Hello again readers and welcome back! This blog post is going to be fairly short, as the primary purpose is to publicly announce a new script, cleverly titled "allyourpebblearebelongtous.pl". This Perl script will allow the user to parse out data from a SQLite database associated with Pebble data stored on either an iOS or Android device, and present that information in an easy to read format. Please let me know if you have any questions or comments about the script.
If you would like to see the slides from my SANS presentation, you can view them here
|Parsed notifications from Android device|
|Parsed notifications from iOS device|
The script can be found on our newly created github account:
Please note, in order to run the script you may have to install some Perl modules. On a Windows system, to do this open a command prompt and paste the following command:
ppm install DBI YAML DBD::SQLite Data::Plist DateTime IO::All
On a Linux system, open a terminal window and paste the following command:
sudo cpan DBI YAML DBD::SQLite Data::Plist DateTime IO::All
Additionally, I would like to thank Adrian Leong (https://twitter.com/Cheeky4n6Monkey), Mari DeGrazia (https://twitter.com/maridegrazia), and Heather Mahalik (https://twitter.com/HeatherMahalik) for their help in gathering and testing the collected data.