0
1
How can one search a raw disk for a pattern and return its location?
The disk is not formatted, or at least, it uses a format unknown to Linux, grep and similar tools would not be useful.
A command line example would be appreciated. GUI based tool would also be fine, either Unix/Linux or Windows. Thank you.
gsl
Posted 2019-08-05T06:04:31.353
Reputation: 177
1
Why would grep not be useful? Here is an example of grep returning the byte position of the EFI PART signature at LBA 1 (starting at 512 bytes in) and at LBA -1 (at the end of the disk):
deltik@box52 [~]$ sudo grep -a -o -b 'EFI PART' /dev/nvme0n1 512:EFI PART 41661792:EFI PART 412075976:EFI PART 412207048:EFI PART 587940832:EFI PART 512110190080:EFI PART
Explanation of grep options:
-a/--text – treat binary as text-o/--only-matching – returns only matching results-b/--byte-offset – returns the byte offset of the match in the file
Deltik
Posted 2019-08-05T06:04:31.353
Reputation: 16 807
Splendid, I completely forgot about grep
--textoption. Thank you. – gsl – 2019-08-05T07:49:34.793