dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
558
wombatify
join:2014-10-14
Australia

2 recommendations

wombatify

Member

iPhone Backup Extractor

[MODERATOR: The following refers to experience on Apple products. My concern is that the product runs on Windows, MacOS, and iOS. So this experience should interest most users]

Look here to see what the product claims to do:
»www.iphonebackupextractor.com/

I had carelessly changed my iPad Passcode to a simple 5 lowercase alphabetics, but did not write it down. By my calculations there are 120 different ways these can be typed in.There are no multiple attempts on a new Passcode and every error locks you out for 15 minutes. So you could, at worst, get lucky after 30 hours. Hence my search for another way.
iPhone Backup Extractor seemed ideal and I grabbed the free one. I made sure that it could only get at a local (on-iPhone) backup from a few days before.
Several things went wrong. Firstly, there was nothing intelligible in the output, nor any means of finding anything. After giving up in disgust I noticed a number of very strange things.

Virustotal showed a 5/55 score with ESET and Malwarebytes in the 5.

===
The app's dock icon was on the desktop
I could not raise the dock..
The ever-reliable AppCleaner failed to remove it, despite having no error message (Hey! It never has an error message, it just works).
The app was still alive and kicking in Applications.
It refused to be moved to the Bin.
===
These 5 symptoms disappeared after a reboot.

My concern is that something that can dig so deeply into the internals should behave pathologically. Has it done any damage? Could such damage affect any attempted restore of the Mac itself?

Macbook Air (original version!) with iOS 10.7.5, iPhone 4 with iOS 7.1.2

Drunkula
Premium Member
join:2000-06-12
Denton, TX

Drunkula

Premium Member

Out of curiosity how did you get 120 combinations? (26^5)-1 = 11,81,375 combinations.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

I think he knew what letters just forgot the order. Meaning it would be 5^5 not 26^5
wombatify
join:2014-10-14
Australia

wombatify to Drunkula

Member

to Drunkula
Learn some math! There were 5 keys, and I knew which ones The question is then how many different ways can you hit each each key in some order/ The answer is 5*4*3*2*1 = 120. Should I bother explaining,,,? When you choose key 1 that leaves a choice of 4 keys. Your second choice leaves 3 keys, ...3rd 2 keys ...4th 1 key. Get it!
wombatify

wombatify to Nanaki

Member

to Nanaki
You need to go back to school too.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy to wombatify

Premium Member

to wombatify
said by wombatify:

I had carelessly changed my iPad Passcode to a simple 5 lowercase alphabetics,

You'd think if it were simple you would have remembered it.
wombatify
join:2014-10-14
Australia

wombatify to Drunkula

Member

to Drunkula
I said I had chosen 5 lowercase letters. Now, as to your arithmetic, the number of permutations of n>1 objects is n! 5!=5*4*3*2*1
wombatify

wombatify to Drunkula

Member

to Drunkula
FYI the number of combinations of n things taken r at a time is
(n!)/(r!)(n-r)!
Here n=r=5, so we get 5/5*1 =5 Note that 0!=1

We really wanted permutations which is
(n!)/(n-r)! Once again with n=r=5 we get 5/1 = 5

The number of combinations of n things taken n at a time is the same as the number of permutations of n things taken n at a time and it is n!

I am sure that n! for n>1 stands (informally) for
n*(n-1)*(n-2)...*3*2*1 and 0!, by convention is 1

Drunkula
Premium Member
join:2000-06-12
Denton, TX

Drunkula to wombatify

Premium Member

to wombatify
Well excuse me.

Chubbzie
join:2014-02-11
Greenville, NC

Chubbzie to wombatify

Member

to wombatify
Have you run a file system permissions check?
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned) to Snowy

Member

to Snowy
I was thinking the same. To put it simply there's no way to forget all the letter positions. What this smells like to me is a little shill action. Ither for a product or against one. 5 lowercase letters would be all but impossible to forget the order for even say 3 of them but to forget all 5? Something just does not smell right. Not to mention his attitude.

