Friday, July 16, 2021

On-Site IT Support - Email Support

Went down to customer place for an IT Support in Singapore. He stays in 38 floor of a unit. 16 Years living abroad in Shanghai, China

He called me up asking if I can help him with his NetEase 网易企业邮箱 as he is unable to login to it in Singapore

I did some configuration to the Mail Server (MX record) now he is able to login, receive and send email
He also requested for the email in NetEase 网易企业邮箱 to be forwarded to Microsoft Outlook
I got the IMAP and SMTP Server settings and proceed to setup email forwarding
Microsoft Outlook
Port: 587
Encryption Method: STARTTLS
Port: 993
Encryption Method: TLS
Customer thanks me for the help for solving his email issue

iPhone 7 Plus - Data Extraction (Retrieve Photos) and Jailbreak iOS 14.6

iPhone 7 Plus on iOS 14.6

Took up this challenging job. iPhone is Disabled, Customer just want to retrieve out his photos in the iPhone as he has no backup of it

It took me days working on it trying to figure out how am I able to extract out the data without first wiping off the iOS system

That when I found out there is this Forensic Toolkit software for iOS that claim it is able to do it

Using the Forensic Toolkit, where I still facing some difficulty as I need to know what steps need to be done

1.) iPhone need to be Jailbreak first

Booted my PC into Ubuntu (Linux), put iPhone in DFU Mode and downloaded checkra1n

After iPhone is being Jailbroken and bootup

Boot back into Windows OS and run the Forensic Toolkit and Wait ...

Successfully Remove the (iPhone is Disabled)

Now I can move on to extract out the data (photos) using the Physical Acquisition method

Customer thanks me for my service and the help to actually recovered all his precious photos.

2.) The Activation Lock part

Need to re-jailbreak again as the Jailbreak will only stays until reboot

iPhone is being restored back to factory settings. There is another lock is called the "Activation Lock" Which require to sign in using Apple ID

Customer used his own Apple ID and Sign-In

* In the case that if he has forgotten it then either have to reset or use a Untethered method to bypass it

Friday, July 2, 2021

宏碁笔记本电脑维修 (清除电脑病毒) Acer Laptop Repair (Remove Malware)

今天收到一台宏碁的笔记本电脑,顾客维修的 把电脑给启动后 就发现 好大个的光标出现在屏幕上


扫描了整个电脑把病毒给清除了, 然后在把用户给恢复原厂

Receive a Acer Laptop for repair. The moment I power it on I notice a big cursor on the screen

The scary thing is that the cursor, it will automatically move by it own without I even touching the trackpad

This tells me that something is wrong, I suspected it would have been infected with a Malware

I then installed a Antivirus software into the machine and run a Full System Scan. The Antivirus detected a Malware in the system

I did a clean up, removed the Malware and restored the User Account in it back to factory setting