Forensic: extundelete

From OnnoWiki
Jump to navigation Jump to search

Install 

apt -y install extundelete


Percobaan 

mkfs.ext3 /dev/sdb1

Mount 

mkdir /mnt/percobaan
mount /dev/sdb1 /mnt/percobaan

Copy/buat file 

 cp file.txt /mnt/percobaan
 cp file.jpeg /mnt/percobaan

Delete 

 rm /mnt/percobaan/*

Restore 

 umount /mnt/percobaan
 extundelete /dev/sdb1 --restore-all


Hasilnya akan disimpan di current directory dengan folder 

RECOVERED_FILES


Contoh hasil 

file.73729  file.73734  file.73739  file.73744  file.73749  
file.73754  file.73759  file.73764  file.73769  file.73774  file.73779
file.73730  file.73735  file.73740  file.73745  file.73750  
file.73755  file.73760  file.73765  file.73770  file.73775
file.73731  file.73736  file.73741  file.73746  file.73751  
file.73756  file.73761  file.73766  file.73771  file.73776
file.73732  file.73737  file.73742  file.73747  file.73752  
file.73757  file.73762  file.73767  file.73772  file.73777
file.73733  file.73738  file.73743  file.73748  file.73753  
file.73758  file.73763  file.73768  file.73773  file.73778
Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Forensic:_extundelete&oldid=67184"