# Exporting SQLite blob data from standalone SQLite database using command line tools

There may be times when you're reviewing a SQLite database and identify certain fields contain data you wish to export. This data could be anything, including raw text and binary/hex. I recently saw a question regarding the Unarchiver application on iOS, where an analyst had 160+ photographs stored as blob data within certain fields. It would be a trivial task to copy/paste a few fields and save them as photographs/images, but that wouldn't work with 160+, it's time consuming, prone to error, and not as easy to document.

To test my proposed process, I created a database 'testdb.db' which contained a single table called 'photo', and two fields named 'photodata' and 'key'. I imported hex data of a dog as key 1, and hex data of a cat as key 2.

Install sqlite command line tools (can be used on a standalone virtual machine, or WSL/WSL2)

```
$ sudo apt install sqlite3
```

The following one-liner will use sqlite command line tools to query all key values, pipe that into while, read it as an ID value, then use writefile (a command within sqlite tools), and write each corresponding binary blob as a unique file.

```
sqlite3 testdb.db "SELECT key from photo" | while read id; do echo SELECT writefile\(\'export-key-$id.jpg\', photodata\) FROM photo WHERE key = $id\;; done | sqlite3 testdb.db
```

This will allow you to recursively export all blob data for each field, and save it as a unique file. The added advantage of this is that the file names will contain a corresponding key value, it is easier to document and explain to your audience, and is of course programmatic and saves time.

<figure><img src="/files/UvotH9u1twNQxYIkV5iV" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.iblue.team/general-notes-1/exporting-sqlite-blob-data-from-standalone-sqlite-database-using-command-line-tools.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.