Lab46 Wiki

User Tools

Site Tools

You are here: start » haas » spring2016 » unix » projects » udr1
haas:spring2016:unix:projects:udr1

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
haas:spring2016:unix:projects:udr1 [2016/03/15 12:07] – [Backstory] wedgehaas:spring2016:unix:projects:udr1 [2016/03/15 13:37] (current) – [Partition Layout] wedge
Line 21: Line 21:
 Turns out this one had a few tricks up its sleeve. Of particular note: partition scrambling. Oh no! All the memes! Turns out this one had a few tricks up its sleeve. Of particular note: partition scrambling. Oh no! All the memes!
  
-After downing two Mr. Pibbs and a pack of Necco Wafers (saving the purple ones for last), you sit down to correct your most grievous of oversights. Chiptunes blazing, extra monitors displaying terminals covering nearly every square decimeter of desk space, you have a hard drive partition map to restore.+After downing two Mr. Pibbs, a Mars bar, and a pack of Necco Wafers (saving the purple ones for last), you sit down to correct your most grievous of oversights. Chiptunes blazing, gaming flash drive at the ready, and extra monitors displaying terminals covering nearly every square decimeter of desk space, you have a hard drive partition map to restore.
  
 Turns out there was at least **some** redundancy... a backup of the partition table/master boot record for the drive was stored somewhere in the first part of the drive. A little digital forensics and you should be on your way... Turns out there was at least **some** redundancy... a backup of the partition table/master boot record for the drive was stored somewhere in the first part of the drive. A little digital forensics and you should be on your way...
Line 57: Line 57:
  
 =====Process===== =====Process=====
-In order to gain access to the drive (in the form of the file called **disk.image**, which is  5MB in size), you'll need to restore the partition table/Master Boot Record (MBR).+In order to gain access to the drive (in the form of the file called **disk.image**, which is 5MB in size), you'll need to restore the partition table/Master Boot Record (MBR).
  
-There is a backup stored on the drive... you were informed of its location when you successfully ran prep. Extract and unravel it.+There is a backup stored on the drive... you were informed of its location when you successfully ran **prep**Obtain and unravel it.
  
-Once you have it, you'll want to restore it onto the drive; it occupies the first sector on the drive.+Once you have it, you'll want to restore it onto the drive; it needs to occupy the first sector on the drive.
  
 Once you have that in place, we can use a hex editor to study the partition table and determine the starting sectors and overall sizes of each partition. Once you have that in place, we can use a hex editor to study the partition table and determine the starting sectors and overall sizes of each partition.
  
-You'll want to extract each partition individually from the disk image so you can better interact with it. You'll need to determine the partition type and ensure a filesystem is in place. Ultimately you'll want to be able to view and copy data to/from the various partitions.+You'll want to extract each partition individually from the disk image so you can better interact with it. You'll need to determine the partition type and ensure a viable filesystem is in place (think back to the puzzle boxes). Ultimately you'll want to be able to view and copy data to/from the various partitions.
  
-As this is a disk image of the chief meme archivist's workstation, you'll also need to do a little file organization; specifically, placing all mudkip and reptilian-themed files on the fourth partition.+To facilitate your efforts, please name each extracted partition files as follows: 
 + 
 +  * partition #1: **udr1.part1.img** 
 +  * if there's a partition #2: **udr1.part2.img** 
 +  * if there's a partition #3: **udr1.part3.img** 
 +  * if there's a partition #4: **udr1.part4.img** 
 + 
 +As this is a disk image of the chief meme archivist's workstation, you'll also need to do a little file organization to bring things up to spec (and ensure they never realized what happened); specifically, placing all mudkip and reptilian-themed files on the fourth partition.
  
 Finally, reintegrating the changed fourth partition over the old one, so that you can submit the whole restored image, along with a list of command-lines you performed (and other information gathered) to accomplish this task. Finally, reintegrating the changed fourth partition over the old one, so that you can submit the whole restored image, along with a list of command-lines you performed (and other information gathered) to accomplish this task.
Line 95: Line 102:
 ====Partition Layout==== ====Partition Layout====
 A partition is defined in 16 bytes (the classic PC layout allows for four primary partitions). The byte layout is as follows: A partition is defined in 16 bytes (the classic PC layout allows for four primary partitions). The byte layout is as follows:
- 
-Structure of a 16-byte Partition Table Entry 
-Relative Offsets 
-(within entry)  
-Length 
-(bytes) 
-Contents 
  
 ^  Byte  ^  Description  | ^  Byte  ^  Description  |
haas/spring2016/unix/projects/udr1.1458043648.txt.gz · Last modified: 2016/03/15 12:07 by wedge

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki