导航

[DFNews] Cellebrite UFED Physical Analyzer 3.8

Posted on 2013-08-27 09:14  YiDiscovery  阅读(1126)  评论(0编辑  收藏  举报

Cellebrite 两周前正式发布了UFED设备所附带的Physical Analyzer和Logical Analyzer软件,更新后版本为3.8

下载地址已更新至置顶资源下载页面。

主要更新如下:

  • 支持针对iOS设备的文件系统转储,可以提取电子邮件内容
  • 内置了在线地图,所有地理位置可以直接展示
  • 支持对iOS尝试验证复杂密码

 

UFED Physical Analyzer and UFED Logical Analyzer 3.8 bring a host of new decoding and decryption support, along with new functionality. New features and capabilities include:

  • Apple and BlackBerry decryption capabilities
    • For Apple: Depending on the user’s Apple account type (and not defined or controlled by the user), emails on devices running iOS 5.0 or higher may be encrypted with “elliptic curve.” In previous UFED Physical Analyzer versions, those emails were presented within the analyzed data section with an encrypted body. The new capability, available in file system and physical extractions performed via UFED Physical Analyzer, will present the encrypted email body for current emails.
    • For Blackberry: Decryption of the BlackBerry WhatsApp database provides access to messages that were not previously accessible. The solution is applicable for cases in which the database was stored on the mobile device or SD card.
    • Other new support includes faster decryption and better handling of large encrypted iTunes backup files, and decryption of BlackBerry’s REMF files.
  • Decoding support in UFED Physical Analyzer -- UFED Physical Analyzer 3.8 adds decoding support for 142 new devices, including HTC, LG, Motorola and Nokia models, in addition to a number of models within the Samsung Galaxy family. The new updates also improves decoding of BlackBerry Messenger (BBM) attachments.
    • Enhanced decoding support is also newly available for: Samsung M9xx family, Motorola devices with NVIDIA chipsets, number of feature Samsung and LG phones, and Nokia Symbian devices.
    • Full support is also added for both iOS and Android versions of the Google Chrome, ooVoo, QQ, KeepSafe, and Yahoo! Email apps, as well as the iOS apps Facebook Poke, Find My Friends, and vBrowse; and Android apps drug vokrug, Sygic, Snapchat, Navfree, LinkedIn, Vaulty, My People and the native email app on HTC devices.
  • New functionality for UFED Physical/Logical Analyzer software
    • A new built-in viewer allows users to view all extracted locations on a map (note: requires internet access and is only available to UFED Physical/Logical Analyzer users who have a valid, up-to-date license).
    • Enables users to verify a list of potential complex passwords from locked Apple devices, rather than entering single passwords one at a time.
    • Enables users to provide a plist file from the lockdown directory available on the suspect PC, instead of unlocking the Apple device before the extraction.
  • New “push” notification -- Notification informs users when a new version is waiting for you.