As all of us know, Linux is an open source operating system which means anyone can download underlying source code, we can modify source code, and also we can distribute it - commercially or non-commercially under licenses such as the GNU General Public License. Most important thing is that Linux is available to download free of cost. In case of Linux if we're familiar with commands then we can do whatever we want! Nowadays number of people have started using Linux and if you're having keen interest in Linux and suppose you're working on an important document and the following things happen:
The application crashes!You close it without saving orYou save over a document you had just opened!Then question comes in our mind, what to do when such situation occurs? Is there any solution of this problem? In this article, we'll show a way by which you can retrieve data from the Random Access Memory.
Solution:
Suppose you have lost what you had on the screen, many people forget that the computer still has it stored in the RAM. We just need to find a way to get it. Every step you take after the realisation of the loss can cause pieces of it to get overwritten (since this memory is now marked as free by the OS). First step is to create a snapshot of your current RAM. If you have an enough size RAM, this can take over 1 GB of space on your hard drive.
cp /dev/mem ~/memory.binAfter it's done copying, you can access the file using the command less:
less ~/memory.binWhen the program starts, it will report that it is trying to compute line numbers. By hitting Ctrl+c once skip this. Now search for a unique word that you remember, typing in your document by hitting the forward slash (/) followed by the word (e.g., /trickle). After much churning, matches will be displayed. Hit the up and down arrow keys to scroll from the hit point. To continue searching for the same phrase, simply hit '/' and Enter again. Once you find out your document, it may be in bad shape, but there should be enough information left to be copied out of the terminal.
Remember:
You must be logged in as the root to read the memory device.You will save a lot of file space and make your job easier if you use this line,cat /dev/mem | strings >~/memory.binIf you have any suggestions, problems then share with us in form of comments below.
Rajesh Namase is owner and creator of Tips and Tricks technology blog. He is interested in Internet technology, web development, computer security and programming on Linux. Checkout his latest article: Recover Deleted Files
No comments:
Post a Comment