Please enable JavaScript.
Coggle requires JavaScript to display documents.
Android Case Study - Coggle Diagram
Android Case Study
DD Image
7z (unzip file to get actual image)
Wget (download file from web)
Pixel\ 3.zip
hashdeep ( to check the hash value of image)
losetup (to mount the dd image into linux file system)
Structure based on directories and files
/system ( list of all files based on the system)
app, bin, framework, lib, priv-app, usr
basic files
sub-files
apex, rc, mnt, res, sbin,system
/data ( list of all data related files)
app, data, metadata
/data/system (list of config files)
access, sys config, XML, gesture, boot, settings, DB, policies, packages, profiles, etc
/system/app (bootware apps based on ROM)
default, privileged apps, packages, and apk files with patches)
/data/user_de/' ( details of the data generated by user)
id, details of files and new devices, storage based on sd card, pkgs, compilation files and build-in numbers
Commands to show the apps and directories in the system
curl (search for the location of the app through link and format of data)
Format to show the Twitter based app packages
grep -Pio itemprop ( show all apps and packages associated with the Android system)
grep -io money (show some specific app based pacakages)
cat (to show the content of the file and system data)
build.prop (to show the phone details as its build-in number)
grep patch (latest security patch for android based apk files)
Tools
Tree (command used to show the relation between files)
providers.telephony ( list of all packages based on carriers)
examine the Simfolder for country number as ID
providers.telephony/databases (examine the database files)
mmssms.db (examine the message for complete details and investigation)
android.phone (details of the phone number got through sim)
show the blocked number from database
mnt/vendor/ (files to access the serial number of the device)
grep (search for the serial number as a keyword)
serail number
bluetooth ( to get the MAC address of the bluetooth)
system/users (search for users accounts in devices)
userlist.xml ( to get the details of the owner of the device)
users/0.xml ( last login information)
registered_services( services based on the adapters)
countAuthenticator.xml ( account details)
SyncAdapter.xml (synchronized adapters)
system_ce/0/ (list of all apps account details associated files)
system_de/0/ (convert the values into readble format)
android.gsf (framework for google based apps)
android.gms (to access the mail services)
shared_prefs (to show the preference based files)
sqlitebrowser ( to examine the data stores in tabular format in database)
system_de/0/accounts_de.db (used to concert the passwordinto readable format)
localappstate.db (browse the local database files)
table info, packages details based on internal data files
%whatsapp% (search for the packages associated with the social media platform)
usagestats.db (database for parsing details)
varies on the timestamp of the table creation and working
contacts2.db (examine the contact tables for creation, favourites, calling, grouping and record details)
android.apps.messaging (tables based google specified messaging apps)
bugle_db ( to get the details of the conversations)
android.dialer/databases (to get the logs based on contacts)
call_log (for calls examination)
suggest_contact_database
/phone_lookup_history.db
voicemail.db
apps.maps/databases (maps related google third party apps and pkgs
apps.maps/files/offline_saved_directions.data.cs ( to get the offline based files)
android.apps.photos ( to access the local media files)
kik.android/databases (to examine the third party apps )
kikCoreDatabase.db
com.enflick.android.TextNow ( packages associted with theses apps)
com.whatsapp/databases/wa.db ( to examine the whatsapp messages based on location, status, encrytion, number, timestamp, type of the message)
msgstore.db
cat carrierconfig( to examine the configuration file of carrier)
WifiConfigStore.xml (to get the service ID of the wifi device)
PREFERENCES_FILE.xml ( to get the details of default map country)
Fingerprintstats.xml (last run api)
Launcherstats.xml (details of all launchers)
grep (search based on text and string through filesystem)
search to get the email address by using the format
count all the mail occurs in the device
seach_client_id ( to get the id of the clients)
notification_policy.xml ( pkgs based on policies and standards)
system/packages.list ( search for the users id)
wechat appstate.csv ( to get the exact date and timestamp of the database)
date (convert the integer value into date format)
com.google|com.android ( list of all third party apps)
package-usage.list ( last usage time of particular packages)
Protobuf.git (tools used to serialize structured data)
python3 (as an interpreter)
conv.py (start parsing the folders and get the routes)