Translate

Image of Modern Operating Systems (3rd Edition)
Image of XSLT 2.0 and XPath 2.0 Programmer's Reference (Programmer to Programmer)
Image of Android Wireless Application Development
Image of Operating System Concepts

Using the EFI_SHELL_PROTOCOL To Read a File

In this post, I provide the source code for a working UEFI shell application which displays the contents of an ASCII file using functionality provided by EFI_SHELL_PROTOCOL.

Sudo and Globbing

The question is how we can use the sudo utility to display a list of files in a directory to which we have absolutely no Unix filesystem privileges Consider the following directory and files contained therein: $ ls -l total 4 drwxrwx—. 2 root root 4096 May 22 21:14 demo $ su Password: XXXXXXXX # ls -l demo total 0 -rw-r–r–. 1 root root 0 May 22 21:14 file1 -rw-r–r–. 1 root root 0 May 22 21:14 file2 -rw-r–r–. 1 root root 0 May 22 21:14 file3 # exit exit Note the directory permissions are 770 and the user and

Access A VMware Virtual Disk from Linux

Recently I needed to recover some data off a VMware Workstation virtual disk using Linux. As you probably know, VMware Workstation (and VMware vSphere) represents a physical disk by a virtual disk whose backing store is one or more VMDK files. VMDK (Virtual Machine Disk) is a documented file format, which uses the file extension .vmdk. It describes containers for virtual hard disk drives to be used in virtual machines like VMware Workstation or VirtualBox. Initially developed by VMware for its virtual appliance products, nowadays VMDK is an open format. Fortunately, VMware provides a simple utility, vmware-mount, for mounting a

Samsung F2FS

Flash-Friendly File System (F2FS) is a Linux-based log-structured flash file system which takes into account the characteristics of NAND flash memory-based storage devices such as solid-state disks, eMMC, and SD cards with an built-in FTL (flash translation layer). It was developed and is maintained and enhanced by Samsung Electronics. Other available Linux flash file systems, such as jffs2, ubifs and logfs, are targeted at raw flash devices. f2fs was merged into the Linux 3.8 kernel. F2FS is based on Log-structured File System (LFS), which supports versatile “flash-friendly” features. The design has been focused on addressing the fundamental issues in LFS,

RHEL7 XFS Is A Step Backwards Forensically

Red Hat changed the default filesystem in Red Hat Enterprise Linux 7 (RHEL 7) to XFS. In RHEL 6, the default filesystem was EXT4. The rational for this change, according Denise Dumas, Director of Software Engineering for Red Hat was because “it is a better match for our enterprise customers”. I agree with this position, which incidentally is the position SUSE have maintained for a long time, except that forensically it is somewhat of a step backwards. You can examine a XFS file’s metadata using xfs_db but it is much easier to use the xfs_io utility. Just like xfs_db, xfs_io