Corporate & forensic solutions


Elcomsoft Phone Password Breaker

Recover Password-Protected BlackBerry and Apple Backups

Elcomsoft Phone Password Breaker enables forensic access to password-protected backups for smartphones and portable devices based on RIM BlackBerry and Apple iOS platforms. The password recovery tool supports all Blackberry smartphones as well as Apple devices running iOS including iPhone, iPad and iPod Touch devices of all generations released to date, including the iPhone 5S and iOS 7.

Retrieve Cloud Backups: Apple iCloud and Windows Live

Cloud acquisition is an alternative way of retrieving information stored in mobile backups produced by Apple iOS, and the only method to explore Windows Phone 8 devices. Elcomsoft Phone Password Breaker can retrieve information from Apple iCloud and Windows Live! services provided that original user credentials for that account are known.

Online backups can be acquired by forensic specialists without having the original iOS or Windows 8 Phone device in hands. All that’s needed to access online backups stored in the cloud service are the original user’s credentials including Apple ID or Live ID accompanied with the corresponding password. Data can be accessed without the consent of knowledge of the device owner, making Elcomsoft Phone Password Breaker an ideal solution for law enforcement and intelligence organizations.

For accounts with Apple's two-step verification enabled, the given feature works only using the authentication tokens (see next chapter) but not Apple ID and password. Microsoft Live! accounts that use two-step verification are not supported at all.

Please also note that there is a notification sent to the Apple iCloud account owner once the given iCloud backup is accessed at the first time from the new computer (once per device on account).

Accessing iCloud without Login and Password

The Forensic edition of Phone Password Breaker enables over-the-air acquisition of iCloud data without having the original Apple ID and password. Password-free access to iCloud data is made possible via the use of a binary authentication token extracted from the user’s computer.

The Forensic edition of Phone Password Breaker comes with all the tools necessary to acquire and decrypt such tokens from Windows and Mac OS X computers. During the extraction, authentication tokens for all users of that computer can be extracted, including domain users (providing that their system logon passwords are known). The tools are available in Windows and Mac versions correspondingly.

The ability to use authentication tokens acquired from the suspect’s computer in place of plain-text logon credentials is of major importance to forensic investigators. Authentication tokens are obtained from the suspect’s computer where iCloud Control Panel is installed. In order to obtain the token, the user must have been logged in to iCloud Control Panel on that PC at the time of acquisition.

iCloud Control Panel is an integral part of Mac OS systems, and installs separately on Windows PCs. Most users will stay logged in to their iCloud Control Panel for syncing contacts, passwords (iCloud Keychain), notes, photo stream and other types of data. All this means that the probability of obtaining authentication tokens from PCs with iCloud Control Panel installed is high.

Unlock Apple and BlackBerry Backups

The new tool recovers the original plain-text passwords protecting encrypted backups for Apple and BlackBerry devices (running BlackBerry 9 or earlier). The backups contain address books, call logs, SMS archives, calendars and other organizer data, camera snapshots, voice mail and email account settings, applications, Web browsing history and cache.

Decrypt BlackBerry 10 Backups

Local backups produced by BlackBerry Link are always encrypted with a highly secure hardware-specific encryption key, effectively preventing forensic analytic tools from processing BlackBerry 10 data. As even the original use has no control over the password protecting these backups, the only possible way of using these backups was restoring them onto a BlackBerry device with the same BlackBerry ID, making forensic analysis of these backups extremely cumbersome.

Elcomsoft Phone Password Breaker can effectively decrypt BlackBerry 10 backups produced with BlackBerry Link if the user’s BlackBerry ID and password are known.

Selective Access to iCloud Backups

Downloading a large backup for the very first time can potentially take hours. Subsequent updates are incremental, and occur much faster. If speed is essential, Elcomsoft Phone Password Breaker offers the ability to quickly acquire select information and skip data that’s taking the longest to download (such as music and videos). Information such as messages, attachments, phone settings, call logs, address books, notes, calendars, email account settings, camera roll, and many other pieces of information can be pre-selected and downloaded in just minutes, providing investigators with near real-time access to essential information.

Perform Enhanced Forensic Analysis on iOS 4+ Devices

ElcomSoft offers the complete toolkit for performing forensic analysis of encrypted user data stored in certain iPhone/iPad/iPod devices. The toolkit allows eligible customers acquiring bit-to-bit images of devices’ file systems, extracting phone secrets (passcodes, passwords, and encryption keys) and decrypting the file system dump. Access to most information is provided in real-time. In addition to Elcomsoft Phone Password Breaker, the toolkit includes the ability to decrypt images of devices’ file systems, as well as a free tool that can extract the encrypted file system out of the device in raw form. More information is available on a dedicated Web page.

Features and Benefits

  • Gain access to information stored in password-protected iPhone, iPad, iPod Touch and Blackberry backups
  • Decrypt iPhone and BlackBerry 9 and earlier backups with known passwords
  • Decrypt BlackBerry 10 backups with known BlackBerry ID and password
  • Recover passwords to BlackBerry Password Keeper and Wallet applications
  • Recover BlackBerry device password*
  • Read and decrypt keychain data (email account passwords, Wi-Fi passwords, and passwords you enter into websites and some other applications)
  • Save time with cost-efficient GPU acceleration when one or several AMD or NVIDIA video cards are installed**
  • Hardware acceleration on Tableau TACC1441 hardware
  • Perform advanced dictionary attacks with highly customizable permutations
  • Perform offline attacks without Apple iTunes or BlackBerry Desktop Software installed
  • Recover passwords to backups for original and ‘jailbroken’ iPhone (all models up to iPhone 5S), iPad(all generations incl. iPad Mini), and iPod Touch (all generations) devices
  • Compatible with all versions of iTunes, iOS (up to the latest 7.1.1), BlackBerry Link and BlackBerry Desktop Software

GPU Acceleration

ElcomSoft offers a highly efficient, cost-effective solution to lengthy attacks by dramatically increasing the speed of password recovery when one or more supported video cards are present. The company’s patented GPU acceleration reduces the time required to recover iPhone/iPad/iPod and BlackBerry backup passwords by orders of magnitude. The latest generation of ElcomSoft GPU acceleration technology supports unlimited numbers of AMD or NVIDIA boards such as NVIDIA GeForce 8, 9, 100, 200, 400, 500, 600 and 700-series and AMD Radeon HD 5000, 6000, 7000, R7 and R9 series. ElcomSoft GPU acceleration provides true supercomputer performance at consumer prices.

