Android device acquisition with Oxygen Forensic
The program Oxygen Forensic has been already described previously in Chapter 1. In this chapter, the physical dump of a device via Oxygen Forensic will be shown. In order to make a physical dump, you need to have superuser’s permissions. You need to gain root access to the device in order to get superuser’s permissions. There are many ways to gain the root access at the Android device, the description of which is beyond the scope of this book. A special feature of Oxygen Forensic is that before the physical dump is made, the program tries to gain the root access automatically by means of consistent usage of different types of exploits. This function does not lead to any damage of the device. On one hand, this function is a great virtue, but on the other hand, it can be used only for a limited range of devices. On the internet, many methods of gaining root access for a great number of devices are described, but there is a possibility that applying these methods can lead to the damage of the device beyond recovery even before the data extraction.