I had the opportunity to present to a bunch of folks in one of my favorite places, Norway (yes, again!) I wanted to take an initial look into Apple ...
admin
![Quarantine Edition [Entry 5] – Login Inception!? Yes! – Local Logins! — mac4n6.com](https://som2nynetwork.com/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pb/WFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGc29tMm55bmV0d29yay5jb20lMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRnRodW1ic19kaXIlMkYzeWVleWUtMjM4OTkydGRwZTU2bWt0aHZ5ZzVnYmp2enN2ajN5bXFkZ3FobHRwazRmdm8uanBnJmNhY2hlTWFya2VyPTE3NDQ0NDA5NzgtMTc3MzgmdG9rZW49YmFlZDk3YjFmMGZhYmZmNg.q.jpg)
In the last article, I showed how you can find these processes using other log types. Let’s see what local logins look like in unified logs. Trying to ...
![Quarantine Edition [Entry 6] – Working From Home? Remote Logins — mac4n6.com](https://som2nynetwork.com/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGc29tMm55bmV0d29yay5jb20lMkZ3cC1jb250ZW50J/TJGdXBsb2FkcyUyRnRodW1ic19kaXIlMkZpZi15b3UtY291bGQtYXRsZWFzdC1wcmV0ZW5kLXRvLXdvcmstZnJvbS1ob21lLXRoYXQtMTc5OTc4MDctMjM3eTg5a3Z6Z2RydHdzeGtkOHJsOHByMXY0YjFzaW8zdmRzNG90bGh1eWMuanBnJmNhY2hlTWFya2VyPTE3NDQ0NDEwMDYtMTY5MjkmdG9rZW49N2UxMzhhY2VhMjliMzllNw.q.jpg)
When Remote Login is turned on in the Sharing preferences, the system will have an SSH server enabled. Let’s take a look at what an incoming SSH ...
![Quarantine Edition [Entry 7] – Exploring USBMSC devices with –style — mac4n6.com](https://som2nynetwork.com/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbW/FnZXMmc3JjPWh0dHBzJTNBJTJGJTJGc29tMm55bmV0d29yay5jb20lMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRnRodW1ic19kaXIlMkZnaXBoeS0yLTIzN244eHEzZXowcnAwd2x2YW8xbnJpb2hpZzc2ajVtdW5rbGs2OTM3bWxnLmdpZiZjYWNoZU1hcmtlcj0xNzQ0NDQxMDA0LTE3NDk3JnRva2VuPTFjOWQ2NTU0MTMxZmJjNmM.q.gif)
The compact option removes the Activity ID and TTL from the ‘default’ output while compressing other fields.The next couple of log output styles is ...
I’ll walk you through using BlackLight’s APOLLO plugin to track user application usage (knowledgeC, Power Log and Screen Time), device states, network ...
![Quarantine Edition [Entry 8] – Man! What a process!? — mac4n6.com](https://som2nynetwork.com/wp-content/plugins/phastpress/phast.php/c2VydmljZ/T1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGc29tMm55bmV0d29yay5jb20lMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRnRodW1ic19kaXIlMkZnaWYxLTIzNnl6ejZlZG40djFkdG41MWJibHZhY2tpbGZlZW1iNXY5dGFqYjNrZ2QwLmdpZiZjYWNoZU1hcmtlcj0xNzQ0NDQxMDA0LTY4MjImdG9rZW49MzMyMDgxZjU4OTk5NjJmZQ.q.gif)
A quick trick to get more info when you are testing different Unified log examples is to use Terminal’s man page lookup feature. This is useful to ...
![Quarantine Edition [Entry 9] – We all know you’re binging Netflix! Now Playing on your Apple Devices! — mac4n6.com](https://som2nynetwork.com/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0d/HBzJTNBJTJGJTJGc29tMm55bmV0d29yay5jb20lMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRnRodW1ic19kaXIlMkYxNzQwNjE0NjkzX2dpcGh5LTMtMjM1dHNpMDA1Z2FqN2IwMzViaXJ4Ym9idW1zYjB5NThmeGlvNDQ2bGtscjguZ2lmJmNhY2hlTWFya2VyPTE3NDQ0NDA5NjYtMTI2NDUmdG9rZW49OWZhZTUzMGJlYmI4ZWJlYw.q.gif)
We’ve been trapped inside our homes for months. We’ve reached the end of Netflix, listened to everything on Apple Music, watched old vacation videos ...
![Quarantine Edition [Entry 10] – You down with TCC? Yea, you know me! Tracking App Permissions and the TCC APOLLO Module — mac4n6.com](https://som2nynetwork.com/wp-content/plugins/phastpress/phast.php/c2VydmljZ/T1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGc29tMm55bmV0d29yay5jb20lMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRnRodW1ic19kaXIlMkZpbWczLTIzNWhqdjR5bTVjc3k1aTgydWxtdGJlM2s0dHcycW1qcXd6MWJ6bHFndGpnLnBuZyZjYWNoZU1hcmtlcj0xNzQ0NDQxMDA2LTk0MzYmdG9rZW49OTBiZTM1ZjRkNmI5YTllYg.q.png)
Toggling permissions back and forth I can see the same entries I might see on macOS, however notice the ‘Volatile’ column for these entries are set to a ...
If you don’t have time to research but would like to hear more about it, tune in to my talk at the SANS DFIR Summit on July 16th! If you do, try out this ...
It’s been a while since I last jailbroke an Apple TV and had a forensic look at it. Using the checkra1n jailbreak, I decided to give it a try. The ...
