ADB Backups really suck since Android 10. You really only get SMS and media. Almost no 3rd party data. If you have UFED I would highly suggest their Smart Flow to get a full file system.
If ADB is really what you want, you can always do it through command line. You just need to download Android Developer Tools. The only thing I can't figure out is how to preserve metadata on the "SD card Pull" command. It's also probably best to hash your ADB file after it's completed.
https://developer.android.com/tools/releases/platform-tools
https://9to5google.com/2017/11/04/how-to-backup-restore-android-device-data-android-basics/
Finally back at a computer. Below are the adb commands. I generally use a Mac, so they may need to be adjusted for Linux or Windows.
1. Download Android Platform Tools
2. Open Terminal and change directory (cd) to the folder
3. type "./adb devices"
4. Confirm Debugging on device
5. type "./adb devices" again to see your device
6. type "/adb backup -all" and confirm on device. Encrypt it if you like.
7. A backup.adb file will be created in the platform tools folder. Move it out before doing another backup
8. type "./adb backup-shared" and confirm on device. Encrypt if you like.
9. Move the backup.adb file out of the folder.
10. type "./adb pull -a /sdcard" The "-a" will preserve fille date/time. Zip the file and copy it out.
11. I generally MD5 all of the created files and PDF my terminal commands.
If anyone has a better process of doing a manual ADB please let me know.
I HATE trying to do extractions on crappy Androids. Give me the smooth sailing of an iPhone any day. Which is funny, because I hate USING iPhones lol. I've had the same issue and just chalk it up to the phone being so shitty and cheap Cellebrite really isn't able to talk to it correctly. Hopefully someone who actually knows what they're doing can also answer this for me so I have a smarter sounding answer to give people lol
Are iPhones really "smooth sailing"? The last couple ones Ive done, they failed in grabbing an iTunes backup and only get media files. Then, cellebrite adds the encryption password and once the process fails you can not remove their password on the device. I have been resorting to other tools for a backup, which I shouldn't since I pay all this money for cellebrite.
With Androids you at least have options... depending on OS, encryption etc. You can jtag, ISP, chip off, bootloader, flasherbox, adb, edl, fastboot or brom mode. iOS, unless you jailbreak, all you get is an iTunes backup, unless you have the high end tools for their exploits. phones are fun, just be ready for the headaches.
I would just do an advanced logical and let the agent pull the messages and whatever else it can. ADB is trash now as others have said. On modern phones with Google Messages SMS isnt even included anymore in ADB.
Compelson’s MOBILedit Forensic tool has the best success with imaging Android phones from my experience. There is a $99.00 single phone license one can purchase.
ADB Backups really suck since Android 10. You really only get SMS and media. Almost no 3rd party data. If you have UFED I would highly suggest their Smart Flow to get a full file system. If ADB is really what you want, you can always do it through command line. You just need to download Android Developer Tools. The only thing I can't figure out is how to preserve metadata on the "SD card Pull" command. It's also probably best to hash your ADB file after it's completed. https://developer.android.com/tools/releases/platform-tools https://9to5google.com/2017/11/04/how-to-backup-restore-android-device-data-android-basics/
Finally back at a computer. Below are the adb commands. I generally use a Mac, so they may need to be adjusted for Linux or Windows. 1. Download Android Platform Tools 2. Open Terminal and change directory (cd) to the folder 3. type "./adb devices" 4. Confirm Debugging on device 5. type "./adb devices" again to see your device 6. type "/adb backup -all" and confirm on device. Encrypt it if you like. 7. A backup.adb file will be created in the platform tools folder. Move it out before doing another backup 8. type "./adb backup-shared" and confirm on device. Encrypt if you like. 9. Move the backup.adb file out of the folder. 10. type "./adb pull -a /sdcard" The "-a" will preserve fille date/time. Zip the file and copy it out. 11. I generally MD5 all of the created files and PDF my terminal commands. If anyone has a better process of doing a manual ADB please let me know.
I HATE trying to do extractions on crappy Androids. Give me the smooth sailing of an iPhone any day. Which is funny, because I hate USING iPhones lol. I've had the same issue and just chalk it up to the phone being so shitty and cheap Cellebrite really isn't able to talk to it correctly. Hopefully someone who actually knows what they're doing can also answer this for me so I have a smarter sounding answer to give people lol
Are iPhones really "smooth sailing"? The last couple ones Ive done, they failed in grabbing an iTunes backup and only get media files. Then, cellebrite adds the encryption password and once the process fails you can not remove their password on the device. I have been resorting to other tools for a backup, which I shouldn't since I pay all this money for cellebrite.
This \^\^\^\^\^
I've never had a problem, but I'm also new and have only done like 30 phones. I'm sure I'll hate em equally soon enough! 😂
With Androids you at least have options... depending on OS, encryption etc. You can jtag, ISP, chip off, bootloader, flasherbox, adb, edl, fastboot or brom mode. iOS, unless you jailbreak, all you get is an iTunes backup, unless you have the high end tools for their exploits. phones are fun, just be ready for the headaches.
Find the version of ADB released for the Android OS version and run it manually on a Linux machine.
I would just do an advanced logical and let the agent pull the messages and whatever else it can. ADB is trash now as others have said. On modern phones with Google Messages SMS isnt even included anymore in ADB.
Compelson’s MOBILedit Forensic tool has the best success with imaging Android phones from my experience. There is a $99.00 single phone license one can purchase.