SlideShare une entreprise Scribd logo

VideoLan VLC Player App Artifact Report

Aziz Sasmaz
Aziz Sasmaz

VideoLan VLC Player App Artifact Report can be used in forensics investigations.This is the windows store app. Watched videos and other valuable information can be found in its sqlite database.

Technologie
1  sur  4
Télécharger pour lire hors ligne
VideoLan VLC Player Artifact Report By AZIZ SASMAZ
Introduction VideoLan VLC Player APP can be downloaded from Windows store. It uses sqlite database to store media information. and a log file LogFile.txt to store run time, played or streamed video and other critical information. Artifact Structure VLC database is sqlite database. VideoLan VLC app creates three database files after installation: background.sqlite, mediavlc.sqlite, mediavlcVideos, settings.sqlite. There is also a LogFile.txt text file is created. In mediavlcVideos.sqlite database, there is a table named VideoItem. There are some important fields in this table: Name, Path, Duration, TimeWatchedSeconds etc. Example: showTitle null Season -1 Episode 0 _id 1 Path C:UsersasasmazVideossecret_video.mp4 Type mp4 Name secret_video Favorite 0 TimeWatchedSeconds 20 Duration 484400000 Lastwatched 2106-05-19 10:03:22 HasThumbNail 1 IsCameraRoll 0 IsCurrentPlaying 0 LogFile.txt file contains important information such as application run time and which files were opened or which videos were streamed from which urls. See a sample content below: App launch 5/19/2016 10:26:31 AM DB does not need to be dropped. Loading artists from MusicDB ... Found 0 artists from MusicDB Loading artists from MusicDB ... Found 0 artists from MusicDB PlayVideoCommand called PLAYVIDEO: VideoVm is not null, continuing PLAYVIDEO: Settings videoVm as Locator.VideoVm.CurrentVideo SetMRL: C:UsersazizsVideos20160508_153702.mp4
PLAYWITHVLC: MediaPlayer instance created PLAYVIDEO: Updating SystemMediaTransportControls PLAYVIDEO: Updating Live Tile PLAYVIDEO: Navigating to VideoPlayerPage SetMRL: https://www.youtube.com/watch?v=06WZXNzTuBM PLAYWITHVLC: MediaPlayer instance created Software Version: Windows 10 Home, Version 1511, OS build 10586.104, VLC 1.7.0.0 for windows store Artifact location: C:UsersasasmazAppDataLocalPackagesVideoLAN.VLCforWindows8_paz6r1rewnh0aLo calState Tools used in Analysis: Text Editor: NotePad or TextPad SQLite Browser: SqLite Database Browser Portable Important Attributes: Below VideoItem table shows forensically important attributes with their data type and description Name Description Sample showTitle Title of the video null Season which season if it's a series -1 Episode which episode if it's a series 0 _id primary key of the table 1 Path The location of the watched video C:UsersasasmazVideosanimal_hunting.mp4 Type Which file type it has mp4 Name Name of the wathed video secret_video Favorite If it is favorited 0 TimeWatchedSecondsHow many seconds the video is watched 20 Duration Duration of the video 484400000 Lastwatched Last watched date 2106-05-19 10:03:22 HasThumbNail If it has a thumbnail 1 IsCameraRoll Is it from the windos surface camera roll 0 IsCurrentPlaying If it is currently playing 0
Date Attributes The date attributes can be found both in LogFile.txt ("App launch 5/19/2016 10:26:31 AM" ) and in mediavlcVideos.sqlite database videoItem.Timewathed field as local time. Investigation Scenario I: Ali has been charged by the court with abusing and killing animals for pleasure. As a suspect of animal torturing, he denies all the claims. And all animal right groups and animal lovers is curious about this case. You are a computer forensics investigator and have been asked the following to support the case: Are there any videos related to animals in the suspects PC? Which videos have been watched? When he run these videos? What is the duration of the video, how long he watched it after opening the file? (Duration is important because the suspect can claim that he accidentally downloaded the suspicious file and after seeing for a a few seconds closed it.) Investigation Scenario 2: A woman sues his boyfriend for taking her videos with his smart phone without her permission and sharing it with a friend of him. As a forensics investigator you have been asked the following: Is there any videos on suspects and his friend's camera roll? Is there any synced videos on their windows 10 PC? (can be identified by IsCameraroll field) When the video was run and what is the last watched date?

