![]() The current Android remote control version in the Google Play Store has over 10 million downloads and they state that over 1 billion devices have had their software installed in order to enable remote connections to them.įor this analysis I used the tools and equipment described here.įirst step was to install the app on the target device. TeamViewer (TV) is a really well know remote control platform that has been around for quite a while. To start I decided to look at the TeamViewer remote control app. I plan to look at both client and hosts apps. Hence the idea of starting a small series on remote control artifacts in Android. (I highly recommend his content and hope you can also become a Patreon supporter here.) His video left me wondering what type of artifacts could be found by the use of RDP and remote control apps in Android systems. Recently I was catching up on some great digital forensics tutorial episodes at 13cubed, whic are made by In one of the videos he was talking about RDP cache data left on Windows systems. /storage/emulated/0/Download/transferedfilename.extension./userdata/media/0/Download/transferedfilename.extension.Text search the term 'a=' to obtain the connection IP address.Text search the term 'creating file' to obtain the names of transferred files.Text search the term 'participant' within the file to get the partner's device name./userdata/media/0/Android/data/.mobile/files/TVLog.html.Contains the remote id number of the device being connected to, the start and end of connection timestamps, the purpose of the connection, the Android's device name and a GUID like number. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |