I’m aways happy to give credit where credit is due.
This week I had a dilemma. At work we have a license for Cellebrite Physical Analyzer (excellent software) but we needed to have the ability to obtain physical images of several iOS devices at several locations at once. We needed to act quickly and as cost-effectively as possible.
It was, at this point, that I was put on to Lantern Lite Imager.
You may be familiar with Lantern. It is used to analyze iOS devices and has a nice little feature that displays everything in a timeline. Very good software.
Lantern Lite Imager, unlike its older brother, is free software that uses the bootloader from the redsn0w jailbreak in order to obtain a full physical image of the iPhone 4 and earlier, and the original iPad. Not only does it obtain a full physical image but it also brute-forces any passcode on the device and decrypts the image.
There are only two negatives that I have discovered:
Even if you already know the passcode there is nowhere to enter it. The software MUST crack the passcode.
Speed. While the software can image the devices quickly it does not decrypt on-the-fly like Cellebrite does. This means that you have to wait for the image to acquire and then wait again for the image to decrypt.
Aside from that, the software is brilliant and I recommend it to anyone… as long as you have a Mac. If you don’t, why not?