crt0mega
/
mvt
mirror of https://github.com/mvt-project/mvt.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
945 Commits 22 Branches 67 Tags 6 MiB
Commit Graph

81 Commits

Author SHA1 Message Date
Nex 803dd2ff3a Add note in documentation about ability to invoke multiple --iocs options 2021-08-18 13:25:52 +02:00
Nex 07cf14a921 Updated docs 2021-08-18 10:34:31 +02:00
Gregorio Zanon e30f6d9134
Added availability details to records.md 
Added availability details for backup records which require encryption or aren't available anymore in recent iOS versions.
 2021-08-18 10:07:39 +02:00
Nex d61d40ee5a Updated documentation on mvt-android 2021-08-17 16:36:48 +02:00
Nex 8125f1ba14 Updated docs with new modules 2021-08-16 11:12:57 +02:00
Nex 0bc660a2b3 Updated documentation (closes: #3) 2021-08-04 19:14:06 +02:00
Nex 995ebc02cf Fixing language 2021-08-03 10:28:28 +02:00
Nex 12e0f14400 Added note on running MVT on Windows 2021-08-03 10:24:38 +02:00
Nex 1650aea248 pip3 for clarity 2021-07-31 19:48:19 +02:00
Nex 38b7aa6032 Updated doc on backup 2021-07-31 10:19:38 +02:00
Nex feb285015a Merge branch 'update-libimobiledevice-docs' of https://github.com/dkg/mvt into dkg-update-libimobiledevice-docs 2021-07-31 10:16:58 +02:00
Nex 4debee72cd Merge branch 'mvt_decrypt-backup_password_from_env' of https://github.com/dkg/mvt into dkg-mvt_decrypt-backup_password_from_env 2021-07-31 10:07:14 +02:00
Nex 5b5b065bc4 Updated doc page on IOCs 2021-07-31 10:05:41 +02:00
Daniel Kahn Gillmor 59206fc450 Describe how to use and find IOCs 
This offers generic documentation, to show how MVT can be used with
arbitrary STIX-formatted IOCs, while still pointing users at some
known-to-be-useful sample files.
 2021-07-31 00:46:36 -04:00
Daniel Kahn Gillmor 7b1b31f7be Update libimobiledevice docs about backup password reset 
In this stage, the user is likely to want to run `idevicebackup2` in
interactive mode, so clearly specify the `-i` flag in the right place
(just dropping `-i` at the end of the command does not work as
expected -- i think `idevicebackup2 backup encryption on -i` tries to
set the password to `-i`).

More importantly, note that resetting the password by resetting all
the settings runs a risk of removing some of the forensic information.
Etienne identified a file that he thought was wiped as a result of
this in the call this morning, but I don't remember which file it was.

Maybe `id_status_cache.json` ?  If you have more concrete info, please
add it here too!
 2021-07-30 23:49:06 -04:00
Daniel Kahn Gillmor 53adc05338 mvt-ios decrypt-backup: Enable pulling password from the environment. 
Specifying the password on the command line with `--password XXX`
leaves the password itself visible to any process on the machine which
can scan the process table.

On some systems (including common GNU/Linux distributions) this
visibility is possible by default.

This change should make it possible to offer the password without
putting it into the process table; rather, the user puts the password
in the environment, and specifies the name of the environment
variable, like so:

```
$ export MVT_IOS_BACKUP_PASSWORD=WronglySconeRoundnessUnruffled
$ mvt-ios decrypt-backup -d /path/to/dest /path/to/data/XXXXXXXX-YYYYYYYYYYYYYYY/
$ unset MVT_IOS_BACKUP_PASSWORD
```

or you can do so using a prefixed env var, as described in the updated
check.md documentation.
 2021-07-30 23:10:54 -04:00
Nex bfcfb3aa06 Merge branch 'extract-key' of https://github.com/pkirkovsky/mvt into pkirkovsky-extract-key 2021-07-30 18:29:47 +02:00
Nex 9451da4514 Removed duplicate title 2021-07-30 17:56:05 +02:00
Pavel Kirkovsky f4340bd4f9
Merge branch 'mvt-project:main' into extract-key 2021-07-27 17:15:37 -07:00
Nex 7fffef77ce Automatically recover malformed sqlite3 databases (closes: #25 #37) 2021-07-25 11:47:05 +02:00
Nex 6d0ff11540 Restored empty spaces for new line 2021-07-24 14:27:16 +02:00
Nex 4fdb868216
Merge pull request #76 from bryeetz/patch-1 
Typo
 2021-07-24 13:54:59 +02:00
Nex d6f49e76d6 Included Docker details in the documentation 2021-07-24 13:23:45 +02:00
Pavel Kirkovsky 30d0348256 Added `extract-key` info to main docs 2021-07-23 03:46:48 -07:00
Bryan Scheetz fa49203c9b
Typo 
adversial -> adversarial
 2021-07-22 22:49:26 -04:00
tek e69449a2f0 Fixes typos 2021-07-22 23:21:31 +02:00
tek f0a9196094 Merge branch 'master' of github.com:mvt-project/mvt 2021-07-21 10:44:43 +02:00
tek ce46e608de fixes documentation 2021-07-21 10:44:10 +02:00
lunakk-PL 167f7e3d77
Update download_apks.md 
proper Koodous link -> https://koodous.com/
 2021-07-19 13:45:47 +02:00
tek ce9ee09c2d Improves documentation 2021-07-18 16:33:34 +02:00
Nex 065a62cee1 First commit 2021-07-16 08:05:01 +02:00