DFM12 - Online

If you are visually impaired or blind, you can visit the PDF version by Pressing CONTROL + ALT + 4

* { font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #5F6265 } body { background-color: #FFF; padding: 15px } h1 { font-size: 17px; font-weight: 700; border-bottom: 1px solid #D1E7B2; font-family: Tahoma, Geneva, sans-serif } p, li { padding: 5px 0 5px 0; } ul { padding-left: 40px; } a:link,a:visited,a:active,a:hover { text-decoration: underline; color: #5F6265 } #application,#applicationContainer { display: none } You need a JavaScript-enabled browser to view this PublicationPlease follow these steps to view the Publication:

Enable JavaScript in your browser

Refresh this page

Best regards
Zmags

The Quarterly Magazine for Digital Forensics Practitioners INSIDE / Testing Tool Capability for Social Network Forensics / First Responders / What's so Ethical About Hacking? / Mobile Devices & EVIL TWINS REVERSE ENGINEERING PERL2EXE BACK TO PERL Thijs Bosschert on a new approach to recover the full Perl source code from Perl2Exe executable ﬁles AN IPOD NANO IN THIS MONTH'S COMPETITION WIN! ISSUE 12 AUGUST 2012 03 9 772042 061127 Issue 12 / £14.99 TR Media / REGULARS / FROM THE LAB / INTRODUCING / Book Reviews robservations, 360, MacForensics Lab V4 Image Forensics DiSTRIBUTED AND news, irq & more… review & How to UFED PLUS IOS Q&A CLOUD COMPUTING EDITORIAL I <a title="DFM12 - Online page 1" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=1"> The Quarterly Magazine for Digital Forensics Prac</a> <a title="DFM12 - Online page 2" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=2"> </a> <a title="DFM12 - Online page 3" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=3"> EDITORIAL I </a> <a title="DFM12 - Online page 4" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=4"> </a> <a title="DFM12 - Online page 5" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=5"> CONTENTS / DIGITAL FORENSICS MAGAZINE </a> <a title="DFM12 - Online page 6" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=6"> / NEWS NEWS MD5 adds iCONECT's Intuitive XERA </a> <a title="DFM12 - Online page 7" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=7"> We note that GCHQ and the other agencies hav</a> <a title="DFM12 - Online page 8" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=8"> </a> <a title="DFM12 - Online page 9" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=9"> / FEATURE FIRST RESPONDERS & FORENSIC CAPABILI</a> <a title="DFM12 - Online page 10" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=10"> / FEATURE Figure 2. Incursion Log En</a> <a title="DFM12 - Online page 11" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=11"> practice in the middle of a full blown attack, an</a> <a title="DFM12 - Online page 12" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=12"> / FEATURE 1 Indicative Non-erotic and non</a> <a title="DFM12 - Online page 13" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=13"> </a> <a title="DFM12 - Online page 14" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=14"> / ROBSERVATIONS ROBSERVATIONS Workloads are g</a> <a title="DFM12 - Online page 15" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=15"> The digital world is one where you have to co</a> <a title="DFM12 - Online page 16" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=16"> / LEAD FEATURE REVERSE ENGINEERING PERL2EXE BA</a> <a title="DFM12 - Online page 17" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=17"> / How a Perl2Exe Generated Program Works The newl</a> <a title="DFM12 - Online page 18" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=18"> / LEAD FEATURE Figure 4.</a> <a title="DFM12 - Online page 19" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=19"> the line with the JNE in it and then change the t</a> <a title="DFM12 - Online page 20" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=20"> / LEAD FEATURE Figure 5. OllyDbg jum</a> <a title="DFM12 - Online page 21" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=21"> </a> <a title="DFM12 - Online page 22" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=22"> / FEATURE MOBILE DEVICES & EVIL TWINS We all hav</a> <a title="DFM12 - Online page 23" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=23"> threats that have gone unnoticed replacing the ne</a> <a title="DFM12 - Online page 24" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=24"> / FEATURE Beacon frames are all well and </a> <a title="DFM12 - Online page 25" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=25"> 2. Next we need to set up some tunnelling, this w</a> <a title="DFM12 - Online page 26" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=26"> / LETTERS 360° Your chance to have your say… H </a> <a title="DFM12 - Online page 27" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=27"> </a> <a title="DFM12 - Online page 28" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=28"> </a> <a title="DFM12 - Online page 29" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=29"> / LEGAL EDITORIAL LEGAL EDITORIAL Why `Copyri</a> <a title="DFM12 - Online page 30" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=30"> / LEGAL FEATURE THE RISE AND FALL OF THE CASE </a> <a title="DFM12 - Online page 31" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=31"> Kim Dotcom; whose original name is Kim Schmi</a> <a title="DFM12 - Online page 32" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=32"> / LEGAL FEATURE was infringing on the exclusi</a> <a title="DFM12 - Online page 33" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=33"> / NEXT ISSUE COMING SOON… A round-up of feat</a> <a title="DFM12 - Online page 34" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=34"> / LEGAL NEWS ALERT LEGAL NEWS ALERT Google sue</a> <a title="DFM12 - Online page 35" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=35"> </a> <a title="DFM12 - Online page 36" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=36"> / MEET THE PROFESSIONALS MEET THE DF PROFESSIO</a> <a title="DFM12 - Online page 37" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=37"> based mail clients and even communication inside </a> <a title="DFM12 - Online page 38" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=38"> </a> <a title="DFM12 - Online page 39" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=39"> </a> <a title="DFM12 - Online page 40" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=40"> COMPETITION / This issue we have A FANTASTIC A</a> <a title="DFM12 - Online page 41" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=41"> / FEATURE ETHICAL HACKING What place do hacker</a> <a title="DFM12 - Online page 42" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=42"> / FEATURE Purist hackers continued to pro</a> <a title="DFM12 - Online page 43" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=43"> (IIOC) on the Internet. They believed abusing chi</a> <a title="DFM12 - Online page 44" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=44"> / FEATURE / Evolution of the</a> <a title="DFM12 - Online page 45" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=45"> / APPLE AUTOPSY APPLE AUTOPSY The Retina Display</a> <a title="DFM12 - Online page 46" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=46"> / FEATURE MAC FORENSICS LAB V4.0 If you are l</a> <a title="DFM12 - Online page 47" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=47"> The browse function Mac Forensics Lab reads </a> <a title="DFM12 - Online page 48" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=48"> / FEATURE The folks at SubRosaSoft also h</a> <a title="DFM12 - Online page 49" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=49"> Report generation output There are other sho</a> <a title="DFM12 - Online page 50" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=50"> </a> <a title="DFM12 - Online page 51" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=51"> / FEATURE HANDS ON THE UFED TOUCH A new interf</a> <a title="DFM12 - Online page 52" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=52"> / FEATURE Touch provides all the same functio</a> <a title="DFM12 - Online page 53" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=53"> For instance, say you ﬁnd a string of text me</a> <a title="DFM12 - Online page 54" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=54"> / FEATURE / Additional capabi</a> <a title="DFM12 - Online page 55" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=55"> / FEATURE TESTING TOOL CAPABILITY FOR SOCIAL N</a> <a title="DFM12 - Online page 56" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=56"> / FEATURE Figure 1. The Tes</a> <a title="DFM12 - Online page 57" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=57"> Name Description CacheBack (version 3.7.5) I</a> <a title="DFM12 - Online page 58" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=58"> / FEATURE Figure 2. Compariso</a> <a title="DFM12 - Online page 59" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=59"> </a> <a title="DFM12 - Online page 60" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=60"> / FEATURE COVERT CHANNELS IN NETWORK PROTOCOLS</a> <a title="DFM12 - Online page 61" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=61"> Figure 1 In addition the following software </a> <a title="DFM12 - Online page 62" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=62"> / FEATURE Figure 2 </a> <a title="DFM12 - Online page 63" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=63"> i.e. can anybody see the information ﬂow, measure</a> <a title="DFM12 - Online page 64" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=64"> / FEATURE In addition, some ﬁelds can on</a> <a title="DFM12 - Online page 65" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=65"> </a> <a title="DFM12 - Online page 66" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=66"> / FEATURE VIDEO IDENTIFICATION The proliferati</a> <a title="DFM12 - Online page 67" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=67"> The Videntiﬁer software can be downloaded fr</a> <a title="DFM12 - Online page 68" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=68"> / FEATURE THE GPU PROCESSING SI</a> <a title="DFM12 - Online page 69" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=69"> </a> <a title="DFM12 - Online page 70" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=70"> / FEATURE CIRCUMVENTING SMS BASED TWO FACTOR A</a> <a title="DFM12 - Online page 71" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=71"> attacks and they have been seen in the wild. Of p</a> <a title="DFM12 - Online page 72" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=72"> / FEATURE / Dissecting the Attack and Malware D</a> <a title="DFM12 - Online page 73" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=73"> · Attackers can inject HTML tags into HTTP respon</a> <a title="DFM12 - Online page 74" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=74"> / FEATURE · Android and Symbian allow develop</a> <a title="DFM12 - Online page 75" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=75"> Digital ForensicS / magazine BACK ISSUES The Quar</a> <a title="DFM12 - Online page 76" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=76"> / FEATURE Q&A Electronic Discovery and Digital Fo</a> <a title="DFM12 - Online page 77" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=77"> Example Feature Physical Logical iTun</a> <a title="DFM12 - Online page 78" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=78"> / FEATURE Name of File Encryption Key </a> <a title="DFM12 - Online page 79" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=79"> Operating System System Path Windows XP C</a> <a title="DFM12 - Online page 80" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=80"> / BOOK REVIEWS BOOK REVIEWS Distributed and Cl</a> <a title="DFM12 - Online page 81" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=81"> Due to their different artifacts, the book ha</a> <a title="DFM12 - Online page 82" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=82"> / COLUMN IRQ Clouding the issue. Sby Angus Marsha</a> <a title="DFM12 - Online page 83" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=83"> </a> <a title="DFM12 - Online page 84" href="https://secure.viewer.zmags.com/publication/5d2b4ae7?page=84"> </a>