Worst case he should remember at least 2 letters in 2 locations leaving him with 3 to guess. A few tries and done.

Chubbzie
join:2014-02-11
Greenville, NC

Chubbzie

Member

said by Nanaki:

Not to mention his attitude.

For sure.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy to Nanaki

Premium Member

to Nanaki
said by Nanaki:

What this smells like to me is a little shill action.

Pushing an electronic delivery hacking product on a security forum?
This forum as many other security forums is not built on a group of law abiding, fair playing professionals though some do participate.

All it would take is just ONE pissed off or irritated forum member, visitor or lurker to put into motion a well written advertising bot on the undernet that advertises the product for what it is.

The bad guys would jump all over it - using other peoples credit/debit card info for the purchase.
I seriously doubt any company would knowingly place itself at that level of risk for a little free advertising.
If it was about bashing (personally I doubt that) the OP has my full respect for knowing the downside to security forum spamming.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

said by Snowy:

All it would take is just ONE pissed off or irritated forum member, visitor or lurker to put into motion a well written advertising bot on the undernet that advertises the product for what it is.

I know there are plenty here who could do some real damage. I was here when the el cheapo router challenge going on to see just how secure even the cheapest plain old router was. That was really quite interesting to see the results of.

As for security professionals i would say dslreports security forum has more than it's fair share.

As you well know iv'e known many here from before my days here. It has been so long well over 1 years now i can't remember if one told me about this site or if i just came here on my own.

My doubts about the op come from his other similar postings on other forums here about other products. And again just his attitude.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy

Premium Member

said by Nanaki:

As for security professionals i would say dslreports security forum has more than it's fair share.

Absolutely.
I didn't mean to imply otherwise but the strength/beauty of this particular security forum is in the mix.
From patient seasoned Professions discussing matters with eager noobs to Professionals cutting their teeth to people just interested in security as a hobby this forum is No ka `oi
wombatify
join:2014-10-14
Australia

wombatify

Member

Here's more icing on the cake! I could not empty the bin because the .dmg for the product was reported as active. I searched far and wide for an install occurring then, surprise, surprise, found the original .dmg was still in Downloads as well as in the Bin. Of course it would not delete. I finally used the wonderful Trash it! app to clean things up. You boot into safe mode (hold down S) before using it and it basically asks whether you consider this a fairly simple issue or a difficult one. Choose the difficult option and it just tells you to wait until the Bin settles down. You look, it's empty, and the one in Downloads has disappeared too. I'm glad I didn't buy the Pro version... Oh, and to those idiots who think I'm a Shill for posting the link, what sort of company would I be working for? Go check Virustotal for yourselves.
wombatify

wombatify to Snowy

Member

to Snowy
At 05:00 after a long night without sleep, anyone can make a mistake.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy to wombatify

Premium Member

to wombatify
said by wombatify:

Go check Virustotal for yourselves.

I was on the fence about you shilling but believed if you threw out the challenge
"Go check Virustotal for yourselves."
that would be enough for me to believe shill.

I double checked the file yesterday @virustotal & wasn't able to confirm your claim of 5/55.
In fact the scan concluded "Probably harmless! There are strong indicators suggesting that this file is safe to use."

There are a few legit reasons why I was unable to replicate your claim but as soon as you tossed out your challenge I dismissed the legit possibilities.

It's the reason I didn't challenge your claim of 5/55 - I wanted to see if you would bring it up if no one else did.

Bad mouthing a product with facts that can be easily disproved is not rocket shilling - it's more like shilling 101.

Regardless of my opinion, Welcome to the forum!
Expand your moderator at work

Wildcatboy
Invisible
Mod
join:2000-10-30
Toronto, ON

1 recommendation

Wildcatboy to wombatify

Mod

to wombatify

Re: iPhone Backup Extractor


Suspicious content + attitude = lock.
System

to wombatify

Anon

to wombatify
This topic has been closed. Reason: run its course

to wombatify

Anon

to wombatify
This topic has been closed. Reason: run its course