DFIRCON EAST Smartphone Forensics Challenge

DFIRCON EAST Smartphone Forensics Challenge

The smartphone dataset contains Malware and an iOS backup file. The goal is to highlight application data often missed by forensic tools. Your job? Find it.

The object of our challenge is simple: Download the smartphone dataset and attempt to answer the 6 questions. To successfully submit for the contest, all answers must be attempted. Each person that correctly answers 4 of the 6 questions will be entered into a drawing to win a FREE DFIR OnDemand course. The contest ends on September 30th, 2014 and we will announce the winner by October 6th 2014. Good luck!

Win a free DFIR OnDemand course by downloading the smartphone dataset and answering the following questions.


DOWNLOAD LINK FOR SMARTPHONE IMAGE: http://dfir.to/SmartPhoneChallengZip14

To successfully submit for the contest. All answers must be attempted. Please include your name and email address.

The winner will be able to choose from the below DFIR OnDemand courses:


SEC504: Hacker Techniques, Exploits & Incident Handling
FOR408: Computer Forensic Investigations - Windows In-Depth
FOR508: Advanced Computer Forensic Analysis and Incident Response
FOR526: Memory Forensics In-Depth
FOR572: Advanced Network Forensics and Analysis
FOR585: Advanced Smartphone Forensics
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques

SANS OnDemand:
SANS OnDemand is the world's leading comprehensive online training for information security professionals. OnDemand offers more than 25 SANS courses whenever and wherever you want from your computer (Windows, Mac, and Linux), iPad or Android tablet. OnDemand allows you to learn at your own pace, spend extra time on complex principles, reinforce concepts with quizzes, and repeat lab exercises - all of which increases your retention of the course material.

Your course enrollment gives you printed course books, CD/DVDs/Toolkits for hands-on exercises (as applicable), four months of online access to our OnDemand e-learning platform featuring a top SANS instructor presenting the material, quizzes, and synchronized video demonstrations/interactive labs (as applicable).

The Smartphone Challenge is sponsored by DFIRCON East. To learn more about DFIRCON East, please visit http://www.sans.org/event/dfircon-east-2014


Rules:
1. Entry: Each participant may respond only once for the challenge. Contest begins on Monday, July 21st, 2014 and ends Tuesday, September 30th, 2014. Responses must be submitted by 9pm EST on September 30th.

2. Prize: Each person that correctly answers at least 4 of the 6 questions will be entered into a drawing to win a FREE DFIR OnDemand course. SANS will choose only one winner, the seat is transferable to another in the same organization/company and does not include a certification attempt. The winner will be chosen by October 6th, 2014 and will be notified by email.

Questions regarding the challenge? Please send to DFIR-Challenge "at" sans.org. (DFIR-Challenge@sans.org )

* 1. What third-party applications have been granted access to device camera photos?

* 2. What third-party applications have been granted access to the device address book?

* 3. Which websites were visited that requested the iPhone's geolocation information for optimal browsing and were granted access?

* 4. What permissions does the application MysteryApp.apk NOT have on the device?

* 5. What is the SHA1 digest value associated with the classes.dex file for the MysteryApp.apk application?

* 6. What foreign language word(s) are found within the MysteryApp.apk application?

* 7. What is your name?

* 8. What is your email address?

T