Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mobile Forensics Cookbook

You're reading from   Mobile Forensics Cookbook Data acquisition, extraction, recovery techniques, and investigations using modern forensic tools

Arrow left icon
Product type Paperback
Published in Dec 2017
Publisher
ISBN-13 9781785282058
Length 302 pages
Edition 1st Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Igor Mikhaylov Igor Mikhaylov
Author Profile Icon Igor Mikhaylov
Igor Mikhaylov
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. SIM Card Acquisition and Analysis FREE CHAPTER 2. Android Device Acquisition 3. Apple Device Acquisition 4. Windows Phone and BlackBerry Acquisition 5. Clouds are Alternative Data Sources 6. SQLite Forensics 7. Understanding Plist Forensics 8. Analyzing Physical Dumps and Backups of Android Devices 9. iOS Forensics 10. Windows Phone and BlackBerry Forensics 11. JTAG and Chip-off Techniques

SIM card acquisition and analysis with SIMCon

SIMCon is one of the best utilities for a forensic analysis of SIM cards. It had a low price and for government organizations, military, and police, it was provided free of charge. Besides its impressive functionality, SIMCon, from some SIM cards, can extract data protected by PIN code. For example, phonebook.

Despite the fact that the SIMCon project was closed several years ago, the program did not disappear. A new updated version of this program is called Sim Card Seizure. The distribution rights of the program belong to the company Paraben. Also, the functionality of SIMCon is implemented in another product from Paraben--E3: Electronic Evidence Examiner.

Getting ready

The SIMCon project does not have its own address on the internet now. However, the installation software can be found via search engines.You can also download a trial version of Sim Card Seizure from Paraben's website. The limitation of the trial version of Sim Card Seizure is that only the first 20 records of phonebook, calls, messages are displayed.

How to do it...

  1. Double-click on the program icon and connect the card reader with the SIM card. The program will open the Enter PIN information window as shown in the following screenshot:
  1. In this case, there is no need to enter the PIN code. Click on the OK button to start the data extraction process. The status of the extraction process will be shown in the Reading SIM... window:
  1. If the data is successfully extracted, you will be asked to fill in the Investigator:, Date / Time:, Case:, Evidence Number:, and Notes: fields in the Acquisition Notes window. After filling in the fields, click on the OK button:
  1. Unlike TULP2G and MOBILedit Forensic, SIMCon allows you not only to extract data and generate a report but also to view the extracted data. The following screenshot shows a fragment of the SIMCon window in which we can see SMS messages, including deleted ones, which were extracted from the SIM card:
The Acquisition Notes window

At the bottom of the SIMCon main window, there is a section that displays detailed information about the selected record:

A section of the SIMCon main window with the detailed information about the selected record

The SIMCon program allows viewing the contents of each file. The following screenshot shows the contents of the elementary file (EF_ICCID):

How it works...

SIMCon extracts data from the SIM card installed in the card reader that is connected to the expert's computer. After this, you can generate a forensic report or analyze the extracted data from the main window of this program.

See also

You have been reading a chapter from
Mobile Forensics Cookbook
Published in: Dec 2017
Publisher:
ISBN-13: 9781785282058
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime