![[PukiWiki]](image/../localimages/Atom.gif "[PukiWiki]")
MBRの表示
先頭から512Byte
# hexdump -C -n 512 /dev/sda 00000000 fa eb 21 01 b5 01 4c 49 4c 4f 16 06 fb 8c 8e 48 |..!...LILO.....H| 00000010 00 00 00 00 55 12 c8 45 fc d0 fc d0 81 00 80 60 |....U..E.......`| 00000020 5c 44 01 00 b8 c0 07 8e d0 bc 00 08 fb 52 53 06 |\D...........RS.| 00000030 56 fc 8e d8 31 ed 60 b8 00 12 b3 36 cd 10 61 b0 |V...1.`....6..a.| 00000040 0d e8 67 01 b0 0a e8 62 01 b0 4c e8 5d 01 60 1e |..g....b..L.].`.| 00000050 07 80 fa fe 75 02 88 f2 bb 00 02 8a 76 1e 89 d0 |....u.......v...| 00000060 80 e4 80 30 e0 78 0a 3c 10 73 06 f6 46 1c 40 75 |...0.x.<.s..F.@u| 00000070 2e 88 f2 66 8b 76 18 66 09 f6 74 23 52 b4 08 b2 |...f.v.f..t#R...| 00000080 80 53 cd 13 5b 72 55 0f b6 ca ba 7f 00 42 66 31 |.S..[rU......Bf1| 00000090 c0 40 e8 70 00 66 3b b7 b8 01 74 03 e2 ef 5a 53 |.@.p.f;...t...ZS| 000000a0 8a 76 1f be 20 00 e8 4a 00 b4 99 66 81 7f fc 4c |.v.. ..J...f...L| 000000b0 49 4c 4f 75 27 5e 68 80 08 07 31 db e8 34 00 75 |ILOu'^h...1..4.u| 000000c0 fb be 06 00 89 f7 b9 0a 00 f3 a6 75 0d b0 02 ae |...........u....| 000000d0 75 08 06 55 b0 49 e8 d2 00 cb b4 9a b0 20 e8 ca |u..U.I....... ..| 000000e0 00 e8 b7 00 fe 4e 00 74 07 bc e8 07 61 e9 5e ff |.....N.t....a.^.| 000000f0 f4 eb fd 66 ad 66 09 c0 74 0a 66 03 46 10 e8 04 |...f.f..t.f.F...| 00000100 00 80 c7 02 c3 60 55 55 66 50 06 53 6a 01 6a 10 |.....`UUfP.Sj.j.| 00000110 89 e6 53 f6 c6 60 74 58 f6 c6 20 74 14 bb aa 55 |..S..`tX.. t...U| 00000120 b4 41 cd 13 72 0b 81 fb 55 aa 75 05 f6 c1 01 75 |.A..r...U.u....u| 00000130 4a 52 06 b4 08 cd 13 07 72 59 51 c0 e9 06 86 e9 |JR......rYQ.....| 00000140 89 cf 59 c1 ea 08 92 40 83 e1 3f f7 e1 93 8b 44 |..Y....@..?....D| 00000150 08 8b 54 0a 39 da 73 39 f7 f3 39 f8 77 33 c0 e4 |..T.9.s9..9.w3..| 00000160 06 86 e0 92 f6 f1 08 e2 89 d1 41 5a 88 c6 eb 06 |..........AZ....| 00000170 66 50 59 58 88 e6 b8 01 02 eb 02 b4 42 5b bd 05 |fPYX........B[..| 00000180 00 60 cd 13 73 10 4d 74 0a 31 c0 cd 13 61 4d eb |.`..s.Mt.1...aM.| 00000190 f0 b4 40 e9 46 ff 8d 64 10 61 c3 c1 c0 04 e8 03 |..@.F..d.a......| 000001a0 00 c1 c0 04 24 0f 27 04 f0 14 40 60 bb 07 00 b4 |....$.'...@`....| 000001b0 0e cd 10 61 c3 00 00 00 fc d0 fc d0 00 00 00 00 |...a............| 000001c0 01 40 07 fe ff ff 40 b0 0f 00 c3 f9 3b 07 80 01 |.@....@.....;...| 000001d0 01 00 83 fe 3f 3f 3f 00 00 00 01 b0 0f 00 00 00 |....???.........| 000001e0 41 c3 83 fe 7f 95 03 aa 4b 07 13 fc ef 00 00 00 |A.......K.......| 000001f0 41 96 05 fe bf 00 16 a6 3b 08 ab 3e 15 01 55 aa |A.......;..>..U.| 00000200
/dev/sda1の表示
