB debugging option

However, this may not be the case with all the devices, as different devices have different environments and configuration features. Sometimes, the examiner might have to use certain techniques to access the Developer Options on a few devices. These techniques are device-specific and need to be researched and determined by the forensic analyst based on the device type and model.

Step 1.Creating a case in Magnet AXIOM

To create a case in Magnet AXIOM, perform the following steps:

Start AXIOM Process and click the CREATE NEW CASE button:

The first windows is CASE DETAILS; here we have to fill in a few fields, such as case number, type, path to case files, and acquired data:

Step 2. Evidence Sources  > Mobile

Step 3. Select Evidence Source >ANDRIOD

The EVIDENCE SOURCES window allows the examiner to choose the data source or acquire an image directly from the device...

Step 4. Select An acquisition Method > ADB(Unlocked)

Step 5. Select Device>Lenovo TB-8505X

Step 6. Select Image Type > Quick

Step 7. Analyze Evidence >Sources to Process

Step 8. Evidence Overview

Information

Step 9. Matching Results

Android SMS/MMS

Camera History

Installed Applications

Identifiers People

How to acquire an Android phone using Magnet AXIOM

"MAGNET AXIOM ACQUIRING ANDROID",YouTube,Uploaded by Magnet Forensics,

อ่านเพิ่มเติม: Mobile Forensics: MAGNET AXIOM

                  Learning Android Forensics - Second Edition

 หมายเหตุ:เนื้อหาในเว็บไซต์นี้มีขึ้นเพื่อวัตถุประสงค์ในการให้ข้อมูลและเพื่อการศึกษาเท่านั้น

* หากมีข้อมูลข้อผิดพลาดประการใด ขออภัยมา ณ ที่นี้ด้วย  รบกวนแจ้ง Admin เพื่อแก้ไขต่อไป
ขอบคุณครับ

#WindowsForensic #computerforensic #ComputerForensics #dfir #forensics
#digitalforensics #investigation #cybercrime #fraud