Corporate & forensic solutions
Elcomsoft Phone Password Breaker
Recover Password-Protected BlackBerry and Apple Backups
Elcomsoft Phone Password Breaker enables forensic access to password-protected backups for smartphones and portable devices based on RIM BlackBerry and Apple iOS platforms. The password recovery tool supports all Blackberry smartphones as well as Apple devices running iOS including iPhone, iPad and iPod Touch devices of all generations released to date, including the iPhone 5S and iOS 7.
Retrieve Cloud Backups: Apple iCloud and Windows Live
Cloud acquisition is an alternative way of retrieving information stored in mobile backups produced by Apple iOS, and the only method to explore Windows Phone 8 devices. Elcomsoft Phone Password Breaker can retrieve information from Apple iCloud and Windows Live! services provided that original user credentials for that account are known.
Online backups can be acquired by forensic specialists without having the original iOS or Windows 8 Phone device in hands. All that’s needed to access online backups stored in the cloud service are the original user’s credentials including Apple ID or Live ID accompanied with the corresponding password. Data can be accessed without the consent of knowledge of the device owner, making Elcomsoft Phone Password Breaker an ideal solution for law enforcement and intelligence organizations.
The given feature is confirmed to work even for acconts with Apple's two-step verification enabled, but does NOT work for Microsoft Live! accounts that use 2FA.
Accessing iCloud without Login and Password
The Forensic edition of Phone Password Breaker enables over-the-air acquisition of iCloud data without having the original Apple ID and password. Password-free access to iCloud data is made possible via the use of a binary authentication token extracted from the user’s computer.
The Forensic edition of Phone Password Breaker comes with all the tools necessary to acquire and decrypt such tokens from Windows and Mac OS X computers. During the extraction, authentication tokens for all users of that computer can be extracted, including domain users (providing that their system logon passwords are known). The tools are available in Windows and Mac versions correspondingly.
The ability to use authentication tokens acquired from the suspect’s computer in place of plain-text logon credentials is of major importance to forensic investigators. Authentication tokens are obtained from the suspect’s computer where iCloud Control Panel is installed. In order to obtain the token, the user must have been logged in to iCloud Control Panel on that PC at the time of acquisition.
iCloud Control Panel is an integral part of Mac OS systems, and installs separately on Windows PCs. Most users will stay logged in to their iCloud Control Panel for syncing contacts, passwords (iCloud Keychain), notes, photo stream and other types of data. All this means that the probability of obtaining authentication tokens from PCs with iCloud Control Panel installed is high.
Unlock Apple and BlackBerry Backups
The new tool recovers the original plain-text passwords protecting encrypted backups for Apple and BlackBerry devices (running BlackBerry 9 or earlier). The backups contain address books, call logs, SMS archives, calendars and other organizer data, camera snapshots, voice mail and email account settings, applications, Web browsing history and cache.
Decrypt BlackBerry 10 Backups
Local backups produced by BlackBerry Link are always encrypted with a highly secure hardware-specific encryption key, effectively preventing forensic analytic tools from processing BlackBerry 10 data. As even the original use has no control over the password protecting these backups, the only possible way of using these backups was restoring them onto a BlackBerry device with the same BlackBerry ID, making forensic analysis of these backups extremely cumbersome.
Elcomsoft Phone Password Breaker can effectively decrypt BlackBerry 10 backups produced with BlackBerry Link if the user’s BlackBerry ID and password are known.
Selective Access to iCloud Backups
Downloading a large backup for the very first time can potentially take hours. Subsequent updates are incremental, and occur much faster. If speed is essential, Elcomsoft Phone Password Breaker offers the ability to quickly acquire select information and skip data that’s taking the longest to download (such as music and videos). Information such as messages, attachments, phone settings, call logs, address books, notes, calendars, email account settings, camera roll, and many other pieces of information can be pre-selected and downloaded in just minutes, providing investigators with near real-time access to essential information.
Perform Enhanced Forensic Analysis on iOS 4+ Devices
ElcomSoft offers the complete toolkit for performing forensic analysis of encrypted user data stored in certain iPhone/iPad/iPod devices. The toolkit allows eligible customers acquiring bit-to-bit images of devices’ file systems, extracting phone secrets (passcodes, passwords, and encryption keys) and decrypting the file system dump. Access to most information is provided in real-time. In addition to Elcomsoft Phone Password Breaker, the toolkit includes the ability to decrypt images of devices’ file systems, as well as a free tool that can extract the encrypted file system out of the device in raw form. More information is available on a dedicated Web page.