# hexdump -C -n 512 /dev/sda1 00000000 eb 52 90 4e 54 46 53 20 20 20 20 00 02 08 00 00 |.R.NTFS .....| 00000010 00 00 00 00 00 f8 00 00 3f 00 ff 00 00 08 00 00 |........?.......| 00000020 00 00 00 00 80 00 80 00 ff e7 e9 17 00 00 00 00 |................| 00000030 00 00 0c 00 00 00 00 00 10 00 00 00 00 00 00 00 |................| 00000040 f6 00 00 00 01 00 00 00 93 53 42 08 98 42 08 ba |.........SB..B..| 00000050 00 00 00 00 fa 33 c0 8e d0 bc 00 7c fb 68 c0 07 |.....3.....|.h..| 00000060 1f 1e 68 66 00 cb 88 16 0e 00 66 81 3e 03 00 4e |..hf......f.>..N| 00000070 54 46 53 75 15 b4 41 bb aa 55 cd 13 72 0c 81 fb |TFSu..A..U..r...| 00000080 55 aa 75 06 f7 c1 01 00 75 03 e9 d2 00 1e 83 ec |U.u.....u.......| 00000090 18 68 1a 00 b4 48 8a 16 0e 00 8b f4 16 1f cd 13 |.h...H..........| 000000a0 9f 83 c4 18 9e 58 1f 72 e1 3b 06 0b 00 75 db a3 |.....X.r.;...u..| 000000b0 0f 00 c1 2e 0f 00 04 1e 5a 33 db b9 00 20 2b c8 |........Z3... +.| 000000c0 66 ff 06 11 00 03 16 0f 00 8e c2 ff 06 16 00 e8 |f...............| 000000d0 40 00 2b c8 77 ef b8 00 bb cd 1a 66 23 c0 75 2d |@.+.w......f#.u-|
nslookup
$ nslookup -type=mx mie-chukyo-u.ac.jp Server: 192.168.10.42 Address: 192.168.10.42#53 Non-authoritative answer: mie-chukyo-u.ac.jp mail exchanger = 10 iron.mie-chukyo-u.ac.jp. <=メールサーバ Authoritative answers can be found from: mie-chukyo-u.ac.jp nameserver = ns01.mctv.ne.jp. mie-chukyo-u.ac.jp nameserver = ns.mie-chukyo-u.ac.jp. iron.mie-chukyo-u.ac.jp internet address = 192.244.75.35 ns.mie-chukyo-u.ac.jp internet address = 192.244.75.1
dig
$ dig mie-chukyo-u.ac.jp mx ; <<>> DiG 9.3.2-P2 <<>> mie-chukyo-u.ac.jp mx ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62605 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;mie-chukyo-u.ac.jp. IN MX ;; ANSWER SECTION: mie-chukyo-u.ac.jp. 86375 IN MX 10 iron.mie-chukyo-u.ac.jp. <==メールサーバ ;; AUTHORITY SECTION: mie-chukyo-u.ac.jp. 925 IN NS ns.mie-chukyo-u.ac.jp. mie-chukyo-u.ac.jp. 925 IN NS ns01.mctv.ne.jp. ;; ADDITIONAL SECTION: iron.mie-chukyo-u.ac.jp. 86375 IN A 192.244.75.35 ns.mie-chukyo-u.ac.jp. 926 IN A 192.244.75.1 ;; Query time: 1 msec ;; SERVER: 192.168.10.42#53(192.168.10.42) ;; WHEN: Mon Feb 25 12:38:57 2008 ;; MSG SIZE rcvd: 133
ここからTestDisk & PhotoRecのrpm版をDownloadしてインストールする
/usr/sbin/photorecで実行する。
Continue previous session ? (Y/N) N <--Nを選択
(略)
Disk /dev/hda - 34 GB / 31 GiB (RO)
Partition Start End Size in sectors
D empty 0 0 1 71013 14 63 67108230 [Whole disk]
1 * Linux 0 1 1 68271 14 63 64516977 [/]
2 P Linux Swap 68272 0 1 71008 14 63 2586465
[ Search ] [Options ] [File Opt] [ Quit ] <--File Optを選択
ここで、復元したい拡張子を指定する。
その後 Search で実行する
復元されたファイルはディレクトリごと、適当な名前で復元されるので注意する
DOS→UNIX:nkf -d DOS_file > UNIX_file UNIX→DOS:nkf -c UNIX_file > DOS_file
