Contacts/call analysis

Contacts and call logs are stored in the same database. Contacts do not have to be added explicitly by the user. They may be autofilled when an e-mail is sent through Gmail, or a person is added on Google+, or possibly many other ways.

Package name: com.android.providers.contacts

Version: Default version with Android 5.0.1 (not listed within app)

Files of interest:

/files/
- photos/
- profile/
/databases/
- contacts2.db

The files directory contains photos for the user's contacts in the photos directory and the user's profile photo in the profile directory.

The contacts2.db database contains all of the information about calls made to and from the device and all contacts in the user's Google account. It contains the following tables:

Table ...

Get Learning Android Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning Android Forensics by Rohit Tamma, Donnie Tindall

Contacts/call analysis

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly