![]() Microsoft Windows Copyright (c) 2009 Microsoft Corporation. The enter key) and the following output was recorded. The command “volume_dump.exe” was run by typing volume_dump.exe (followed by The FAU.x86 folder was chosen because i was using a windows 7 x86 bit platform PC.į. Note: “cd” refers to “change directory” while “dir” lists the file named of that directory. (Followed by the enter key) and then followed by the “dir” command (followed by theĮ. The following commands were put so as to navigate to the directory where the dd.exe and After the image creation was complete, an image file with the name “Forensics1.001”Īnd a text file with the name Forensics.txt containing MD5 and SHA1 has values wasĭ. Number – 001, evidence number 001, chose the destination folder to be c:\Digitalįorensics and gave the file name as “forensics” and the image creation was started Under the image destination, I clicked add, chose the raw (dd) format, entered the case Under the file menu, I chose “create disk image” where I chose the physical drive as theĮvidence source since I was using a USB thumb drive. Under Quick Launch, the FTK Imager was chosen.Į. The Helix CD was inserted and the “live” Windows system was started.ĭ. The Windows 7 x86 platform was then started and the USB thumb drive was insertedĬ. The registry fix disableUSBwrite was run so as to write protect the deviceī. Part I: Using the Helix CD FTK Imager to image a USB thumb driveĪ. The dd.exe program from the Forensic Acquisition Utilities (FAU) Computer with Windows 7 x86 bit platform.Ĥ. The images will then be compared using a Hex editor HxD so as to bringġ. ![]() This will be achieved through the usage of several Imaging tools, comparing them after X86 platform as well as using Hex editor to analyze differences in image parameters. ![]() The purpose of this experiment is to demonstrate how to use the dd command and theįTK Imager tools for the purpose of creating “forensically sound” disk images using windows 7 Our experiment we will concentrate in different methods of creating disk images for forensic Recovery of useful materials found in digital devices particularly in cases of computer crime. Digital forensics is a branch of forensic science that deals with investigations and ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |