zoukankan      html  css  js  c++  java
  • Where is the clone one and how to extract it?

    One cannot be in two places at once. Do you know what's "Dual Apps"? Manufactures like Xiaomi,Oppo,Huawei offer "Dual Apps" feature which allows users to run two different accounts of the same app on his/her phone. Let's take "Facebook" for example. The scenario is that a suspect's phone running Android 7 and we have to extract his/her "Facebook", including the original one and the clone one.


    Now there are two Facebook Apps on suspect's phone. What's the clone one looks like? You could take a look as below. On the left side is the  original one and the other side is the clone one.

    Take a guess if you conduct "Downgrade Extraction" on suspect's phone to extract "Facebook", could you got both of these two "Facebook" without fail? The answer is "No". You only got the original one. So the question is: Where is the clone one and how to extract it? To achieve this, I borrow a rooted Xiaomi from a friend of mine and take a took. Very interesting there are two uid running the same app Facebook. u999? That's weird~

    I've looked everywhere to search for the clone one facebook. I want to  know exactly where it is. That's it. The path what Im looking for is /data/user/999/ .

    Of course the path may differ from brand to brand.  Now "Downgrade Extraction" could extract the original one, but not working on the clone one. The challenge for Mobile forensic tools is to extract both "Dual Apps" on phones running Android 7 or above.

  • 相关阅读:
    数据类型的总结
    typeof加括号和不加括号的区别
    排序
    数据类型分为哪两类
    css中需要更小的字体如何实现
    一些细节注意点
    数值转换题
    如何用分支结构计算年份
    Scout YYF I
    D. AND, OR and square sum
  • 原文地址:https://www.cnblogs.com/pieces0310/p/10720901.html
Copyright © 2011-2022 走看看