Forensics toolkit for the Xbox 360 | Xbox

Top 10 Game Chart

Friday, 01 May 2009 14:44

A forensics toolkit for the Xbox 360 is described by US researchers in the latest issue of the International Journal of Electronic Security and Digital Forensics. Some criminals do use their Xbox 360 to store their data.

Xbox 360

Criminals often hide illicit data on the XBox in the hope that a gaming console will not be seen as a likely evidence target especially when conventional personal computers are present in the same premises.

The toolkit developed by David Collins will allow police & other investigators the chance to lay bare the contents of XBox 360 hard disks.

Collins' XFT utility can mount an image of the FATX file system used by the XBox, allowing the user to explore in detail the directory structure. Collins points out that unlike the standard FAT32, NTFS, and similar systems used by the hard disks in personal computers, there is little documentation on the proprietary FATX system. However, it is possible nevertheless to acquire an image of a FATX hard disk and to mount it on another device.

"Once the Xbox file system is mounted, the analyst can use shell commands to browse the directory tree, open files, view files in hex editor mode, list the contents of the current directory in short or long mode and expand the current directory to list all associated subdirectories and files," explains Collins in e! Science News article.

Importantly, from the legal perspective, XFT can also record such investigative sessions for playback in a court of law, which protects the defendant from falsified as well as providing more solid evidence for the prosecution.

Collins explains how future work on XFT will involve making the toolkit into a fully functional forensic operating system (OS). This OS will be packaged as both a bootable operating system from a hard disk and a "live" bootable compact disk. "This implementation will be open source, verbosely commented and designed from the ground up as a forensic OS," says Collins, "This will remove any and all proprietary operating system dependencies, making the forensic process as transparent as possible."

Look here for the original article.

< Prev		Next >

Bookmark/Add to favorites

TeamXbox News

Lara Croft and the Guardian of Light Theme
Crystal Dynamics announce that Lara Croft and the Guardian of Light Premium Theme and Avatar are coming to Xbox LIVE Marketplace.
Celebs Reveal the Halo Reach Elite Spartan Squad
Rio Ferdinand and Jason Bradbury reveal the Halo Reach Elite Spartan Squad
Win $5,000 for Making a Trials HD Track
The Big Thrills contest is in full effect, check out the details for winning yourself some cash and seeing your level in the upcoming Trials HD expansion pack.