JP Vossen on 14 Feb 2008 16:33:16 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] "unerase" for linux ext3? 

 > Date: Thu, 14 Feb 2008 17:15:41 -0500
 > From: Eric <eric@lucii.org>
 > Subject: Re: [PLUG] "unerase" for linux ext3?
 >
 > When I ran the grep command it told me that "binary file /dev/sdb2
 > matches"  :-)

Good!  So you've found *something*...


 > I need a command that finds the matching string and outputs the next
 > block of characters to a file (on another device of course.).  Hummm
 > Perl comes to mind.

Sorry, my mistake.  Add '-a' to grep to force ASCII mode.  See also -B, 
-A, -C for the before, after, or both context amount options.

Here's the thread on my oops, less than 1 year ago.  Huh, thought it was 
longer.
http://groups.google.com/group/pantug/msg/b67213cfcad4bfa1

Grep commands (as root) I used, where my data partition on my RAID5
array is on /dev/sda2:
# grep -a -A 700 'llr2tab.pl' /dev/sda2 | strings | less
# grep -a -A 200 '# First, check the entire record verbatim' /dev/sda2 |
strings | less


~~~~~~~~~~~~~~~~
Kristian Erik Hermansen wrote:

 > Check out foremost. http://www.linuxjournal.com/node/1005913

Nice article.  And Foremost sounds most impressive.  I've just 
prophylactically installed it on a couple of key machines, just in case.


~~~~~~~~~~~~~~~~
Mark wrote:

 > See also: http://www.fish2.com/tct/help-recovering-file

That sounds like a more structured and automated version of my 
half-assed, "just grep it" solution.  Bookmarked it.


 > TCT, TSK, Autopsy (http://www.sleuthkit.org/)

sudo aptitude install sleuthkit autopsy
:-)  Nice.


Again, good luck to Eric,
JP
----------------------------|:::======|-------------------------------
JP Vossen, CISSP            |:::======|        jp{at}jpsdomain{dot}org
My Account, My Opinions     |=========|      http://www.jpsdomain.org/
----------------------------|=========|-------------------------------
Microsoft has single-handedly nullified Moore's Law.
Innate design flaws of Windows make a personal firewall, anti-virus
and anti-malware software mandatory. The resulting software arms race
has effectively flattened Moore's Law on hardware running Windows.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug