imyxh
commented
4 years ago Perhaps you're aware but the debugfs tool has an lsdel command that lists deleted inodes. Could look at implementing that sort of thing instead of a filename-based output.
Open radare opened 4 years ago
imyxh
commented
4 years ago Perhaps you're aware but the debugfs tool has an lsdel command that lists deleted inodes. Could look at implementing that sort of thing instead of a filename-based output.
radare
commented
4 years ago Sounds like a plan
On 6 Apr 2020, at 20:07, Ian Huang notifications@github.com wrote:
Perhaps you're aware but the debugfs tool has an lsdel command that lists deleted inodes. Could look at implementing that sort of thing instead of a filename-based output.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
Right now we can do
mito get the offset for given file. but we have no way to determine the filename from the offset.Also, there's no way to enumerate deleted files. not even in FAT.
The mi feature only works for FAT btw, and we have no tests