Archive for the ‘Tips & Tricks’ Category

Elcomsoft Phone Viewer: Faster and Easier

Tuesday, May 19th, 2015

ElcomsoftPhoneViewer_SnapshotAs you may already know, we have just updated our recently released forensic tool, Elcomsoft Phone Viewer. The update received a major performance boost and numerous usability enhancements.

So what’s the point of having a “yet another” mobile forensic tool? Aren’t there enough already? In fact, we considered making this tool for a long time, and were hesitant to make the move exactly because there are so many great forensic packages already. However, our customers kept asking for a lighter, smaller, faster and easier alternative to complement our existing tools. They cited how bulky those all-in-one forensic packages were, and mentioned training courses they had to take just to begin using those tools. Call it minimalism, but we made a tool that doesn’t require training sessions to use, and employs the same familiar user interface as other ElcomSoft tools. (more…)

Elcomsoft Wireless Security Auditor Video Tutorial

Thursday, April 30th, 2015

I know most computer gurus and pros never read through program manuals or help files and prefer to learn everything using proverbial method of trial and error. Does this sound like you? Of course. Exceptions are very seldom. So, here’s something nice that will save your time and help your experience with Elcomsoft Wireless Security Auditor (EWSA).

In order to provide a quick but sufficient understanding how to effectively work with EWSA, our friend Sethios has prepared a nice 20-minute video tutorial that includes all steps of work with the program starting with acquiring handshakes and moving on through all following steps.

This video is packed with useful information, so go ahead and watch it now:

Was it helpful for your work? You are the judge. But we are always happy to hear from you. Your feedback is the reason we work harder on our software!

Acquiring and Utilizing Apple ID Passwords, Mitigating the Risks and Protecting Personal Information

Friday, March 27th, 2015

Legal Disclaimer

The information provided in this article is strictly for educational purposes. Therefore, you confirm that you are not going to use it to break into someone else’s Apple account. If you wish to apply ideas described in this article, you are taking full responsibility for your actions.

Non-Legal Disclaimer

Just relax. It’s not like we’re giving away tips on how to download celebrities’ photos or hack the prime minister’s iPhone.

(more…)

Meet all new Learning iOS Forensics practical guide

Wednesday, March 11th, 2015

Learning iOS Forensics

Nowadays, computer data is everywhere around and it’s growing at amazing speeds from hour to hour. It’s really fast, easy and convenient to stay active online day and night. No matter how easy it may be for the user, for computer crime investigators, on the contrary, it is the toughest challenge to collect and decrypt digital evidence. Even more important for them is to be able to evaluate a particular situation and understand what exactly they can collect, where it may be stored, how quickly and effectively they can get hands on it leaving the data intact and authentic in order to keep it still useful and trustworthy in court.

The crime scene has also moved or better to say spread from computers to mobile devices that can not only “carry” but also produce, process and transfer valuable information among other mobile devices or even into the cloud. This introduces another big challenge, which is tracing a connection between various electronic devices, collecting necessary information from them and gathering evidence into one case.

A successful completion of the investigation requires a well thought-out and structured incident response scenario and a whole arsenal of tools, techniques and methods at hand that could be implemented quickly and effectively.

In the book by Mattia Epifani and Pasquale Stirparo you will find answers and guidelines to most of your questions in the field of mobile forensics in a very consistent and explicit manner. It also collects and exemplifies all useful tools on the market, including our key mobile forensics instruments Elcomsoft iOS Forensic Toolkit, Elcomsoft Phone Breaker and Elcomsoft Phone Viewer. We highly recommend Learning iOS Forensics guide with heavy emphasis on its practical side.

Elcomsoft Distributed Password Recovery Video Tutorial

Thursday, February 26th, 2015

Anyone considering the possibility to purchase Elcomsoft Distributed Password Recovery has a wonderful opportunity to explore the program together with Sethioz and get a clearer understanding of how the program works and what requires your special attention when you are using EDPR. This video assumes you are already familiar with basics of password cracking and suggests more information for your convenient work with the tool.

This is a very detailed tutorial showing how to prepare EDPR for work, which includes setting up connection between server and agents via local host or Internet, selecting the right IP address, paying attention to the fact that server’s and agent’s versions should be the same (users often neglect this fact), choosing a task, choosing the right attack options (they are all sufficiently explained), using side monitoring tools, checking your GPU temperature and utilization percentage on all connected computers and so on. So, let’s watch it now.

If you had any questions watching this video or would like to share your own experience using EDPR you are welcome to continue the topic here in comments.

Cracking Wi-Fi Passwords with Sethioz

Wednesday, February 18th, 2015

If you care about password cracking, hardware acceleration or Wi-Fi protection this interview with our friend Sethioz is certainly for you. Being currently a freelance security tester Sethioz kindly shared his experience in cracking passwords using video cards, which in its turn derived from his gaming interest in cards. His personal experience may be very helpful to those whose concern about password cracking is not trivial.

How did it all start or what was the reason to try to find a Wi-Fi password?

There is no short answer to this, if there would be, I guess it would be “curiosity”. I think I got my first computer somewhere in 2002-2003 (my own PC) and ever since I’ve been interested in everything that is not “normal”, such as reverse engineering, debugging, hacking games, cracking password etc. (more…)

How Secure Is Your Password? A Friendly Advice from a Company That Breaks Passwords

Sunday, February 1st, 2015

A Practical Guide for the Rest of Us

How many passwords does an average Joe or Jane has to remember? Obviously, it’s not just one or two. Security requirements vary among online services, accounts and applications, allowing (or disallowing) certain passwords. Seven years ago, Microsoft determined in a study that an average user  had 6.5 Web passwords, each of which is shared across about four different websites. They’ve also determined that, back then, each user had about 25 accounts that required passwords, and typed an average of 8 passwords per day.

If i got a penny every time i forgot my pwd, I'd be a millionaire

It didn’t change much in 2012. Another study determined that an average person has 26 online accounts, but uses only five passwords to keep them secure, typing about 10 passwords per day. CSID has a decent report on password usage among American consumers, discovering that as many as 54% consumers have five or less passwords, while another 28% reported using 6 to 10 passwords. Only 18% had more than 10 passwords. 61% of all questioned happily reuse their passwords over and over.

This obviously indicates a huge risk, making all these people susceptible to attacks on their passwords. Why do we have this situation, and what should one do to keep one’s life secure against hacker attacks? Let’s try to find out.

Passwords: Plagued with Problems

Passwords are the most common way of securing the many aspects of our lives. However, password-based protection is plagued with problems. Let’s have a look at why passwords are less than perfect when it comes to security. (more…)

ElcomSoft Open Letter on Latest Developments in iCloud Security

Wednesday, December 17th, 2014

In light of recent security outbreaks, Apple introduced a number of changes to its security policies. As one of the leading security companies and a major supplier of forensic software for iOS devices, ElcomSoft is being constantly approached by IT security specialists, journalists and forensic experts. The most common question is: how will the new security measures affect iOS forensics? (more…)

Breaking Into iCloud: No Password Required

Tuesday, June 17th, 2014

With little news on physical acquisition of the newer iPhones, we made every effort to explore the alternatives. One of the alternatives to physical acquisition is over-the-air acquisition from Apple iCloud, allowing investigators accessing cloud backups stored in the cloud. While this is old news (we learned to download data from iCloud more than two years ago), this time we have something completely different: access to iCloud backups without a password! The latest release of Phone Password Breaker is all about password-free acquisition of iCloud backups. (more…)

Phone Password Breaker with all-new UI, BlackBerry 10 support, and downloading Windows Phone 8 data from the cloud

Thursday, May 8th, 2014

This time, we are updating our bread-and-butter mobile forensic tool, Elcomsoft Phone Password Breaker, to version 3.0 (beta). This new version has many things that are new or have changed. Let’s see what’s new, and why. (more…)