private void btnAcquire_Click(object sender, EventArgs e)
{
if (MessageBox.Show("Warning: This mode of acquisition may not be forensically safe as it uses utilities (AFC) only available on jailbroken devices. This means that the derived data may not be accepted in court. Are you sure you want to continue?", "Warning", MessageBoxButtons.OKCancel) == System.Windows.Forms.DialogResult.Cancel)
{
return;
}
string waSandboxedPath = "";
string[] paths = testDevice.GetDirectories("/var/mobile/Applications/");
pbAcquisition.Maximum = paths.Length;
int progress = 0;
foreach (string appSandboxFolders in paths)
{
progress++;
pbAcquisition.Value = progress;
Application.DoEvents();
string[] subfolders = testDevice.GetDirectories("/var/mobile/Applications/" + appSandboxFolders + "/");
foreach (string appFolders in subfolders)
{
if (appFolders == "WhatsApp.app")
{
waSandboxedPath = "/var/mobile/Applications/" + appSandboxFolders + "/Documents/ChatStorage.sqlite";
}
}
}
//bool success = testDevice.Exists(waSandboxedPath);
//MessageBox.Show(waSandboxedPath);
string copyDestination = Application.StartupPath + "\\AcquiredChatStorage.sqlite";
if (System.IO.File.Exists(copyDestination))
{
System.IO.File.Delete(copyDestination);
}
bool success = testDevice.CopyFileFromPhone(testDevice, waSandboxedPath, Application.StartupPath, "AcquiredChatStorage.sqlite");
//MessageBox.Show(copyDestination);
ownerPointer.LoadDatabase(copyDestination);
MessageBox.Show("Acquisition Complete");
this.Close();
//MessageBox.Show(success.ToString());
}
public void AddNodes(TreeNode thisNode, String path, Int32 getLevels)
{
String[] dirNames;
labelStatus.Text = "Adding folder " + thisNode.Text;
dirNames = myPhone.GetDirectories(path);
if (thisNode.TreeView != null)
{
thisNode.TreeView.BeginUpdate();
}
if (dirNames.Length > 0)
{
if (getLevels != 0)
{
for (int i = 0; i < dirNames.Length; i++)
{
TreeNode childNode = new TreeNode(dirNames[i]);
childNode.ImageKey = "Folder";
childNode.Name = path + "/" + dirNames[i];
ItemProperty thisItem = ipItems.FindItem(childNode.Name);
if (thisItem != null)
{
childNode.ImageKey = thisItem.ImageKey;
childNode.Tag = thisItem.Tag;
}
else
{
childNode.ImageKey = "Other";
childNode.Tag = "Unknown";
}
AddNodes(childNode, path + "/" + dirNames[i], (getLevels - 1));
thisNode.Nodes.Add(childNode);
thisNode.Tag = "loaded";
Application.DoEvents();
}
}
else
{
TreeNode childNode = new TreeNode(".");
childNode.Name = path + "/.";
thisNode.Nodes.Add(childNode);
if (thisNode.ImageKey == "Folder")
{
thisNode.ImageKey = "Folder-Files";
}
thisNode.Tag = "notloaded";
Application.DoEvents();
}
}
if (thisNode.TreeView != null)
{
thisNode.TreeView.EndUpdate();
}
}
//Implements the search for listings by means of identification FindFirst and FindNext
public override NT_STATUS ReadDirectory(UserContext UserContext, FileContext FileObject)
{
NT_STATUS error = NT_STATUS.OK;
MyFileContext HE = (MyFileContext)FileObject;
if (!HE.IsDirectory)
{
Debug.WriteLine("Warning->Handle is not a directory, can not get a listing");
return(NT_STATUS.INVALID_HANDLE);
}
if (!phone.Exists(root + HE.Name) || !phone.IsDirectory(root + HE.Name))
{
return(NT_STATUS.OBJECT_PATH_NOT_FOUND); // Directroy not found, should never happen
}
