I have to demonstrate Android forensics for a Digital Forensics class. I need a disk image of the "suspect's mobile phone". I've gone into Android Studio, and in a new AVD, I've just put some contacts and text messages. How can I get an image (.dd or .img), or an Android backup (.ab) of this virtual device?
For the demonstration, I will be using the open source forensics toolkit, Autopsy: Autopsy for Android forensics
My virtual device is running Android 5.1, with Nexus 4 skin.
As per https://android.stackexchange.com/a/78183/239063 you can run a one line command in Linux to add in an appropriate tar header to extract it.
( printf "\x1f\x8b\x08\x00\x00\x00\x00\x00" ; tail -c +25 yourBackUpFile.ab ) | tar xfvz -