Recommandé

Hammertoss: Proof of concept in C#
Hammertoss: Proof of concept in C#Hammertoss: Proof of concept in C#
Hammertoss: Proof of concept in C#Salvatore Saeli
 
Machine Learning and Hadoop: Present and Future
Machine Learning and Hadoop: Present and FutureMachine Learning and Hadoop: Present and Future
Machine Learning and Hadoop: Present and FutureData Science London
 
History of L0phtCrack
History of L0phtCrackHistory of L0phtCrack
History of L0phtCrackcwysopal
 
Intro to linux performance analysis
Intro to linux performance analysisIntro to linux performance analysis
Intro to linux performance analysisChris McEniry
 
Samsung mobile root
Samsung mobile rootSamsung mobile root
Samsung mobile rootBlack Peacocks
 
Nigerian design and digital marketing agency
Nigerian design and digital marketing agencyNigerian design and digital marketing agency
Nigerian design and digital marketing agencySamson Aligba
 
脆弱性診断って何をどうすればいいの?(おかわり)
脆弱性診断って何をどうすればいいの?(おかわり)脆弱性診断って何をどうすればいいの?(おかわり)
脆弱性診断って何をどうすればいいの?(おかわり)脆弱性診断研究会
 
Open Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodOpen Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodFalgun Rathod
 

Recommandé

Hammertoss: Proof of concept in C#
Hammertoss: Proof of concept in C#Hammertoss: Proof of concept in C#
Hammertoss: Proof of concept in C#Salvatore Saeli
 
Machine Learning and Hadoop: Present and Future
Machine Learning and Hadoop: Present and FutureMachine Learning and Hadoop: Present and Future
Machine Learning and Hadoop: Present and FutureData Science London
 
History of L0phtCrack
History of L0phtCrackHistory of L0phtCrack
History of L0phtCrackcwysopal
 
Intro to linux performance analysis
Intro to linux performance analysisIntro to linux performance analysis
Intro to linux performance analysisChris McEniry
 
Samsung mobile root
Samsung mobile rootSamsung mobile root
Samsung mobile rootBlack Peacocks
 
Nigerian design and digital marketing agency
Nigerian design and digital marketing agencyNigerian design and digital marketing agency
Nigerian design and digital marketing agencySamson Aligba
 
脆弱性診断って何をどうすればいいの?(おかわり)
脆弱性診断って何をどうすればいいの?(おかわり)脆弱性診断って何をどうすればいいの?(おかわり)
脆弱性診断って何をどうすればいいの?(おかわり)脆弱性診断研究会
 
Open Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodOpen Source Security Testing Methodology Manual - OSSTMM by Falgun Rathod
Open Source Security Testing Methodology Manual - OSSTMM by Falgun RathodFalgun Rathod
 
Dangerous google dorks
Dangerous google dorksDangerous google dorks
Dangerous google dorksWitgie Solutions
 
How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF n|u - The Open Security Community
 
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...Giovanni Marco Dall'Olio
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Ravi Rajput
 
Hacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtHacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtRaghav Bisht
 
Learning sed and awk
Learning sed and awkLearning sed and awk
Learning sed and awkYogesh Sawant
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basicsamiable_indian
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Linux intro 5 extra: makefiles
Linux intro 5 extra: makefilesLinux intro 5 extra: makefiles
Linux intro 5 extra: makefilesGiovanni Marco Dall'Olio
 
Linux intro 4 awk + makefile
Linux intro 4 awk + makefileLinux intro 4 awk + makefile
Linux intro 4 awk + makefileGiovanni Marco Dall'Olio
 
Linux intro 2 basic terminal
Linux intro 2 basic terminalLinux intro 2 basic terminal
Linux intro 2 basic terminalGiovanni Marco Dall'Olio
 
Linux intro 5 extra: awk
Linux intro 5 extra: awkLinux intro 5 extra: awk
Linux intro 5 extra: awkGiovanni Marco Dall'Olio
 
Linux intro 1 definitions
Linux intro 1 definitionsLinux intro 1 definitions
Linux intro 1 definitionsGiovanni Marco Dall'Olio
 
Linux intro 3 grep + Unix piping
Linux intro 3 grep + Unix pipingLinux intro 3 grep + Unix piping
Linux intro 3 grep + Unix pipingGiovanni Marco Dall'Olio
 
Unix Operating System
Unix Operating SystemUnix Operating System
Unix Operating Systemsubhsikha
 
Complete Guide to Seo Footprints
Complete Guide to Seo FootprintsComplete Guide to Seo Footprints
Complete Guide to Seo FootprintsPritesh Das
 
