One cannot be in two places at once. Do you know what's "Dual Apps"? Manufactures like Xiaomi,Oppo,Huawei offer "Dual Apps" feature which allows users to run two different accounts of the same app on his/her phone. Let's take "Facebook" for example. The scenario is that a suspect's phone running Android 7 and we have to extract his/her "Facebook", including the original one and the clone one.

Now there are two Facebook Apps on suspect's phone. What's the clone one looks like? You could take a look as below. On the left side is the  original one and the other side is the clone one.

Take a guess if you conduct "Downgrade Extraction" on suspect's phone to extract "Facebook", could you got both of these two "Facebook" without fail? The answer is "No". You only got the original one. So the question is: Where is the clone one and how to extract it? To achieve this, I borrow a rooted Xiaomi from a friend of mine and take a took. Very interesting there are two uid running the same app Facebook. u999? That's weird~

I've looked everywhere to search for the clone one facebook. I want to  know exactly where it is. That's it. The path what I\m looking for is /data/user/999/ .

Of course the path may differ from brand to brand.  Now "Downgrade Extraction" could extract the original one, but not working on the clone one. The challenge for Mobile forensic tools is to extract both "Dual Apps" on phones running Android 7 or above.

Where is the clone one and how to extract it?的更多相关文章

  1. Git从码云Clone代码到本地

    Git从码云或者Github 克隆代码到本地 1.下载安装Git,傻瓜式下一步下一步即可... 2.配置Git: 2.1.选择你要clone到本地的路径:右键--->$ Git Bash Her ...

  2. SCVMM中Clone虚拟机失败显示Unsupported Cluster Configuration状态

    在SCVMM进行虚拟机的Clone,虽然失败了,但是Clone出虚拟机却显示在SCVMM控制台的虚拟机的列表中,并且状态是Unsupported Cluster Configuration.无法修复, ...

  3. [LeetCode] Clone Graph 无向图的复制

    Clone an undirected graph. Each node in the graph contains a label and a list of its neighbors. OJ's ...

  4. git clone出现的error: The requested URL returned error: 401 Unauthorized

    error: The requested URL returned error: 401 Unauthorized while accessing https://git.oschina.net/.. ...

  5. ssh配置git clone简易流程

    1. 生成密钥 ssh-keygen -t rsa -C "jaynaruto@qq.com" //如果只有一对密钥,建议不要修改默认的密钥名称,即一直按回车即可 此命令会在你当前 ...

  6. 49. 3种方法实现复杂链表的复制[clone of complex linked list]

    [本文链接] http://www.cnblogs.com/hellogiser/p/clone-of-complex-linked-list.html [题目] 有一个复杂链表,其结点除了有一个ne ...

  7. java Clone 的心得记录

    我看有些类并没有实现Cloneable接口,这种情况下调用clone()方法也不try catch也不throws: 但是如果我自己这样搞,也不实现Cloneable,接口,直接调用clone()方法 ...

  8. 一眼看懂深浅拷贝(clone)-C#

    这是使用的是序列化的方式实现深拷贝 [Serializable] class Person:ICloneable { /// <summary> /// 字符串在clone 中类似于值类型 ...

  9. Android 源码下载方法(Git 方式clone)

    Android源码对于Android开发者来说,迟早有一天你会用到的,所以就记录一下,分享给读者,希望对读者有用 这里需要使用到Git相关知识,不清楚的可以先阅读,了解的可以跳过 Git-Tortoi ...

随机推荐

  1. JavaScript原型和原型链( prototype 与 __proto__ )

    一.函数对象 所有引用类型(函数.数组.对象)都拥有__proto__属性(隐式原型) 所有函数拥有 prototype 属性(显式原型)(仅限函数) 原型对象:拥有 prototype 属性的对象, ...

  2. 如何判断/检查一个集合(List<string>)中是否有重复的元素

    问题描述 在.NET/C#应用程序编程开发中,如何判断一个字符串集合List<string>中是否有重复的元素? 假如有如下的List<string>集合: var lstNa ...

  3. 并发编程-concurrent指南-阻塞队列-优先级的阻塞队列PriorityBlockingQueue

    PriorityBlockingQueue是一个支持优先级的无界阻塞队列. 它使用了和类 java.util.PriorityQueue 一样的排序规则.你无法向这个队列中插入 null 值. 所有插 ...

  4. 分布式事务(1)---2PC和3PC理论

    分布式事务(1)---2PC和3PC理论 分布式事物基本理论:基本遵循CPA理论,采用柔性事物特征,软状态或者最终一致性特点保证分布式事物一致性问题. 分布式事物常见解决方案: 2PC两段提交协议 3 ...

  5. POJ 2679:Adventurous Driving(SPFA+DFS)

    http://poj.org/problem?id=2679 Adventurous Driving Time Limit: 1000MS   Memory Limit: 65536K Total S ...

  6. windows美化工具7+ Taskbar Tweaker

    今天分享一个windows美化工具 7+ Taskbar Tweaker 调整工具专为 Windows 任务栏工作者量身定制,支持 Windows 7 以及更高版本的(非服务器版)微软操作系统平台. ...

  7. 多线程总结-同步之ReentrantLock

    目录 1 ReentrantLock与synchronized对比 2.示例用法 2.1 基本用法 2.2 尝试锁 2.3 可打断 2.4 公平锁 1 ReentrantLock与synchroniz ...

  8. py+selenium 无法定位ShowModalDialog模态窗口【已解决】

    问题:无法定位弹出的模态窗口. 前瞻: 模态窗口:关闭之前,无法操作其他窗口. 但是selenium无法定位到这类窗口,百度说是目前selenium不支持处理模态窗口. 目标:定位到窗口里面的元素,完 ...

  9. [记录] Linux登录前后提示语

    Linux登录前后提示语 /etc/issue 本地(虚拟控制台KVM等)登录前提示语,支持转义字符 /etc/issue.net 远程(telnet,ssh)登录前提示语,不支持转义字符 /etc/ ...

  10. seleniumGrid分布式远程执行测试脚本

    执行UI自动化测试脚本时,不仅可以在本地执行,也可以远程指定某计算机执行测试脚本,seleniumGrid为我们提供了这类服务,但还需要自己搭建环境. 一.本地计算机需要准备java环境和seleni ...