 

Advanced Attacks

Elcomsoft Phone Password Breaker supports an advanced dictionary attack with customizable permutations. According to multiple security researches, the majority of users choose meaningful, dictionary-based passwords that are easier for them to remember. Elcomsoft Phone Password Breaker is able to recover such passwords and their variations quickly and efficiently no matter which language they are. Elcomsoft Phone Password Breaker supports a variety of permutations of dictionary words, trying hundreds of variants for each dictionary word to ensure the best possible chance to recover the password.

Extract and Decrypt Stored Passwords

In Apple iPhone devices, passwords to email accounts, Web sites, and certain third-party software are stored securely in keychains that are encrypted with hardware keys unique to each individual device. Prior to the release of iOS 4, keychains remained encrypted with a device-specific hardware key; but with the release of Apple iOS 4, the keychains are stored encrypted only with backup’s master password. Elcomsoft Phone Password Breaker is able to instantly read and decrypt all keychain data including stored passwords if a backup password is known or recovered. iOS 5/6/7 are supported as well, of course.

Please note that keychain only from local password-protected backup can be decrypted. For local non-encrypted backups and backups downloaded from iCloud, decryption of the keychain is possible only if you have physical access to the device and so can get the specific encryption key from there.

Offline Backups

Elcomsoft Phone Password Breaker does not use Apple iTunes or BlackBerry Desktop Software, and does not need to have those products installed. All password recovery operations are performed offline.

Access Information Stored in BlackBerry Password Keeper and Wallet

A great deal of highly valuable information is stored in BlackBerry Password Keeper and BlackBerry Wallet apps. Users' login credentials with Web site passwords are kept in BlackBerry Password Keeper to provide mobile users with faster login experience. BlackBerry Wallet stores users' financial information including credit card numbers, billing and shipping addresses, loyalty points numbers, etc.

Information in BlackBerry Password Keeper and Wallet has an extra layer of protection. The data is securely encrypted, protected with individual master passwords. Elcomsoft Phone Password Breaker can quickly*** recover the master passwords, and unlock access to users’ passwords and financial information stored in Password Keeper and Wallet apps.

Recover BlackBerry Device Password

The recovery of BlackBerry password is possible if the user-selectable Device Password security option is enabled to encrypt media card data. By analyzing information stored on encrypted media cards, Elcomsoft Phone Password Breaker can try millions password combinations per second, recovering a fairly long 7-character password in a matter of hours. With the ability to recover the device password, ElcomSoft does what's been long considered impossible, once again making Elcomsoft Phone Password Breaker the world's first.

Compatibility Chart
  Home Professional Forensic
Support for iOS from 3.x to 7.x
Support for iPhone 3G/3GS/4/4S/5/5C/5S
Support for iPod Touch and iPad
Support for all BlackBerry devices (except PlayBook)
Brute-force attack
Dictionary attack with mutations
Number of CPUs supported 2 32 32
Number of GPUs supported 1 8 8
Hardware acceleration on Tableau TACC1441
Explore Apple keychain data
Decrypt iPhone/iPad/iPod backup (with known password)
Decrypt BlackBerry (prior to BB 10) backup (with known password)
Recover BlackBerry Password Keeper passwords
Recover BlackBerry Wallet passwords
Recover BlackBerry Device Password
Decrypt BlackBerry (prior to 10) SD card
Download data from iCloud with Apple ID and password
Download data from iCloud with authentication tokens
Extract Windows Phone data from Cloud (with known credentials)
Decrypt BlackBerry 10 backup (with known BB ID password)

 

* If an option to encrypt the media card (with password) is enabled

** Installing latest display driver is recommended when using GPU acceleration on NVIDIA or AMD cards. For multi-GPU configurations Windows 7 is recommended.

*** Several hundred thousand passwords per second can be tried depending on PC hardware

Elcomsoft Phone Password Breaker supports Windows XP, Windows Vista, Windows 7, Windows 8 and Windows Server 2003/2008/2012 with x32 and x64 architectures. Password-protected backups to iPhone, iPhone 3G, iPhone 3GS, iPhone 4, iPhone 4S, iPhone 5, iPhone 5C, iPhone 5S, iPad (all generations), iPad Mini and iPod Touch (all generations) devices are supported.

Please note that Elcomsoft Phone Password Breaker is NOT able to remove iPhone passcode lock, unlock iPhone from the carrier, jailbreak the iPhone or remove SIM card PIN code. It is intended for recovery of backup passwords only. For more information, read the EPPB manual and Phone Password Breaker FAQ.

Please also note that though Elcomsoft Phone Password Breaker includes the functionality to decrypt iPhone/iPod/iPad dd-style images, but imaging itself, as well as extraction of encryption keys and bypassing the passcode protection, is available only in special iOS Forensic Toolkit.

 


Purchase EPPB

Download free trial version of EPPB