Learn 90% of Python in 90 Minutes
Learn 90% of Python in 90 MinutesLearn 90% of Python in 90 Minutes
Learn 90% of Python in 90 MinutesMatt Harrison
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101Amit Ranjan
 
A Standalone Content Sharing Application for Spontaneous Communities of Mobil...
A Standalone Content Sharing Application for Spontaneous Communities of Mobil...A Standalone Content Sharing Application for Spontaneous Communities of Mobil...
A Standalone Content Sharing Application for Spontaneous Communities of Mobil...Amir Krifa
 
The Pros and Cons of Using a TV Guide for Your Viewing Needs.pdf
The Pros and Cons of Using a TV Guide for Your Viewing Needs.pdfThe Pros and Cons of Using a TV Guide for Your Viewing Needs.pdf
The Pros and Cons of Using a TV Guide for Your Viewing Needs.pdfAllen Hewitt
 
Technology And Life
Technology And LifeTechnology And Life
Technology And LifeSunil Swain
 

Contenu connexe

En vedette

Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...Giovanni Marco Dall'Olio
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Ravi Rajput
 
Hacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtHacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtRaghav Bisht
 
Learning sed and awk
Learning sed and awkLearning sed and awk
Learning sed and awkYogesh Sawant
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Unix Operating System
Unix Operating SystemUnix Operating System
Unix Operating Systemsubhsikha
 
Complete Guide to Seo Footprints
Complete Guide to Seo FootprintsComplete Guide to Seo Footprints
Complete Guide to Seo FootprintsPritesh Das
 
Learn 90% of Python in 90 Minutes
Learn 90% of Python in 90 MinutesLearn 90% of Python in 90 Minutes
Learn 90% of Python in 90 MinutesMatt Harrison
 

En vedette (19)

Dangerous google dorks
Dangerous google dorksDangerous google dorks
Dangerous google dorks
 
How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF
 
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...
Thesis defence of Dall'Olio Giovanni Marco. Applications of network theory to...
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
 
Hacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtHacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav Bisht
 
Learning sed and awk
Learning sed and awkLearning sed and awk
Learning sed and awk
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basics
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Linux intro 5 extra: makefiles
Linux intro 5 extra: makefilesLinux intro 5 extra: makefiles
Linux intro 5 extra: makefiles
 
Linux intro 4 awk + makefile
Linux intro 4 awk + makefileLinux intro 4 awk + makefile
Linux intro 4 awk + makefile
 
Linux intro 2 basic terminal
Linux intro 2 basic terminalLinux intro 2 basic terminal
Linux intro 2 basic terminal
 
Linux intro 5 extra: awk
Linux intro 5 extra: awkLinux intro 5 extra: awk
Linux intro 5 extra: awk
 
Linux intro 1 definitions
Linux intro 1 definitionsLinux intro 1 definitions
Linux intro 1 definitions
 
Linux intro 3 grep + Unix piping
Linux intro 3 grep + Unix pipingLinux intro 3 grep + Unix piping
Linux intro 3 grep + Unix piping
 
Unix Operating System
Unix Operating SystemUnix Operating System
Unix Operating System
 
Complete Guide to Seo Footprints
Complete Guide to Seo FootprintsComplete Guide to Seo Footprints
Complete Guide to Seo Footprints
 
Learn 90% of Python in 90 Minutes
Learn 90% of Python in 90 MinutesLearn 90% of Python in 90 Minutes
Learn 90% of Python in 90 Minutes
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101
 

Similaire à VideoLan VLC Player App Artifact Report

A Standalone Content Sharing Application for Spontaneous Communities of Mobil...
A Standalone Content Sharing Application for Spontaneous Communities of Mobil...A Standalone Content Sharing Application for Spontaneous Communities of Mobil...
A Standalone Content Sharing Application for Spontaneous Communities of Mobil...Amir Krifa
 
The Pros and Cons of Using a TV Guide for Your Viewing Needs.pdf
The Pros and Cons of Using a TV Guide for Your Viewing Needs.pdfThe Pros and Cons of Using a TV Guide for Your Viewing Needs.pdf
The Pros and Cons of Using a TV Guide for Your Viewing Needs.pdfAllen Hewitt
 
Technology And Life
Technology And LifeTechnology And Life
Technology And LifeSunil Swain
 
Technology And Life
Technology And LifeTechnology And Life
Technology And LifeSunil Swain
 
JAM316 - Native API Deep Dive: Multimedia Playback & Streaming
JAM316 - Native API Deep Dive: Multimedia Playback & StreamingJAM316 - Native API Deep Dive: Multimedia Playback & Streaming
JAM316 - Native API Deep Dive: Multimedia Playback & StreamingDr. Ranbijay Kumar
 
