Logo
RSS Feed

👈🏼 Back to
📜 Artefacts DB

🦾 Android Artefacts

Users

This is about … .

Android Logs

logcat command of adb is used to get system log. It’s an equivalent to Ubuntu syslog, as far as I understand. /data/log/prev_dump.log file. On the device (in my case. Samsung Duo, Android 7, rooted) here I saw the latest records of logcat, however the buffer contained a little more.

References

Expand… Something here

Backups

Backups are either made automatically or manually with adb backup. These backups can be stored in the cloud or locally on the user’s PC.

🛠 Tools

adb. Used to make a backup.

abc.jar. Used to convert the ab (adb uses this file format) file into a tar. Available for free.

References

Expand… Something here

Geo

/data/data/com.google.android.apps.maps/databases/gmm_storage.db

# User Photos

/data/media/0/DCIM/Camera
/data/data/com.androidproviders.media/databases/external.db
/data/media/0/bluetooth
/data/media/0/Download
/data/media/0/Pictures/Screenshots
/data/media/0/Pictures/Twitter

References

Expand… Something here

Processes

This is about … .

RAM

For mobile platforms (iOS and Android) there is currently no tool available to get a full copy of RAM. However, it’s still possible to take memory space of each process running.

💡 Research 🔬 Top secret yet

To get the list of running processes:

To get the memory space of a process:

frida-dump # had some bug for iOS, py file might need manual pathing.
clutch
objection



## References


    Expand…
    Something here

Android Config

Application Permissions:

• /data/system/packages.xml