Book Image

Learning Android Forensics

By : Rohit Tamma, Donnie Tindall
Book Image

Learning Android Forensics

By: Rohit Tamma, Donnie Tindall

Overview of this book

Table of Contents (15 chapters)
Learning Android Forensics
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Google Chrome analysis


Google Chrome is a web browser and is the default browser on Nexus and many other devices. Chrome data on the device is somewhat unique, in that, it contains data not just from the device, but from all devices on which the user has logged in to Chrome. This means that it is entirely possible (even very likely) that data from the user browsing on their desktop computer will be found in the databases on their phone. However, this also leads to huge amounts of data for an examiner to sort through, but that's a good problem to have.

Package name: com.android.chrome

Version: 40.0.2214.89

Files of interest:

  • /app_chrome/Default/

    • Sync Data/SyncData.sqlite3

    • Bookmarks

    • Cookies

    • Google Profile Picture.png

    • History

    • Login Data

    • Preferences

    • Top Sites

    • Web Data

  • /app_ChromeDocumentActivity/

All of the files listed earlier in the /app_chrome/Default folder, except for the one .png file, Bookmarks, and Preferences, are SQLite databases despite the lack of a file extension.

The SyncData...