• Tutorial: How to use dcfldd instead of dd

    Today I want to introduce to everyone an excellent command that works very much like dd but it’s just much better…

    dcfldd is an enhanced version of dd developed by the U.S. Department of Defense Computer Forensics Lab.

     Department of Defense Cyber Crime Center

    Department of Defense Cyber Crime Center

    Features include:

    • Hashing on-the-fly, dcfldd can hash the input data as it is being transferred, helping to ensure data integrity. Supports multiple hashes at once
    • Progress bar of how much data has already been sent.
    • Flexible disk wipes, dcfldd can be used to wipe disks quickly and with a known pattern if desired
    • Verification that the image is identical to the original drive, bit-for-bit.
    • Split output, dcfldd can split output to multiple files with more configurability than the split command
    • Piped output and logs, dcfldd can send all its log data and output to commands as well as files natively
    • Verify capability

    How to install in Ubuntu:

    sudo apt-get install dcfldd

    Here you can see a small summary of the most common commands:

    if = Input File (device or file you want to read)
    of = Output File (device or file you want to copy the data to)
    hash = md5, sha1, sha256, sha384 or sha512 (hash type)
    hashwindow= Size (in Bytes), about how often a hash calculation will happen
    <hash>log = file that will contain the hash calculations log for each hash type (eg: sha1log=sha1.log)
    hashconv = valid values: AFTER or BEFORE. It depends if you want to perform the hash after or before the conversion
    bs = Byte Size (amount of bytes to read at once)
    noerror (ignore read errors and continue) , sync (performs padding) are the 2 most common options here
    split = breaks image file into multiple files
    splitformat = the file extension format for split operation
    conv = convert the file as per the comma separated keyword list (see following list):
    ascii=from EBCDIC to ASCII
    ebcdic=from ASCII to EBCDIC
    ibm=from ASCII to alternated EBCDIC
    block=pad newline-terminated records with spaces to cbs-size
    unblock=replace trailing spaces in cbs-size records with newline
    lcase=change upper case to lower case
    notrunc=do not truncate the output file
    ucase=change lower case to upper case
    swab=swap every pair of input bytes
    noerror=continue after read errors
    sync=pad every input block with NULs to ibs-size; when used with block or unblock, pad with spaces rather than NULs

     

    Example

    dcfldd if=/dev/source hash=md5,sha512 hashwindow=1G md5log=md5.txt sha512log=sha512.txt \
    hashconv=after bs=512 conv=noerror,sync split=1G splitformat=aa of=image.dd

    This command will read one Gb from the source drive and write that to a file called image.dd.aa. It will also calculate the MD5 hash and the sha512 hash of each Gigabyte read.

    It will then read the next Gb and name that image.dd.ab. The md5 hashes will be stored in a file called md5.txt and the sha512 hashes will be stored in a file called sha512.txt. The block size for transferring has been set to 512 bytes, and in the event of read errors, dcfldd will write zeros.

    Incoming search terms:

    • dcfldd
    • dcfldd example
    • how to install dcfldd on ubuntu
    • dcfldd Windows
    • how read Dcfldd files
    • dcfldd sync
    • dcfldd noerror
    • dcfldd in windows
    • dcfldd example usage
    • is dcfldd used in criminal cases?
  • Tools to benchmark JavaScript

    If you are a JavaScript programmer, web enthusiast or just curious, you may want to test your browser JavaScript performance. Every test uses different approaches and tells you a different part of the story. If you are really interested in understanding which one would be good for your intentions I would strongly recommend to go through all of them and check their pages to read all the details.

    This is the most up-to-date list I could compile, to ease your hunger of benchmarking:

    SunSpider

    Apple’s Webkit team is behind this popular benchmark. It provides you with a link to your results once the test is completed.

    Octane

    New version of the old V8 Javascript Engine. It has been developed by Google and is a part of the Chrome browser.

    Dromaeo

    Dromaeo has been created by John Resig (JavaScript Tool Developer at Mozilla). It’s actually a collection of a number of benchmarks which are broken up into two main categories – JavaScript and DOM. It reiterates the calculations at least five times to grant more accurate results.

    Acid3

    Acid3 is not a real benchmark. It’s a compliance test created by the Web Standards Project to understand if a browser is capable of properly display (render) certain instructions.

    The maximum score is 100 and anything lower than this will basically says that your browser has failed the test.

    Kraken

    Mozilla Kraken Java Benchmark uses predefined test cases and run them in your browser giving the results in milliseconds. Lowest results are better.

    RoboHornet

    It’s another Google creation, still in alpha state, it aims at creating a super complete set of real life situations to replicate in the tests. It asks collaboration from the community to improve its standards and sets.

    If your interested at testing your own code speed, I would suggest two different websites:

    Jsperf
    BenchmarkJS

    but this is already interesting for another article…

  • Back from the past: ASCII MOVIES

    Today I’ve found in my bookmarks a few links about an old passion shared between many IT enthusiasts in the 80s: ASCII Art.

    Small pieces of art, ancient mosaics created with letters, numbers and characters from the future.

    One of the latest evolutions of this art has been the creation of animations first and entire movies. Finally we’ve seen software able to transform digital video output into ASCII animations, videogames graphic routed to ASCII terminals and the popular video player VLC to add a video plugin to reproduce videos in ASCII (with the option to see them in color).

    While many of you may remember such links, I want to share them (or at least the ones still living on the internet) to share some nostalgic memories or surprising evidences of a mysterious past…

    First of all one of the biggest classics: Star Wars

    Then Matrix

    Some good Classic Rock Videoclip

    and finally one of my favourites, Music Videos in ASCII which singer is a C64 digitized voice

    There are various other sites, however if you would like to see how a specific movie/video would look like, you can always use our favourite player, VLC, Go to VLC menu -> Preferences -> Choose “Video” -> “Output Module” and select “Color ASCII art video output” for Colorized ASCII or “ASCII-art video output”.

    Open a video file and feel the difference!