Hi,

what is the best tool using kali to dump a CF card and the code out of it?

Thanx,

phallex

EDIT: I can copy the CF using dd if=/dev/sdX of=card.img

Filesystem is: card.img: x86 boot sector, code offset 0x0

disktype results:

Regular file, size 7.632 GiB (8195080192 bytes)
FAT32 file system (hints score 2 of 5)
Volume size off the scale (18446744073707101696 bytes, 18446744073709546831 clusters of 512 bytes)


...but any mount fs type does fail.

How can I proceed to mount the unknown filesystem using Kali, please ?

what commands did you use throughout your attempts.

I use dd for a similar job.
But in my case it was an bootable windows 7 sdhc card.


root@kali:~#dd if=/dev/sdb1 of=/root/Desktop/win_install_sdcard

Try


root@kali: file card.img


If i do this with my win_install_sdcard
It says:


root@kali:~# file win_install_sdcard
win_install_sdcard: x86 boot sector, Microsoft Windows XP Bootloader (4.german), code offset 0x58, OEM-ID "MSDOS5.0", sectors/cluster 16, reserved sectors 2242, Media descriptor 0xf8, heads 255, hidden sectors 2048, sectors 31289344 (volumes > 32 MB) , FAT (32 bit), sectors/FAT 15263, reserved3 0x800000, serial number 0xe611f86d, unlabeled


and I mount it with:


root@kali:~# mkdir /mnt/tmp
root@kali:~# mount win_install_sdcard /mnt/tmp -o loop


Now if you want to find jpeg (or other) files in it, try:


root@kali:~# find /mnt/tmp -name "*.jpg" -print


And just change "*.jpg" to the filetype you want to find.

Or you change into /mnt/tmp and search on your own.

Greetings

Chaos