O'Reilly logo

iOS Forensics Cookbook by Mayank Birani, Bhanu Birani

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Encrypting and decrypting tools

Another backup format came into the picture using the Manifest file with the extension .abdb. To retrieve these backups, find the file in the backup folder.

Encrypting and decrypting tools

The Manifests uses a proper binary format. Nowadays, in open source, plenty of scripts are available to parse the data.

How to do it...

  1. A sample for the Python script to read the Manifest is as follows:
    #!/usr/bin/env python import sys import shutil import os import errno def mkdir_p(path): try: os.makedirs(path) except OSError as exc: # Python >2.5 if exc.errno == errno.EEXIST: pass else: raise def getint(data, offset, intsize): """Retrieve an int (big-endian) and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required