HE.Items.Add(new DirectoryContext(".", FileAttributes.Directory));
HE.Items.Add(new DirectoryContext("..", FileAttributes.Directory));
DirectoryContext Item = null;
foreach (string DirName in phone.GetDirectories(root + HE.Name))
{
error = GetAttributes(UserContext, root + HE.Name + DirName, out Item);
if (error != 0)
{
Trace.WriteLine("Warning->Error: '" + error + "' during listing directories: " + HE.Name + DirName);
}
HE.Items.Add(Item);
}
foreach (string FileName in phone.GetFiles(root + HE.Name))
{
error = GetAttributes(UserContext, root + HE.Name + FileName, out Item);
if (error != 0)
{
Trace.WriteLine("Warning->Error: '" + error + "' during listing files: " + FileName);
}
else
{
HE.Items.Add(Item);
}
}
return(NT_STATUS.OK);
}
private void iDevice_Connected(object sender, ConnectEventArgs e)
{
if (new[] { "iPhone1,1", "iPhone1,2", "iPhone2,1", "iPod1,1", "iPod2,1", "iPod3,1" }.Contains(iDevice.DeviceProductType) || iDevice.DeviceProductType.StartsWith("iPad", true, System.Globalization.CultureInfo.CreateSpecificCulture("en")))
{
lblPlug.Text = "An iDevice has been plugged in!\r\nHowever, Jaku Theme does not support your device yet!";
}
else if (!iDevice.IsJailbreak)
{
lblPlug.Text = "Your iDevice must be jailbroken in order to install custom themes!";
}
else
{
this.Invoke((MethodInvoker) delegate
{
lblPlug.Visible = false;
wBrowser.Visible = true;
btnBrowse.Enabled = true;
btnRespring.Enabled = true;
txtSearch.Enabled = true;
// User Apps
foreach (var dir in iDevice.GetDirectories("/var/mobile/Applications"))
{
foreach (var dir2 in iDevice.GetDirectories("/var/mobile/Applications/" + dir))
{
if (dir2.EndsWith(".app"))
{
string finalPath = "/var/mobile/Applications/" + dir + "/" + dir2;
getFile(finalPath + "/Info.plist", "tmp\\Info.plist"); // Get Info.plist so we can continue
// Use iTunes PlUtil from iTunes Libraries to convert bplist to plist
ProcessStartInfo procStartInfo = new ProcessStartInfo(Path.Combine(ApplicationSupportDirectory, "plutil.exe"), @"-convert xml1 """ +
Path.Combine(Environment.CurrentDirectory, "tmp\\Info.plist") + @"""")
{
UseShellExecute = false,
CreateNoWindow = true,
RedirectStandardOutput = true,
Verb = "runas"
};
var p = new Process();
p.StartInfo = procStartInfo;
p.Start();
string output = p.StandardOutput.ReadToEnd();
p.WaitForExit();
//MessageBox.Show(output);
Plist plist = new Plist();
plist.Load("tmp\\Info.plist"); //now load
dynamic search;
// get icon names, download them until we found perfect 114x114 image size
if (plist.ContainsKey("CFBundleIconFiles"))
{
search = plist["CFBundleIconFiles"];
}
else
{
search = plist["CFBundleIcons"]["CFBundlePrimaryIcon"]["CFBundleIconFiles"];
}
foreach (var item in search)
{
string appName = plist["CFBundleDisplayName"];
string bundleName = plist["CFBundleIdentifier"];
getFile(finalPath + "/" + item, "tmp\\" + appName + ".png");
using (Bitmap bitmap = new Bitmap("tmp\\" + appName + ".png"))
if (bitmap.Height == 114)
{
Data.dictIcon[appName] = new string[] { item, bundleName }; //1st: icon name, 2nd: bundle name
break;
}
}
}
}
}
// Start iPIN to de-optimize PNGs
Process p2 = new Process();
p2.StartInfo.CreateNoWindow = true;
p2.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
p2.StartInfo.FileName = "tmp\\ipin.exe";
p2.Start();
});
}
}
