cgsecurity.org

TestDisk & PhotoRec forum
https://forum.cgsecurity.org/phpBB3/

possible to generate log file only, without copying files?

https://forum.cgsecurity.org/phpBB3/viewtopic.php?t=4439

Page 1 of 1

possible to generate log file only, without copying files?

Posted: 19 Nov 2014, 17:34
by rvijgen
Hi,

is it possible to generate a log file only using a scripted run? I would like to create log files of several disks without having to copy everything to another drive first?

Richard

Re: possible to generate log file only, without copying file

Posted: 19 Nov 2014, 19:17
by cgrenier
If you want a lidt of all the files of the first partition, you can use something like

Code: Select all

testdisk /cmd /dev/sda advanced,1,list,recursive

Re: possible to generate log file only, without copying file

Posted: 19 Nov 2014, 21:08
by rvijgen
Thanks!

I tried your suggestion in testdisk and it worked. However, when I try it with photorec I only get an overview of the partitions, not the files.

I was hoping to get something like the photorec XML that describes the files with an offset and length, so that I can use something like dd to copy individual files. Is that possible?

best,
Richard

Code: Select all

PhotoRec 6.14, Data Recovery Utility, July 2013
Christophe GRENIER <grenier@cgsecurity.org>
http://www.cgsecurity.org
OS: Darwin, kernel 14.0.0 (Darwin Kernel Version 14.0.0: Fri Sep 19 00:26:44 PDT 2014; root:xnu-2782.1
Compiler: GCC 4.2
Compilation date: 2014-11-19T17:26:05
ext2fs lib: none, ntfs lib: none, ewf lib: none, libjpeg: 80
Hard disk list
Disk /dev/disk2 - 9064 KB / 8852 KiB - 17704 sectors (RO), sector size=512

Partition table type (auto): EFI GPT
Disk /dev/disk2 - 9064 KB / 8852 KiB (RO)
Partition table type: EFI GPT
     Unknown                        0      17703      17704 [Whole disk]
 1 P MS Data                     2048      10239       8192 [UNTITLED 1] [UNTITLED 1]
     FAT12, blocksize=1024, 4194 KB / 4096 KiB
 2 P MS Data                    10240      16383       6144 [UNTITLED 2] [UNTITLED 2]
     FAT12, blocksize=1024, 3145 KB / 3072 KiB
PhotoRec exited normally.

Re: possible to generate log file only, without copying file

Posted: 28 Nov 2014, 09:14
by cgrenier
Currently it's not possible, it's something that will have to be implemented if you really need this feature.
Maybe http://www.sleuthkit.org/ , a free and open source forensics utility, will provide the feature you are looking for.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited