As we know that WeChat will wipe deleted chat messages. That's why forensic guys could  not dig out any deleted chat messages in EnMicroMsg.db. Is it possible to let those deleted chat messages show up again?

For performance's sake, WeChat will created index for better user experience. That's the key point for forensic guys to recover those deleted chat messages or contacts. Let me show you where the index exists as below.

Look into the table "FTS5IndexMessage_content"  and "FTK5IndexContact_content" and we could find all chat messages and contacts. No doubt those deleted chat messages or contacts still exist in these tables. Suspect may delete chat messages but no way he/she could delete index database.

Of course suspect may uninstall WeChat and its folder "com.tencent.mm" will no longer exists. But forensic guys could still recover content of WeChat by deep recovery on image acquired from an Android phone.

Those manufacturers of Mobile Forensic software should take it into consideration and their tools won't miss the deleted WeChat chat messages again.

Dig out WeChat deleted chat messages on Android Phone的更多相关文章

  1. WeChat 6.3 wipe deleted chat messages as well as LINE 5.3 and above

    Let me show you the WeChat version first. It is 6.3. What will happen to WeChat deleted chat message ...

  2. Dig out deleted chat messages of App Skype

    Last month Candy was arrested on suspicion of having doing online porn webcam shows, but Candy refus ...

  3. Let's see if we could reocver Line 5.3 and above deleted chat messages or not

    Forensic is a strict science and we should let the evidence speak for itself. Several months ago I s ...

  4. dig out deledted chat messages

    One of my friends asked me to do a favor for her. She said her friend deleted some important chat me ...

  5. No deleted LINE chat messages recovered on iOS 9.1 after UFED extraction

    The evidence is iPhone 5s with iOS 9.1 and not jail breaked. I use UFED to do advanced logical extra ...

  6. How to extract WeChat chat messages from a smartphone running Android 7.x or above

    A friend of mine she was frustarted in extracting WeChat chat messages from suspect's smartphone run ...

  7. how to extract and decrypt WeChat EnMicromsg.db on Android phone

    One of my friend came to me with an Android phone. She saild somehting wrong with the hardware of he ...

  8. Android Malware Analysis

    A friend of mine asked me help him to examine his Android 5.0 smartphone. He did not say what's wron ...

  9. 微信破解,解密?How To Decrypt WeChat EnMicroMsg.db Database?

    20元现金领取地址:http://jdb.jiudingcapital.com/phone.html内部邀请码:C8E245J (不写邀请码,没有现金送) 国内私募机构九鼎控股打造,九鼎投资是在全国股 ...

随机推荐

  1. 视频云SDK iOS持续集成项目实践

    1. 前言 2016年, 我们维护的 iOS推流播放融合SDK KSYLive_iOS 在github上发布了40多个版本, 平均两周发布一个新版本, 经历了最初痛苦的全手动版本构建和维护, 到后来慢 ...

  2. golang sql database drivers

    https://github.com/golang/go/wiki/SQLDrivers SQL database drivers The database/sql and database/sql/ ...

  3. 消费五分钟,小白也能了解的经典技术:关于IP负载均衡(LVS之NAT)

    这里准备以两篇文章来大概讲述一下LVS负载均衡 NAT TUN/DR和共享存储 前言: 为什么搭建LVS: 若一台服务器只能支持10人在线.那么有100人访问,则需要多少台服务器. 这个不言而喻:10 ...

  4. Qt用Zip压缩文件夹的一些坑

    环境: QT3.3.8 vs2005 QDir dir("/home/Blinux/html"); if ( !dir.exists() ) { //目录不存在 } QString ...

  5. Go Language 开发环境搭建

    [前言] Go语言是Google公司2009年发布的新一代的开发语言,其最大的亮点是原生自带并发,在合适的场合使用合适的代码,我们的系统将会更加完美.下面我们进行go语言的安装和配置. 一.下载安装 ...

  6. Mtklog 分析(学习)

    常见log异常类型: JE  NE KE EE(external(modem) exception) 一.常见应用异常搜索关键信息 1. 常见应用crash的(系统提示***已停止运行) ,可以在ma ...

  7. 分享一个大神自己的blog

    std::sort() 详解 http://feihu.me/blog/ C++11 新特性 http://blog.guoyb.com/2016/09/19/cpp11-all/ unity3d 相 ...

  8. 【转载】漫谈HADOOP HDFS BALANCER

    Hadoop的HDFS集群非常容易出现机器与机器之间磁盘利用率不平衡的情况,比如集群中添加新的数据节点.当HDFS出现不平衡状况的时候,将引发很多问题,比如MR程序无法很好地利用本地计算的优势,机器之 ...

  9. 编程范式:命令式编程(Imperative)、声明式编程(Declarative)和函数式编程(Functional)

    主要的编程范式有三种:命令式编程,声明式编程和函数式编程. 命令式编程: 命令式编程的主要思想是关注计算机执行的步骤,即一步一步告诉计算机先做什么再做什么. 比如:如果你想在一个数字集合 collec ...

  10. 模拟Vue之数据驱动

    一.前言 在随笔"模拟Vue之数据驱动1"结尾处,我们说到如果监听的属性是个对象呢?那么这个对象中的其他属性岂不就是监听不了了吗? 如下: 倘若user中的name.age属性变化 ...