E01 metadata

Hi,

This document specifies the structure of the e01 format

http//code.google.com/p/libewf/downloads/detail?name=Expert%20Witness%20Compression%20Format%20%28EWF%29.pdf

Using that you should be able to decode the header manually.

Thanks,

Chris

Thank you Chris. I looked at that – that's for Linux. I need something for Windows – any suggestions?

Samuel,

The headers mentioned in that excellent paper Chris linked can be seen from any hex editor. Windows has many free hex editors from which to choose

http//cnet.co/S2MhV5

Thank you Chris. I looked at that – that's for Linux. I need something for Windows – any suggestions?

No offence apparently you did not look thoroughly at it. It will perfectly compile on Windows.

Samuel,

The headers mentioned in that excellent paper Chris linked can be seen from any hex editor. Windows has many free hex editors from which to choose

http//cnet.co/S2MhV5

Now I'm intrigued, which hexeditor shows the deflate compressed data as uncompressed ?

Thank you Chris. I looked at that – that's for Linux. I need something for Windows – any suggestions?

No offence apparently you did not look thoroughly at it. It will perfectly compile on Windows.

No offense intended either, but I did spend a fair bit of time with that .tar.gz file, and reading it quite a bit. I don't know how to compile it or to get it to function in Windows. I am sure it works, I just don't know how to get it to work is all –

Thank you Chris. I looked at that – that's for Linux. I need something for Windows – any suggestions?

No offence apparently you did not look thoroughly at it. It will perfectly compile on Windows.

No offense intended either, but I did spend a fair bit of time with that .tar.gz file, and reading it quite a bit. I don't know how to compile it or to get it to function in Windows. I am sure it works, I just don't know how to get it to work is all –

Most of the windows compilation is described in README.dll, but if your not familiar with building code from source it can be a bit brief. It's not that difficult, let's try option 1 (below) first that might be the most easiest for you.

Extract the libewf package from both the gz and the tar (7z can help you with that)

First you'll need a compiler for Windows you'll have the following options
1. Visual Studio (free expression version available, which is sufficient)
2. Codegear
3. MinGW
4. Cygwin

For both option 1 and 2 you'll need the zlib source (http//zlib.net/)

For option 1 extract the zlib source into libewf/msvsvcp/
Open libewf/msvsvcp/libewf.sln (VS 2010 or later will ask you to convert the project files, which is fine)
Build solution
The executables end up in libewf/msvsvcp/Release/
On other systems the executables require the corresponding Visual Studio Runtime DLLs

For option 2 extract the zlib source into libewf/borland/
Open libewf/borland/codegear/libewf.groupproj
Make or build or projects
The executables end up in libewf/borland/codegear/Release/

Option 3 and 4 are more Linux like but will spit out Windows compatible executables

If you need more help on this just let me know