Developing rich multimedia applications with FI-WARE.
Developing rich multimedia applications with FI-WARE.Developing rich multimedia applications with FI-WARE.
Developing rich multimedia applications with FI-WARE.Luis Lopez
 
Streaming video to html
Streaming video to htmlStreaming video to html
Streaming video to htmljeff tapper
 
Cocoaheads - Streaming on iOS devices
Cocoaheads - Streaming on iOS devicesCocoaheads - Streaming on iOS devices
Cocoaheads - Streaming on iOS devicesNirbhay Kundan
 
Video Pool Idea By Renat Zarbailov
Video Pool Idea By Renat ZarbailovVideo Pool Idea By Renat Zarbailov
Video Pool Idea By Renat Zarbailovinnomind
 
Creating Integrating Video
Creating Integrating VideoCreating Integrating Video
Creating Integrating Videogetchan
 
Twitch Plays Pokémon: Twitch's Chat Architecture
Twitch Plays Pokémon: Twitch's Chat ArchitectureTwitch Plays Pokémon: Twitch's Chat Architecture
Twitch Plays Pokémon: Twitch's Chat ArchitectureC4Media
 
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_WindowsChetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_Windowsguest66dc5f
 
(130316) #fitalk bit torrent protocol
(130316) #fitalk bit torrent protocol(130316) #fitalk bit torrent protocol
(130316) #fitalk bit torrent protocolINSIGHT FORENSIC
 

Similaire à VideoLan VLC Player App Artifact Report (20)

A Standalone Content Sharing Application for Spontaneous Communities of Mobil...
A Standalone Content Sharing Application for Spontaneous Communities of Mobil...A Standalone Content Sharing Application for Spontaneous Communities of Mobil...
A Standalone Content Sharing Application for Spontaneous Communities of Mobil...
 
The Pros and Cons of Using a TV Guide for Your Viewing Needs.pdf
The Pros and Cons of Using a TV Guide for Your Viewing Needs.pdfThe Pros and Cons of Using a TV Guide for Your Viewing Needs.pdf
The Pros and Cons of Using a TV Guide for Your Viewing Needs.pdf
 
Technology And Life
Technology And LifeTechnology And Life
Technology And Life
 
Technology And Life
Technology And LifeTechnology And Life
Technology And Life
 
youtube
youtubeyoutube
youtube
 
Open tok api_tutorials
Open tok api_tutorialsOpen tok api_tutorials
Open tok api_tutorials
 
OpenTok_API_Tutorials.pdf
OpenTok_API_Tutorials.pdfOpenTok_API_Tutorials.pdf
OpenTok_API_Tutorials.pdf
 
JAM316 - Native API Deep Dive: Multimedia Playback & Streaming
JAM316 - Native API Deep Dive: Multimedia Playback & StreamingJAM316 - Native API Deep Dive: Multimedia Playback & Streaming
JAM316 - Native API Deep Dive: Multimedia Playback & Streaming
 
Dos presentation by ahlam shakeel
Dos presentation by ahlam shakeelDos presentation by ahlam shakeel
Dos presentation by ahlam shakeel
 
Developing rich multimedia applications with FI-WARE.
Developing rich multimedia applications with FI-WARE.Developing rich multimedia applications with FI-WARE.
Developing rich multimedia applications with FI-WARE.
 
Streaming video to html
Streaming video to htmlStreaming video to html
Streaming video to html
 
Cocoaheads - Streaming on iOS devices
Cocoaheads - Streaming on iOS devicesCocoaheads - Streaming on iOS devices
Cocoaheads - Streaming on iOS devices
 
Video Pool Idea By Renat Zarbailov
Video Pool Idea By Renat ZarbailovVideo Pool Idea By Renat Zarbailov
Video Pool Idea By Renat Zarbailov
 
Creating Integrating Video
Creating Integrating VideoCreating Integrating Video
Creating Integrating Video
 
StreamRoot Meetup WebRTC
StreamRoot Meetup WebRTCStreamRoot Meetup WebRTC
StreamRoot Meetup WebRTC
 
Twitch Plays Pokémon: Twitch's Chat Architecture
Twitch Plays Pokémon: Twitch's Chat ArchitectureTwitch Plays Pokémon: Twitch's Chat Architecture
Twitch Plays Pokémon: Twitch's Chat Architecture
 
Audio and Video Streaming
Audio and Video StreamingAudio and Video Streaming
Audio and Video Streaming
 
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_WindowsChetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
 
My Media at University of Toronto Libraries
My Media at University of Toronto LibrariesMy Media at University of Toronto Libraries
My Media at University of Toronto Libraries
 
(130316) #fitalk bit torrent protocol
(130316) #fitalk bit torrent protocol(130316) #fitalk bit torrent protocol
(130316) #fitalk bit torrent protocol
 

Dernier

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Dernier (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

VideoLan VLC Player App Artifact Report

  • 1. VideoLan VLC Player Artifact Report By AZIZ SASMAZ
  • 2. Introduction VideoLan VLC Player APP can be downloaded from Windows store. It uses sqlite database to store media information. and a log file LogFile.txt to store run time, played or streamed video and other critical information. Artifact Structure VLC database is sqlite database. VideoLan VLC app creates three database files after installation: background.sqlite, mediavlc.sqlite, mediavlcVideos, settings.sqlite. There is also a LogFile.txt text file is created. In mediavlcVideos.sqlite database, there is a table named VideoItem. There are some important fields in this table: Name, Path, Duration, TimeWatchedSeconds etc. Example: showTitle null Season -1 Episode 0 _id 1 Path C:UsersasasmazVideossecret_video.mp4 Type mp4 Name secret_video Favorite 0 TimeWatchedSeconds 20 Duration 484400000 Lastwatched 2106-05-19 10:03:22 HasThumbNail 1 IsCameraRoll 0 IsCurrentPlaying 0 LogFile.txt file contains important information such as application run time and which files were opened or which videos were streamed from which urls. See a sample content below: App launch 5/19/2016 10:26:31 AM DB does not need to be dropped. Loading artists from MusicDB ... Found 0 artists from MusicDB Loading artists from MusicDB ... Found 0 artists from MusicDB PlayVideoCommand called PLAYVIDEO: VideoVm is not null, continuing PLAYVIDEO: Settings videoVm as Locator.VideoVm.CurrentVideo SetMRL: C:UsersazizsVideos20160508_153702.mp4
  • 3. PLAYWITHVLC: MediaPlayer instance created PLAYVIDEO: Updating SystemMediaTransportControls PLAYVIDEO: Updating Live Tile PLAYVIDEO: Navigating to VideoPlayerPage SetMRL: https://www.youtube.com/watch?v=06WZXNzTuBM PLAYWITHVLC: MediaPlayer instance created Software Version: Windows 10 Home, Version 1511, OS build 10586.104, VLC 1.7.0.0 for windows store Artifact location: C:UsersasasmazAppDataLocalPackagesVideoLAN.VLCforWindows8_paz6r1rewnh0aLo calState Tools used in Analysis: Text Editor: NotePad or TextPad SQLite Browser: SqLite Database Browser Portable Important Attributes: Below VideoItem table shows forensically important attributes with their data type and description Name Description Sample showTitle Title of the video null Season which season if it's a series -1 Episode which episode if it's a series 0 _id primary key of the table 1 Path The location of the watched video C:UsersasasmazVideosanimal_hunting.mp4 Type Which file type it has mp4 Name Name of the wathed video secret_video Favorite If it is favorited 0 TimeWatchedSecondsHow many seconds the video is watched 20 Duration Duration of the video 484400000 Lastwatched Last watched date 2106-05-19 10:03:22 HasThumbNail If it has a thumbnail 1 IsCameraRoll Is it from the windos surface camera roll 0 IsCurrentPlaying If it is currently playing 0
  • 4. Date Attributes The date attributes can be found both in LogFile.txt ("App launch 5/19/2016 10:26:31 AM" ) and in mediavlcVideos.sqlite database videoItem.Timewathed field as local time. Investigation Scenario I: Ali has been charged by the court with abusing and killing animals for pleasure. As a suspect of animal torturing, he denies all the claims. And all animal right groups and animal lovers is curious about this case. You are a computer forensics investigator and have been asked the following to support the case: Are there any videos related to animals in the suspects PC? Which videos have been watched? When he run these videos? What is the duration of the video, how long he watched it after opening the file? (Duration is important because the suspect can claim that he accidentally downloaded the suspicious file and after seeing for a a few seconds closed it.) Investigation Scenario 2: A woman sues his boyfriend for taking her videos with his smart phone without her permission and sharing it with a friend of him. As a forensics investigator you have been asked the following: Is there any videos on suspects and his friend's camera roll? Is there any synced videos on their windows 10 PC? (can be identified by IsCameraroll field) When the video was run and what is the last watched date?