Features and Benefits
ElcomSoft offers a highly efficient, cost-effective solution to lengthy attacks by dramatically increasing the speed of password recovery when one or more supported video cards are present. The company’s patented GPU acceleration reduces the time required to recover iPhone/iPad/iPod and BlackBerry backup passwords by orders of magnitude. The latest generation of ElcomSoft GPU acceleration technology supports unlimited numbers of AMD or NVIDIA boards such as NVIDIA GeForce 8, 9, 100, 200, 400, 500, 600 and 700-series and AMD Radeon HD 5000, 6000, 7000, R7 and R9 series. ElcomSoft GPU acceleration provides true supercomputer performance at consumer prices.
Elcomsoft Phone Password Breaker supports an advanced dictionary attack with customizable permutations. According to multiple security researches, the majority of users choose meaningful, dictionary-based passwords that are easier for them to remember. Elcomsoft Phone Password Breaker is able to recover such passwords and their variations quickly and efficiently no matter which language they are. Elcomsoft Phone Password Breaker supports a variety of permutations of dictionary words, trying hundreds of variants for each dictionary word to ensure the best possible chance to recover the password.
Extract and Decrypt Stored Passwords
In Apple iPhone devices, passwords to email accounts, Web sites, and certain third-party software are stored securely in keychains that are encrypted with hardware keys unique to each individual device. Prior to the release of iOS 4, keychains remained encrypted with a device-specific hardware key; but with the release of Apple iOS 4, the keychains are stored encrypted only with backup’s master password. Elcomsoft Phone Password Breaker is able to instantly read and decrypt all keychain data including stored passwords if a backup password is known or recovered. iOS 5/6/7 are supported as well, of course.
Elcomsoft Phone Password Breaker does not use Apple iTunes or BlackBerry Desktop Software, and does not need to have those products installed. All password recovery operations are performed offline.
Access Information Stored in BlackBerry Password Keeper and Wallet
A great deal of highly valuable information is stored in BlackBerry Password Keeper and BlackBerry Wallet apps. Users' login credentials with Web site passwords are kept in BlackBerry Password Keeper to provide mobile users with faster login experience. BlackBerry Wallet stores users' financial information including credit card numbers, billing and shipping addresses, loyalty points numbers, etc.
Information in BlackBerry Password Keeper and Wallet has an extra layer of protection. The data is securely encrypted, protected with individual master passwords. Elcomsoft Phone Password Breaker can quickly*** recover the master passwords, and unlock access to users’ passwords and financial information stored in Password Keeper and Wallet apps.
Recover BlackBerry Device Password
The recovery of BlackBerry password is possible if the user-selectable Device Password security option is enabled to encrypt media card data. By analyzing information stored on encrypted media cards, Elcomsoft Phone Password Breaker can try millions password combinations per second, recovering a fairly long 7-character password in a matter of hours. With the ability to recover the device password, ElcomSoft does what's been long considered impossible, once again making Elcomsoft Phone Password Breaker the world's first.
Elcomsoft Phone Password Breaker supports Windows XP, Windows Vista, Windows 7, Windows 8 and Windows Server 2003/2008/2012 with x32 and x64 architectures. Password-protected backups to iPhone, iPhone 3G, iPhone 3GS, iPhone 4, iPhone 4S, iPhone 5, iPhone 5C, iPhone 5S, iPad (all generations), iPad Mini and iPod Touch (all generations) devices are supported.
Please note that Elcomsoft Phone Password Breaker is NOT able to remove iPhone passcode lock, unlock iPhone from the carrier, jailbreak the iPhone or remove SIM card PIN code. It is intended for recovery of backup passwords only. For more information, read the EPPB manual and Phone Password Breaker FAQ.
Please also note that though Elcomsoft Phone Password Breaker includes the functionality to decrypt iPhone/iPod/iPad dd-style images, but imaging itself, as well as extraction of encryption keys and bypassing the passcode protection, is available only in special iOS Forensic Toolkit.
Purchase EPPB Download free trial version of EPPB