The investigators or research persons could also come across various MS-Windows “.exe”, “.dll”, “.msi” files or RedHat Linux “.rpm” file, or very common “.zip”, “.rar”, “.bin”, “.cue” or “.uha” files during their course of action.įorensics world, though have many softwares and tools to handle such kind of situations, but what they lack is, compatibility with all file extensions, ease of interpretation of results, & above all ‘the cost’. If the executable file is in human readable format (ex : a UNIX file having permissions –rwx-r-x-r-x) then the life of investigator is quite simple, since such kind of files could easily be opened in Unix built-in editors like “vi” or “emacs”, or even in MS Windows default editor “Notepad”. Many a time during Forensics investigation or during Reverse Engineering, we come across the need where we have to check or extract the contents of an executable file.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |