Recovering files with Magic Rescue

File Wizardry

Article from Issue 180/2015
Author(s):

The Magic Rescue recovery utility saves corrupt or deleted files by reading a file's magic number.

Free software has no lack of utilities for recovering deleted files. However, over the years, Magic Rescue [1] has proved to be one of the most reliable. In fact, it's so reliable that it continues to be carried by most major distributions despite the fact that it has been unmaintained for several years. A day will probably come when it is obsolete, but, meanwhile, it remains a standard recovery tool.

Magic Rescue works by reading a file's magic bytes or magic pattern – that is, the unique signature that designates each file type. This signature is often, but not always, within the very first bites of a file. If it is not, then you can use a hex editor to find it (Figure 1). It is mostly used by the file command, often behind the scenes. Magic Rescue uses its collection of recipes to recognize the magic bytes in all deleted files of a particular type then saves deleted files to an output directory where they can be sorted.

Magic Rescue might not work on badly fragmented filesystems if it can only find the first chunk of a file; however, even then, it might be able to identify a file type for recovery, as long as the chunk is large enough to contain the complete magic byte.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Data Reconstruction

    One false click can quickly delete important data, or even an entire partition. If a backup tool is missing, only a rescue specialist can help.

    more »
  • SystemRescueCd

    If you accidentally delete data or format a disk, good advice can be expensive. Or maybe not: You can undo many data losses with SystemRescueCd.

    more »
  • Customizing SystemRescue

    You can do more with SystemRescue than just repair broken systems. By adding tools and scripts, you can create a custom rescue environment that meets your needs.

    more »
  • SystemRescueCd

    The SystemRescueCd live system contains numerous tools that you can use to recover deleted files or a defective system.

    more »
  • Kind of Magic: Parted Magic 4.4 Halves RAM Usage, Dial-Up Available

    The Parted Magic LiveCD provides numerous tools for partitioning and data backup and recovery. The newest version 4.4 runs on systems with just 256-MByte RAM and now supports dial-up networking.

    more »
comments powered by Disqus