One cannot be in two places at once. Do you know what's "Dual Apps"? Manufactures like Xiaomi,Oppo,Huawei offer "Dual Apps" feature which allows users to run two different accounts of the same app on his/her phone. Let's take "Facebook" for example. The scenario is that a suspect's phone running Android 7 and we have to extract his/her "Facebook", including the original one and the clone one.

Now there are two Facebook Apps on suspect's phone. What's the clone one looks like? You could take a look as below. On the left side is the  original one and the other side is the clone one.

Take a guess if you conduct "Downgrade Extraction" on suspect's phone to extract "Facebook", could you got both of these two "Facebook" without fail? The answer is "No". You only got the original one. So the question is: Where is the clone one and how to extract it? To achieve this, I borrow a rooted Xiaomi from a friend of mine and take a took. Very interesting there are two uid running the same app Facebook. u999? That's weird~

I've looked everywhere to search for the clone one facebook. I want to  know exactly where it is. That's it. The path what I\m looking for is /data/user/999/ .

Of course the path may differ from brand to brand.  Now "Downgrade Extraction" could extract the original one, but not working on the clone one. The challenge for Mobile forensic tools is to extract both "Dual Apps" on phones running Android 7 or above.

Where is the clone one and how to extract it?的更多相关文章

  1. Git从码云Clone代码到本地

    Git从码云或者Github 克隆代码到本地 1.下载安装Git,傻瓜式下一步下一步即可... 2.配置Git: 2.1.选择你要clone到本地的路径:右键--->$ Git Bash Her ...

  2. SCVMM中Clone虚拟机失败显示Unsupported Cluster Configuration状态

    在SCVMM进行虚拟机的Clone,虽然失败了,但是Clone出虚拟机却显示在SCVMM控制台的虚拟机的列表中,并且状态是Unsupported Cluster Configuration.无法修复, ...

  3. [LeetCode] Clone Graph 无向图的复制

    Clone an undirected graph. Each node in the graph contains a label and a list of its neighbors. OJ's ...

  4. git clone出现的error: The requested URL returned error: 401 Unauthorized

    error: The requested URL returned error: 401 Unauthorized while accessing https://git.oschina.net/.. ...

  5. ssh配置git clone简易流程

    1. 生成密钥 ssh-keygen -t rsa -C "jaynaruto@qq.com" //如果只有一对密钥,建议不要修改默认的密钥名称,即一直按回车即可 此命令会在你当前 ...

  6. 49. 3种方法实现复杂链表的复制[clone of complex linked list]

    [本文链接] http://www.cnblogs.com/hellogiser/p/clone-of-complex-linked-list.html [题目] 有一个复杂链表,其结点除了有一个ne ...

  7. java Clone 的心得记录

    我看有些类并没有实现Cloneable接口,这种情况下调用clone()方法也不try catch也不throws: 但是如果我自己这样搞,也不实现Cloneable,接口,直接调用clone()方法 ...

  8. 一眼看懂深浅拷贝(clone)-C#

    这是使用的是序列化的方式实现深拷贝 [Serializable] class Person:ICloneable { /// <summary> /// 字符串在clone 中类似于值类型 ...

  9. Android 源码下载方法(Git 方式clone)

    Android源码对于Android开发者来说,迟早有一天你会用到的,所以就记录一下,分享给读者,希望对读者有用 这里需要使用到Git相关知识,不清楚的可以先阅读,了解的可以跳过 Git-Tortoi ...

随机推荐

  1. 牛客假日团队赛1 B

    B.便便传送门(一) 题目链接:https://ac.nowcoder.com/acm/contest/918/B 题目 Farmer John最讨厌的农活是运输牛粪.为了精简这个过程,他制造了一个伟 ...

  2. 导入lxml找不到etree,报ImportError:DLL load failed:找不到指定的程序

    1.是pip install lxml后,安装好了lmx-3.8.0,然后执行sacpy的scrapy crawl jobbole命令报导入lxml的etree无法导入,找不到指定的程序 2.这是因为 ...

  3. HDU 3938:Portal(并查集+离线处理)

    http://acm.hdu.edu.cn/showproblem.php?pid=3938 Portal Problem Description   ZLGG found a magic theor ...

  4. 微信小程序开发--组件(4)

    一.picker-view / picker-view-column <view> <view>{{year}}年{{month}}月{{day}}日</view> ...

  5. Java编程思想:压缩

    import java.io.*; import java.util.Enumeration; import java.util.zip.*; public class Test { public s ...

  6. 网页学习:day1

    初始准备: Write some function Write a titie Write a article Write some button Button function写法: functio ...

  7. ASP.NET Core[源码分析篇] - Startup

    应用启动的重要类 - Startup 在ASP.NET Core - 从Program和Startup开始这篇文章里面,我们知道了Startup这个类的重要性,它主要负责了: 配置应用需要的服务(服务 ...

  8. Excel催化剂开源第28波-调用Google规划求解库

    在Excel催化剂的自定义函数中,有规划求解的函数,用于在一些凑数的场景,某财务工作网友向我提出的需求,例如用于凑发票额使用. 一般开发票的场景是多次采购合在一起开具,即多个订单产生后开,同时发票一般 ...

  9. C#3.0新增功能09 LINQ 基础03 LINQ 和泛型类型

    连载目录    [已更新最新开发文章,点击查看详细] LINQ 查询基于 .NET Framework 版本 2.0 中引入的泛型类型. 无需深入了解泛型即可开始编写查询. 但是,可能需要了解 2 个 ...

  10. [leetcode] 5. Longest Palindromic Substring (Medium)

    原题链接 找到并返回最长回路子串 思路: 解法一: 最简单的双重遍历,判断s[i]到s[j]是不是回串. Runtime: 610 ms, faster than 6.39% of Java 慢的不行 ...