一、IOS设备Lockdown文件
Windows XP: C:\Documents and Settings\All Users\Application Data\Apple
Windows Vista 、Windows 7、Windows 10:C:\ProgramData\Apple
MAC OSX:/var/db/lockdown
二、安卓信任文件(公钥)
Windows XP: C:\Documents and Settings\用户名\.android
Windows Vista 、Windows 7、Windows 10:C:\Users\用户名\.android
三、MAC OSX
Mail位置: ~/library/mail/
Keychain位置:~/library/keychains/
破解登录密码账号Hash位置:
10.7以前 “private\var\db\dslocal\nodes\Default\users”和"private\var\db\shadow\hash"
10.7以后 "private\var\db\dslocal\nodes\Default\users" (需要su权限)
iCloud Authentication tokens提取:
~/library/keychains/
~/library/Application Support/iCloud/Accounts/
发表评论