3
How to dump RAW Data from Android to PC? (lemmy.world)
submitted 1 week ago by CyberSanitizer@lemmy.world to c/android@lemmy.world
3 comments fedilink hide all child comments

I'm looking for a way to dump raw data from an entire phone or at least the sda block to a PC, using a method other than adb pull.

When I run adb pull /dev/block/sda sdaDump.img, it creates a dump file. To find what I need, I have to search through this raw data using a Hex Editor. If the dump comes from a fully functioning phone, I can usually find what I’m looking for because all the data is still intact.

However, I accidentally wiped the metadata partition on my phone, so the decryption keys/files are gone. Now, because of that, some folders appear empty when checked with TWRP's File Manager, even though the actual files are still there.

If I create a dump now, the raw data in the file won't be the same as when the metadata was present, and those folders weren't showing as empty.

Running adb pull /dev/block/sda sdaDump.img now results in a dump where the Hex Editor shows zeroes (no data) where these files should be.

Is there any alternative method to create a raw data dump of the sda block or entire phone storage, that will capture that data as it is (not empty folders, but the data in them), even if it's encrypted?

I don't want to create the raw data dump onto the phone storage and then transfer it to a PC, but something that works like adb pull, in the sense that it pulls the data from the phone directly onto a PC.

Thanks a lot in advance to everyone!

top 3 comments
sorted by: hot top controversial new old
[-] tedvdb@feddit.nl 2 points 1 week ago

Why do you still want to extract the encrypted data? Do you still have the encryption key somehow? Else even if you desolder the storage, manage to dump the raw bits, you won't be able to get anything useful from it.

[-] lurker8008@lemmy.world 1 points 1 week ago

The key here (ha!) is that you wiped the keys so the data should be irrecoverable.

[-] catloaf@lemm.ee 0 points 1 week ago

The alternative method would be to use professional equipment or send it to a data recovery specialist.

Did my suggestion to use photorec in your last post not work? How do you even know that the runs of zeroes are where the files you're looking for are? Encrypted data and uninitialized space look like random data, so any runs of zeroes are either valid data or something explicitly zeroed.

this post was submitted on 07 Sep 2024
3 points (57.9% liked)

Android

27484 readers
144 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules

1. All posts must be relevant to Android devices/operating system.

2. Posts cannot be illegal or NSFW material.

3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.

4. Non-whitelisted bots will be banned.

5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.

6. Memes are not allowed to be posts, but are allowed in the comments.

7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.

8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.

Community Resources:

We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.

Our Partner Communities:

!android@lemmy.ml

founded 1 year ago
MODERATORS
MargotRobbie@lemmy.world
Rooki@lemmy.world
Thekingoflorda@lemmy.world
L3s@lemmy.world
_MoveSwiftly@lemmy.world