We've also updated Elcomsoft Phone Viewer (EPV) to support viewing downloaded photo streams.
Instant Access to FileVault 2
Brute-forcing your way into a crypto container protected with a 256-bit XTS-AES key is a dead end. While you can brute-force user passwords to get your way in, this is not always easy and definitely not instant. In today's release, we're making it possible to decrypt FileVault 2 volumes without brute-forcing anything.
FileVault 2 creates a Recovery Key to allow users decrypt their files if they forgot their password or move the disk to a different computer. If the user logs in with their Apple ID credentials (as opposed to using a local account), OS X will offer to back up this key into iCloud. While it may be possible to make use of that key when mounting the encrypted volume in OS X (considering that not all languages and regions are serviced by AppleCare or iCloud), the mechanism is unclear and not documented. Apple does not offer a way for the end user to view this key, or to extract it from iCloud.
In Elcomsoft Phone Breaker 6.0, we can pull FileVault 2 recovery keys from iCloud, and use these keys to decrypt FileVault 2 containers. For that to work, you'll need the disk image in DMG, DD or EnCase format.
Of course, you'll need to be able to login into iCloud using the correct Apple ID/password or authentication token. Good news: we can get them for you!
Extracting Apple ID Password or Authentication Token
If you have access to a password-protected iOS backup, or if you can make one, Elcomsoft Phone Breaker 6.0 can extract the user's Apple ID password from that backup. The password is routinely cached by Safari browser, while Apple iTunes and the App Store may keep an authentication token that can be used for logging in to iCloud instead of the password. Elcomsoft Phone Breaker 6.0 automatically scans all those sources to extract the user's Apple ID password and/or authentication token.
In addition to Apple ID password, we added the ability to see passwords stored in the browser, passwords to email accounts, as well as passwords and tokens to social network accounts, gaming portals and instant messaging applications.
Did you buy the tool already? Download the update free of charge! Still sitting on the fence? A free evaluation download is available!
|