Request for example of log output for an infected device in documentation #314
Labels
documentation
Improvements or additions to documentation
Comments
|
Absolutely. I scanned also my backp - and now I do not know anything! Please give some instructions, - or example-output. I wanted to know, if my iphone is infected or not (!) Thats all. How?!?!? |
|
Why not clearly indicate infection Status as the last line that gets logged to STDOUT? I.e. „No infection found.“ or „Found a possible infection with Pegasus“ etc. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I managed to embarass myself by mistaking the output of the script loading the .STIX2 files as and indication that the device was infected i.e.
INFO [mvt.ios.cmd_check_backup] Extracted 1547 indicators for collection with name "Pegasus"
...
I think it would be really helpful to include a visual example of what the log output for an infected device looks like at the end of the "Check a backup with mvt-ios" documentation page.
https://docs.mvt.re/en/latest/ios/backup/check/
e.g an image like this
https://teguh.co/static/99db988b40d1f3994f06983d8baee869/37ff2/iosfinal.png
And/or possibly to include a line at the very end of the log output that either says that some evidence of malware was found, or to confirm that no evidence was found and the device can be trusted.
The text was updated successfully, but these errors were encountered: