One cannot be in two places at once. Do you know what's "Dual Apps"? Manufactures like Xiaomi,Oppo,Huawei offer "Dual Apps" feature which allows users to run two different accounts of the same app on his/her phone. Let's take "Facebook" for example. The scenario is that a suspect's phone running Android 7 and we have to extract his/her "Facebook", including the original one and the clone one.

Now there are two Facebook Apps on suspect's phone. What's the clone one looks like? You could take a look as below. On the left side is the  original one and the other side is the clone one.

Take a guess if you conduct "Downgrade Extraction" on suspect's phone to extract "Facebook", could you got both of these two "Facebook" without fail? The answer is "No". You only got the original one. So the question is: Where is the clone one and how to extract it? To achieve this, I borrow a rooted Xiaomi from a friend of mine and take a took. Very interesting there are two uid running the same app Facebook. u999? That's weird~

I've looked everywhere to search for the clone one facebook. I want to  know exactly where it is. That's it. The path what I\m looking for is /data/user/999/ .

Of course the path may differ from brand to brand.  Now "Downgrade Extraction" could extract the original one, but not working on the clone one. The challenge for Mobile forensic tools is to extract both "Dual Apps" on phones running Android 7 or above.

Where is the clone one and how to extract it?的更多相关文章

  1. Git从码云Clone代码到本地

    Git从码云或者Github 克隆代码到本地 1.下载安装Git,傻瓜式下一步下一步即可... 2.配置Git: 2.1.选择你要clone到本地的路径:右键--->$ Git Bash Her ...

  2. SCVMM中Clone虚拟机失败显示Unsupported Cluster Configuration状态

    在SCVMM进行虚拟机的Clone,虽然失败了,但是Clone出虚拟机却显示在SCVMM控制台的虚拟机的列表中,并且状态是Unsupported Cluster Configuration.无法修复, ...

  3. [LeetCode] Clone Graph 无向图的复制

    Clone an undirected graph. Each node in the graph contains a label and a list of its neighbors. OJ's ...

  4. git clone出现的error: The requested URL returned error: 401 Unauthorized

    error: The requested URL returned error: 401 Unauthorized while accessing https://git.oschina.net/.. ...

  5. ssh配置git clone简易流程

    1. 生成密钥 ssh-keygen -t rsa -C "jaynaruto@qq.com" //如果只有一对密钥,建议不要修改默认的密钥名称,即一直按回车即可 此命令会在你当前 ...

  6. 49. 3种方法实现复杂链表的复制[clone of complex linked list]

    [本文链接] http://www.cnblogs.com/hellogiser/p/clone-of-complex-linked-list.html [题目] 有一个复杂链表,其结点除了有一个ne ...

  7. java Clone 的心得记录

    我看有些类并没有实现Cloneable接口,这种情况下调用clone()方法也不try catch也不throws: 但是如果我自己这样搞,也不实现Cloneable,接口,直接调用clone()方法 ...

  8. 一眼看懂深浅拷贝(clone)-C#

    这是使用的是序列化的方式实现深拷贝 [Serializable] class Person:ICloneable { /// <summary> /// 字符串在clone 中类似于值类型 ...

  9. Android 源码下载方法(Git 方式clone)

    Android源码对于Android开发者来说,迟早有一天你会用到的,所以就记录一下,分享给读者,希望对读者有用 这里需要使用到Git相关知识,不清楚的可以先阅读,了解的可以跳过 Git-Tortoi ...

随机推荐

  1. What?一个 Dubbo 服务启动要两个小时!

    前言 前几天在测试环境碰到一个非常奇怪的与 dubbo 相关的问题,事后我在网上搜索了一圈并没有发现类似的帖子或文章,于是便有了这篇. 希望对还未碰到或正在碰到的朋友有所帮助. 现象 现象是这样的,有 ...

  2. 【朝花夕拾】Android自定义View篇之(一)View绘制流程

    前言 转载请申明转自[https://www.cnblogs.com/andy-songwei/p/10955062.html]谢谢! 自定义View.多线程.网络,被认为是Android开发者必须牢 ...

  3. Windows使用Python虚拟环境

    Windows使用virtualenv和virtualenvwrapper-win 在Windows上使用virtualenv进行多版本Python隔离. 安装Python 在Python官网下载Py ...

  4. cat more less 命令混用

    在Linux系统中有三种命令可以用来查阅全部的文件,分别是cat.more和less命令.它们查阅文件的使用方法也比较简单都是 命令 文件名 ,但是三者又有着区别. 1.cat命令可以一次显示整个文件 ...

  5. Linux搭建基于Apache的HTTP服务器

    Linux搭建基于Apache的HTTP服务器   实验目标: 通过本实验掌握基于Linux的WWW服务器搭建. 实验步骤: 1.安装http服务 2.防火墙放通http服务 3.编辑测试网页 4.开 ...

  6. Burp Suite 基础知识(一)

    前言 大家好,我是小白,下面开始我的表演,以下内容如有雷同纯属巧合,靴靴.  (鞠躬 学到什么就写什么,可能有点乱哈. Burp Suite 是一款用于攻击 web 应用程序的集成平台,包含了许多工具 ...

  7. F#周报2019年第28期

    新闻 FableConf门票开始贩售 Bolero的HTML模板支持热加载 Bolero从v0.4到v0.5的升级指南 完整的SAFE-Chat迁移至了Fable 2 为纯函数式3D图形生成领域专用语 ...

  8. 2017《java技术预备作业》

    2017<java技术预备作业> 1.阅读邹欣老师的博客,谈谈你期望的师生关系是什么样的? 亦师亦友,很多人这样说,确实,倘若师生之间如果中间有些隔阂最终吃亏的始终是学生.我认为师生之间应 ...

  9. LINUX_记录(一)

    我有了一台电脑,有好多的硬件,CPU啊.内存啊.光驱啊.硬盘啊等等,我不想装windows,我想装linux,我就装了一个linux.事实上,可以跑,没问题,我在思考,why? 我装的linux,包括 ...

  10. C#拼装JSON数组简易方法

    下面是我们想要拼接出来的JSON字符串,返回给前台 {"success":"true","msg":"","d ...