Hi @ll,
I just subscribed to this list about yaffs filesystem.
Currently I am writing a Masters Thesis on the topic of forensic
analysis of Images of Android mobile phones. I was able to extract data
from a HTC Wildfire / Buzz via a RIFF Box.
The information I am looking for, is how to extract the userdata
partition that is mounted as a yaffs filesystem and have this analysed.
Has anyone in here done this already and could provide me with infos on
this topic?
My idea is, to directly get the image for the partition off the phone
via the JTAG interface using the RIFF Box. Then "extract" the userdata
partition and feed that into nandwrite and mount the mtdblock device to
read files and directories.
Anyone with hints on this one?
Regards
Florian
--
Florian Wolters
Ostenwall 50
D-59065 Hamm
Fon: +49 2381 9727195
Fax: +49 2381 9727196
Mob: +49 160 94821259
Email:
florian@florian-wolters.de
http://www.florian-wolters.de
PGP key ID: 0xAC7E90D0
(text/plain)
