Skip to main content

linux file system recovery

1. broken hdd disk backup
 1) remote-server
nc -v -l [port] > hdd_backup.img
 2) equipment of broken hdd
dd if=/dev/sda | nc -v [remote-server IP] [port]

  ex)
 1) remote-server
nc -v -l 2222 > hdd_backup.img
 2) equipment of broken hdd
dd if=/dev/sda | nc -v 1.1.1.1 2222

2. use recovery tool
 testdisk (http://www.cgsecurity.org/wiki/TestDisk_Download)

3. run fsck from img file
 # losetup --offset 32256 /dev/loop2 harddrive.img
 # fsck /dev/loop2
 and again testdisk

reference:
https://major.io/2010/12/14/mounting-a-raw-partition-file-made-with-dd-or-dd_rescue-in-linux/
https://bbs.archlinux.org/viewtopic.php?id=136766

Comments

Popular posts from this blog

Redmine production.log to uri log

But.. It doesn't work well. (Because the sequence of line is not arranged.) It is better way to use ' redmine_access_logger' plugin than this #!/bin/bash # Setting LOG_FILE=/redmine-3.3.3/log/production.log #LOG_FILE=mylog.log PIDFILE=/var/run/redmine_info_log.pid # Program Variables OUTPUT_LOGDIR=`dirname ${LOG_FILE}` OPT_DEBUG=0 URI_FILTER_REGEX="(^\"/people/avatar)|(^/attachments/thumbnail/)|(^\"/issues/.*\.xml)" function echo_log() { if [ "$2" != "" ]; then echo "$1" >> $2 else echo "$1" fi } if [ -f $PIDFILE ] then PID=$(cat $PIDFILE) ps -p $PID > /dev/null 2>&1 if [ $? -eq 0 ] then echo "Process already running" exit 1 else ## Process not found assume not running echo $$ > $PIDFILE if [ $? -ne 0 ] then echo "Could not create PID file" exit 1 fi fi else echo $$ > $PIDFILE if [ $? -ne 0 ] ...

[scapy] Linux-Cooked pcap to ethernet

# The pcap file formatted by "Linux cooked" # tcpdump -r myfile.pcap -nn reading from file event1.pcap, link-type LINUX_SLL (Linux cooked) ... ... # step1. read myfile.pcap pkts = rdpcap("myfile.pcap"); # step2. read myfile.pcap pkts = [Ether(src='00:11:22:33:44:55', dst='22:33:44:55:66:77')/pkt[1:] for pkt in pkts] # step3. modify IP address and recalculate chksum for pkt in pkts:  pkt[1].dst='192.168.1.10';  pkt[1].src='192.168.1.1';  del pkt[IP].chksum  del pkt[UDP].chksum # step4. packet send sendp(pkts[0]); # step5. save pcap  wrpcap("output.pcap",pkts); # tcpdump -r output.pcap -nn reading from file output.pcap, link-type EN10MB (Ethernet) ... ... # pkt[1:] : It means IP layer 1) Before: Linux cooked / IP / UDP / UDP-Data 2) After: Ethernet / IP / UDP / UDP-Data

sanitize on in CMakeLists.txt

1. CMakeLists.txt set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=address") add_compile_options(-fsanitize=address) If a subdir is set with add_subdirectory and a module that does not support sanitize is imported from the path and needs to be removed, add -fno-sanitize=address to add_compile_options in CMakeLists.txt of the subdir to remove it. Basically, if you enable sanitize, sanitize will adjust ulimit's core to 0, so core will not occur. You can do this by putting the following part as an environment variable. (Below is the part you put in systemd's service) 2. service file in systemd [Service] LimitCORE=infinity Environment="ASAN_OPTIONS=handle_segv=0:handle_abort=1:abort_on_error=1:disable_coredump=0"