Linux LVM Ext4 Support in Windows with Arsenal Image Mounter
Вставка
- Опубліковано 1 чер 2024
- Previously we showed how to access a Linux Logical Volume Manager partition inside a forensic disk image. We were looking for a way to access the LVM partition in Windows, and Arsenal Recon helped us out!
Thank you to our Members and Patrons, but especially to our Investigators, TheRantingGeek, Roman, and Alexis Brignoni! Thank you so much!
This video is about a (currently unreleased v3.9) of Arsenal Image Mounter that supports Linux partitions in forensic disk images. As well as new support for LVM partitions! Now you can easily mount LVM and EXT4 Linux Logical Volumes as a logical disk in Windows! Best of all, you can access the Linux file system just like a local disk!
Check out how easy it is, and look for the official release of Arsenal Image Mounter v3.9 (arsenalrecon.com/downloads/)
00:00 Backstory - Arsenal Image Mounter and Linux Logical Volume Manager
01:14 Download Arsenal Image Mounter
01:50 Arsenal Image Mounter
02:07 Mount the forensic disk image
02:22 Arsenal Image Mounter Options for a Linux Physical Disk
03:06 Arsenal Image Mounter - Mounted Image Information
03:21 Access the suspect Linux data as a Windows disk
03:51 Geeking out a bit...
04:07 What can you do with it?
🚀 Full Digital Forensic Courses → learn.dfir.science
Links:
* Arsenal Recon (arsenalrecon.com)
* Info about LVM (linuxhandbook.com/lvm-guide/)
#windows #forensics #arsenalrecon #linux #dfir
010001000100011001010011011000110110100101100101011011100110001101100101
Get more Digital Forensic Science
👍 Subscribe → bit.ly/2Ij9Ojc
❤️ YT Member → bit.ly/DFIRSciMember
❤️ Patreon → / dfirscience
🕸️ Blog → DFIR.Science
🤖 Code → github.com/DFIRScience
🐦 Follow → / dfirscience
📰 DFIR Newsletter → bit.ly/DFIRNews
010100110111010101100010011100110110001101110010011010010110001001100101
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Please link back to the original video. If you want to use this video for commercial purposes, please contact us first. We would love to see what you are doing. - Наука та технологія
I love that they updated the software with this feature after you spoke to them, I will certainly be checking this one out. Thanks as always 😀
Hi, great video, but I am unable to click the windows file system driver bypass. It says at the end that the disk image does not contain any file system compatible with this option.
What does the disk you are analyzing look like? Partitions? What file systems?
Still not available on their website.
When I talked to them they said the release would be "soon" but didn't give a firm ETA.
Are you garbaj? your voice is SO close to hes
Nope. I had to look him up. Pretty close! I wouldn't mind his sub count though! :D