Initialization vectors. Digital Forensics and Incident Reaction. All things InfoSec

Initialization vectors. Digital Forensics and Incident Reaction. All things InfoSec

Finding Badoo chats in Android os utilizing SQL inquiries as well as the MAGNET App Simulator

The Badoo complimentary talk and Dating software keeps user created chats into the following SQLite database:

The after questions can be utilized as templates to draw out chats through the Badoo database:

  • Communications
    • Sender name, receiver name, chat message, create time, modified time, host status, payload.
  • Consumer information
    • Consumer ID, username, sex, age, individual image url, photo url, max messages that are unanswered delivering multimedia enabled, user deleted.

The Badoo application is just a chat and dating platform for Android os and iOS. The software site claims a to have over 425,000,000 users and counting.

The application appear to be fairly popular into the Bing Enjoy store with more than 4 million reviews.


The after analysis came become because of a demand from an electronic forensics examiner perhaps perhaps maybe not having the ability to parse the application information making use of commercial mobile forensic tools. We procured permission from my colleague to make use of the data sets when you look at the development regarding the questions and associated article. With that said i am going to obscure usernames and talk content within the data sets simply because that they’re in French, which i actually do perhaps not talk, and I also wish to avoid posting something with no knowledge of just what it states.

Analysis via SQL questions

The information is held into the SQLite ChatComDatabase file located when you look at the directory. Inside the database you will find 2 tables containing information of great interest.

Conversation_info This table offers the user IDs, sex, individual names, age and profile photo URLs for the users that chatted with all the Badoo app that is local individual. Continue reading “Initialization vectors. Digital Forensics and Incident Reaction. All things InfoSec”