Home
Latest images
Search
Register
Log inCAINE 1.5 Installed and Rifiuti to analyze INFO2 files
2 posters
Page 1 of 1
CAINE 1.5 Installed and Rifiuti to analyze INFO2 files
joetekno Tue Mar 09, 2010 8:42 pm
Rifiuti can be used for the reconstruction of a suspect drives Recycle Bin. Analyzing the INFO2 file may allow you to find the deleted file(s) / folder(s) original location, size, and deleted time.
USAGE
Note that spaces below are exaggerated for readability.
Basic Usage Example: rifiuti INFO2
You could script analyzing multiple files like this...
#---BEGIN SCRIPT---
echo “Where is the drive, volume, or image file to be analyzed mounted?”
echo “example: /media/sda1”
read VOLUME
find $VOLUME -name INFO2 > temp
sed ‘s/ /\\ /g’ temp > foundfiles
LINES=`wc -l foundfiles | cut -d " " -f 1`
COUNT=0
while [ $COUNT -lt $LINES ]; do
COUNT=$(( $COUNT + 1 ))
echo "rifiuti " >> pre
done
paste pre foundfiles post > RIFIUTI.sh
chmod 700 RIFIUTI.sh
./RIFIUTI.sh > INFO2Evidence.txt
less INFO2Evidence.txt
#---END SCRIPT---
USAGE
Note that spaces below are exaggerated for readability.
Basic Usage Example: rifiuti INFO2
You could script analyzing multiple files like this...
#---BEGIN SCRIPT---
echo “Where is the drive, volume, or image file to be analyzed mounted?”
echo “example: /media/sda1”
read VOLUME
find $VOLUME -name INFO2 > temp
sed ‘s/ /\\ /g’ temp > foundfiles
LINES=`wc -l foundfiles | cut -d " " -f 1`
COUNT=0
while [ $COUNT -lt $LINES ]; do
COUNT=$(( $COUNT + 1 ))
echo "rifiuti " >> pre
done
paste pre foundfiles post > RIFIUTI.sh
chmod 700 RIFIUTI.sh
./RIFIUTI.sh > INFO2Evidence.txt
less INFO2Evidence.txt
#---END SCRIPT---
joetekno- Number of posts : 50
Località : Wisconsin, United States
Registration date : 2009-02-19 -
Re: CAINE 1.5 Installed and Rifiuti to analyze INFO2 files
MAX.KNIGHT68 Thu Dec 20, 2012 9:13 pm
joetekno wrote:Rifiuti can be used for the reconstruction of a suspect drives Recycle Bin. Analyzing the INFO2 file may allow you to find the deleted file(s) / folder(s) original location, size, and deleted time.
USAGE
Note that spaces below are exaggerated for readability.
Basic Usage Example: rifiuti INFO2
You could script analyzing multiple files like this...
#---BEGIN SCRIPT---
echo “Where is the drive, volume, or image file to be analyzed mounted?”
echo “example: /media/sda1”
read VOLUME
find $VOLUME -name INFO2 > temp
sed ‘s/ /\\ /g’ temp > foundfiles
LINES=`wc -l foundfiles | cut -d " " -f 1`
COUNT=0
while [ $COUNT -lt $LINES ]; do
COUNT=$(( $COUNT + 1 ))
echo "rifiuti " >> pre
done
paste pre foundfiles post > RIFIUTI.sh
chmod 700 RIFIUTI.sh
./RIFIUTI.sh > INFO2Evidence.txt
less INFO2Evidence.txt
#---END SCRIPT---
Hello (again) ...
Let me get this straight ...
What is "Waste"? is a bash script?
is perhaps the one shown above between the lines
# --- BEGIN SCRIPT ---
to
# --- END SCRIPT ---
???
Thanks in advance and happy holidays.
MAX.KNIGHT68- Number of posts : 11
Age : 56
Località : Taranto
Registration date : 2012-12-02
bash shell script
joetekno Fri Dec 21, 2012 3:25 am
Yes, the code between the lines is a bash shell script
joetekno- Number of posts : 50
Località : Wisconsin, United States
Registration date : 2009-02-19 -
Similar topics» CAINE 1.5 Installed and Scalpel to carve files from the disk
» CAINE 1.5 Installed to capture image file from CAINE 1.5 Live CD
» Installed Caine with Caine From Deb. How should I set /etc/fstab?
» WinTaylor for CAINE V.5 - WFT missing files in tools directory
» Caine 2.5 Pre-Installed in VirtualBox
» CAINE 1.5 Installed to capture image file from CAINE 1.5 Live CD
» Installed Caine with Caine From Deb. How should I set /etc/fstab?
» WinTaylor for CAINE V.5 - WFT missing files in tools directory
» Caine 2.5 Pre-Installed in VirtualBox
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum