Belkasoft Delivers Forensically Sound iOS Extraction via Bootrom Exploit

Share Article

Belkasoft updates Belkasoft Evidence Center, the company’s flagship digital forensic solution. The new release introduces forensically sound, jailbreak-free extraction of select iOS devices via a hard-coded, unpatchable Bootrom exploit. Compatible devices include the range of iPhone and iPad devices powered by Apple’s A7 through A11 SoC (iPhone 5s through iPhone X and the corresponding iPad devices).

Belkasoft Extracts Full Image of an iPhone Device

Belkasoft Extracts Full Image of an iPhone Device

"We are proud to become one of just two companies in the world, supporting full iPhone acquisition on the base of checkm8 exploit without jailbreak," says Yuri Gubanov, CEO of Belkasoft. "This major breakthrough will help our customers to conduct their digital investigations much more effectively."

iPhone Acquisition and Analysis

Belkasoft Evidence Center introduces a major break-through in iOS forensics by delivering forensically sound acquisition and analysis of iOS devices without a jailbreak. The tool makes use of a hard-coded vulnerability that exists in all Apple devices based on the A7 through A11 SoC generations. The checkm8 exploit that makes use of this vulnerability cannot be patched by Apple since the vulnerability itself exists in a hardware-protected, read-only area of the device memory. The nature of the exploit makes the extraction independent of the iOS version.

The jailbreaking community released a public jailbreak based on this vulnerability. The checkra1n jailbreak can be used by Linux and macOS users. However, installing a jailbreak on a device being analyzed is a complex, unsafe and not quite forensically sound process.

Belkasoft Evidence Center provides direct access to the file system of affected devices without the need for a jailbreak. Direct access to the file system enables forensically sound extraction for the entire range of supported iOS devices. Belkasoft Evidence Center is offered at 1/3 the price of the competitor tool, making Belkasoft’s offer the most cost-effective integrated solution for mobile and computer digital forensic analysis.

Extraction of Locked iPhones

Due to the nature of the Bootrom exploit, Belkasoft Evidence Center can extract certain types of data even if the device is locked and the password is not known. This boot-mode extraction is available for all devices from the supported range regardless of their lock state. The data extracted from a locked device is immediately loaded and can be analyzed with Belkasoft Evidence Center.

About Belkasoft Evidence Center

Belkasoft Evidence Center is a world renowned tool used by thousands of customers for conducting computer and mobile forensic investigations. Belkasoft Evidence Center can automatically discover, extract and analyze evidence from a wide range of sources including computer hard drives and disk images in all popular formats, memory dumps, mobile devices and chip-off dumps. The tool can capture and analyze volatile evidence stored in the computer’s RAM, identify encrypted files, carve Internet chat logs, Web browsing history and email communications including information stored in digital pictures and videos. The ability to process office documents in a wide range of formats enables investigators to perform near-instant full-text search among all the documents discovered on the suspect’s PC.

Low-level access to hard disk and system structures means that even data that’s been deleted by the suspect cannot escape from investigators. Supporting Windows, Unix/Linux, Android, iOS and macOS file systems, natively mounting images created in EnCase, FTK, X-Ways, DD and SMART formats, UFED and chip-off binary dumps, and many popular virtual machines without using these or any third-party tools, Belkasoft Evidence Center can collect more evidence than any single competing tool in its class.

Pricing and Availability

Belkasoft Evidence Center is available immediately. Prospective customers are welcome to request a quote at https://belkasoft.com/quote or download the evaluation version at https://belkasoft.com/get

About Belkasoft

Founded in 2002, Belkasoft is a global leader in digital forensics technology, known for their sound and comprehensive forensic tools. With a team of professionals in digital forensics, data recovery and reverse engineering, Belkasoft focuses on creating technologically advanced yet easy-to-use products for investigators and forensic experts to make their work easier, faster, and more effective.

With this focus in mind, Belkasoft introduces their flagship product, Belkasoft Evidence Center—an easy-to-use, integrated solution for collecting and analyzing digital evidence from mobile and computer devices. Customers in law enforcement, police, military, business, intelligence agencies, and forensic laboratories in 130+ countries worldwide use Belkasoft products to fight homicide, crimes against children, drug trafficking, data leakage, fraud, and other online and offline crimes.

More information about the company and its products at https://belkasoft.com

Information on Belkasoft Evidence Center as well as the free demo download are available at http://belkasoft.com/get
The complete list of additions and enhancements in the current release is available at http://belkasoft.com/new

Other useful links:
General info and technical spec: https://belkasoft.com/ec
Download full trial: https://belkasoft.com/trial
Who else use our product: https://belkasoft.com/customers
Training: https://belkasoft.com/training
Video tutorials: https://belkasoft.com/tutorials
What do the customers say? https://belkasoft.com/testimonials
Sign up to a webinar: https://belkasoft.com/webinar
Get a quote: https://belkasoft.com/quote
Find a reseller in your region: sales@belkasoft.com

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Yuri Gubanov
Belkasoft
+7 9119211201
Email >
Visit website