Given a block of data (which the filesystem thinks is the whole drive) and the type of filesystem (fat32, ntfs, ext3) I would like to know how to extract files out of that block of data. Any ideas on how to do this?
Asked
Active
Viewed 795 times
2 Answers
2
You ultimately have two options:
- Mount the filesystem contained in the virtual disk image on the host machine. Tools like
losetupcan be helpful to accomplish this. - Find an appropriate library that will allow you to poke at the volume in userspace. Basically, you want a user-mode filesystem driver that will let a program inspect the directory structure and extract files. You might be able to repurpose parts of fuse-ext2 and ntfs-3g.
This all assumes that the virtual disk is just a flat image file, not a specialized container like VMDK or VDI. If it is, you'll either need to extract the flat image or find a library that is capable of providing the flat content to other libraries.
cdhowie
- 158,093
- 24
- 286
- 300
-
#1 seems really messy or slow because you wouldnt know when to unmount. You could probably unmount immediately after the call, but that would be really slow. – chacham15 Aug 20 '11 at 08:45
-
@chacham15: on the other hand, you would use the same kernel driver that is used normally to mount that filesystem (so it should be very reliable), and the extraction would become just a normal file copy from the mount point to your target directory. – Matteo Italia Aug 20 '11 at 12:45
0
You mount it to some point using
mount image /mount/point -o loop,ro
and access the files in it. Afterwards, you can unmount again.
But I do not understan what this has to do with C or C++.
glglgl
- 89,107
- 13
- 149
- 217
-
1Unfortunately, this direct approach won't work if the virtual disk has a partition table. You'd first have to run `losetup` and give it the byte offset to the partition. – cdhowie Aug 20 '11 at 08:03