Tuesday, December 2, 2014

Kaizen - Android Forensics #2 (find contents of SMS database)

File: android-forensics.zip

This problem used the same file as before, but had a different goal:

A friend asked the user to reset a password via SMS. What password did he set it to? 

Hmm, so this time we need to find and read the user's text messages.

A quick google search suggests to check where the database file is with the following command:

$ find . -name "*mmssms*"

Now, opening mmssms.db, we see it's an SQLite database with the user's text messages in plaintext!

I used the Firefox extension "SQLite Manager" to browse through the messages in the mmssms.db file, which eventually led me to the password, seeyou2morrow.

No comments:

Post a Comment