Digital Forensics & Incident Response
Search
K

UFS, FFS, BTRFS, XFS

UFS, FFS - coming shortly.

2GB BTRFS

Single ext4 volume created/formatted on a Linux Mint host, at ~22:36ACST 22nd August 2023.
SHA1
217e3188db45e716979013498cdab096d55bc411 2GB-btrfs-raw.001
0f3bb07b5e6b44ecdb99a5f52c9cb9e029e3461c 2GB-btrfs-raw.zip
217e3188db45e716979013498cdab096d55bc411 LINUX-MINT-2.vmdk
1ffee3126faa32743b8bc33363bfe58e5138ad09 LINUX-MINT-2.zip
2GB empty volume
$ md5sum /dev/sdb
a981130cf2b7e09f4686dc273cf7187e /dev/sdb
$ mkfs.btrfs /dev/sdb
btrfs-progs v5.16.2
See http://btrfs.wiki.kernel.org for more information.
NOTE: several default settings have changed in version 5.15, please make sure
this does not affect your deployments:
- DUP for metadata (-m dup)
- enabled no-holes (-O no-holes)
- enabled free-space-tree (-R free-space-tree)
Label: (null)
UUID: a8201ae2-3eaf-446d-b004-fee6a011dfaa
Node size: 16384
Sector size: 4096
Filesystem size: 2.00GiB
Block group profiles:
Data: single 8.00MiB
Metadata: DUP 102.38MiB
System: DUP 8.00MiB
SSD detected: no
Zoned device: no
Incompat features: extref, skinny-metadata, no-holes
Runtime features: free-space-tree
Checksum: crc32c
Number of devices: 1
Devices:
ID SIZE PATH
1 2.00GiB /dev/sdb
$ date
Thu 24 Aug 2023 17:47:55 ACST
$ echo "https://iblue.team" > /mnt/btrfs/notes.txt
$ cat /mnt/btrfs/notes.txt
https://iblue.team
root@mint:~# umount /mnt/btrfs

2GB XFS (single volume)

Previously attached /dev/sdb (MD5 a981130cf2b7e09f4686dc273cf7187e)
$ dd if=/dev/zero of=/dev/sdb
$ md5sum /dev/sdb
a981130cf2b7e09f4686dc273cf7187e /dev/sdb
$ mkfs.xfs /dev/sdb
meta-data=/dev/sdb isize=512 agcount=4, agsize=131072 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=1, rmapbt=0
= reflink=1 bigtime=0 inobtcount=0
data = bsize=4096 blocks=524288, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0, ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
$ mkdir /mnt/xfs
$ mount /dev/sdb /mnt/xfs
$ echo "https://iblue.team" > /mnt/xfs/notes.txt
$ cat /mnt/xfs/notes.txt
https://iblue.team
$ umount /mnt/xfs
Previous
ZFS
Next
ext4, LVM, and LUKS1/LUKS2
Last modified 30d ago