Convert date/time into hex

Just a wild guess and I have not tried it

can you use the HexDisplay.pm script

http//www.krugle.org/kse/files/cvs/cvs.sourceforge.net/snark/Snark/NBK/Util/HexDisplay.pm

with perl ?

Stamitz

Hi Johan,

On my FBCD there is a program, Delve, that allows you to input one date/time and convert it to all other formats. You can see a screen shot of this utility on page 18 of the PDF here;

www . forensicbootcd. com/con/dv/dv.pdf

(Just remove the spaces above)

The reason I created this utility was because I often view meta data and have date/time stamps not in human readable and I'd like to convert them. The reverse might be helpful for you, taking the human readable and converting into the other formats.

regards,

farmerdude

I have written software that does the same, except is command line.

It is located at www.live-forensics.com/download

Try http//software.ccschmidt.de/small_detail.html#UTC

Works in both "directions".

Another application that works in both directions called "ClockSmith"

"Clocksmith can be used to decode timestamps recovered from various different sources. Timestamps can also be created using Clocksmith to assist with analysing data."

http//evigator.com/free-apps/

My TimeLord utility wil do it. Enter the time in the 'Time Encoder' tab and it will show you the HEX version in 14 formats. It can show these in Big or Little Endian and if you want to search for this time in (say) EnCase then it will generate the grep expression.

Oh, and it's free

http//computerforensics.parsonage.co.uk/timelord/timelord.htm

Paul

Paul, considering your TimeLord application is on my workstation desktop I'm not sure why I didn't think of that 1st.

Paul, considering your TimeLord application is on my workstation desktop I'm not sure why I didn't think of that 1st.

Shameful wink

If you are interested in searching for a date or a date range in various formats then RevEnge can do this. You can search a binary file, raw image or encase image.

www.sandersonforensics.com/revenge.html