Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature Request: Zip folder support for ios_apt #75

Open
stark4n6 opened this issue Sep 30, 2021 · 4 comments
Open

Feature Request: Zip folder support for ios_apt #75

stark4n6 opened this issue Sep 30, 2021 · 4 comments

Comments

@stark4n6
Copy link

I have no idea how difficult it would be but would love to see it, as we see more FFS extractions.

@ydkhatri
Copy link
Owner

ydkhatri commented Sep 30, 2021 via email

@stark4n6
Copy link
Author

stark4n6 commented Oct 1, 2021

thanks!

@ydkhatri
Copy link
Owner

Do you have specific samples for this that you can share? I support reading AXIOM ZIPS in mac_apt, however it won't work for just about any zip file. The reason being that unlike ileapp/aleapp or Axiom, mac_apt does not glob through the folder structure to identify files. It needs to know the structure of the image. Also zip images were not built to be forensic containers, so some part of storing forensic data in them is programmer dependent, and will be different as per the implementation. Let me give you an example. Axiom stores folders as empty entries in the zip with a trailing slash to identify it as such. Some other implementation may just skip folders altogether and just store files (which is how its supposed to be in zips).

So I really need samples from vendor implementations to support reading zips created by different programs.

@stark4n6
Copy link
Author

I'll have to check but I think the main ones I had for testing were from CTF's like Cellebrite's or Magnet's or Josh Hickman's images. If you want links I can send them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants