Last active
August 20, 2018 14:38
-
-
Save alethenorio/47dd699916c629bf73b9 to your computer and use it in GitHub Desktop.
Retrieving android disk dump
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Go into Android connected device with "adb shell" | |
| # Run mount and find the /data mount block device. You can ls the "byname" ones to find the actual block device | |
| # Extract the base block device. E.g | |
| # If we find out /data is in /dev/block/mmcblk0p27 then we should use /dev/block/mmcblk0 | |
| # Dump the memory | |
| # Dump it raw | |
| adb shell "su -c 'stty raw; cat /dev/block/mmcblk0'" > /tmp/androind_data_dump.raw | |
| # Or dump it with dd | |
| adb shell "su -c 'stty raw; dd if=/dev/block/mmcblk0'" | dd of=/tmp/androind_data_dump.dd | |
| # Maybe even | |
| adb shell "stty raw; su -c 'stty raw; dd if=/dev/block/mmcblk0'" | dd of=/tmp/androind_data_dump.dd |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment