Previously we showed how to access a Linux Logical Volume Manager partition inside a forensic disk image. We were looking for a way to access the LVM partition in Windows, and Arsenal Recon helped us out!
Thank you to our Members and Patrons, but especially to our Investigators, TheRantingGeek, Roman, and Alexis Brignoni! Thank you so much!
This video is about a (currently unreleased v3.9) of Arsenal Image Mounter that supports Linux partitions in forensic disk images. As well as new support for LVM partitions! Now you can easily mount LVM and EXT4 Linux Logical Volumes as a logical disk in Windows! Best of all, you can access the Linux file system just like a local disk!
Check out how easy it is, and look for the official release of Arsenal Image Mounter v3.9 (arsenalrecon.com/downloads/)
00:00 Backstory - Arsenal Image Mounter and Linux Logical Volume Manager
01:14 Download Arsenal Image Mounter
01:50 Arsenal Image Mounter
02:07 Mount the forensic disk image
02:22 Arsenal Image Mounter Options for a Linux Physical Disk
03:06 Arsenal Image Mounter - Mounted Image Information
03:21 Access the suspect Linux data as a Windows disk
03:51 Geeking out a bit...
04:07 What can you do with it?
🚀 Full Digital Forensic Courses → learn.dfir.science
Links:
* Arsenal Recon (arsenalrecon.com)
* Info about LVM (linuxhandbook.com/lvm-guide/)
#windows #forensics #arsenalrecon #linux #dfir
010001000100011001010011011000110110100101100101011011100110001101100101
Get more Digital Forensic Science
👍 Subscribe → bit.ly/2Ij9Ojc
❤️ YT Member → bit.ly/DFIRSciMember
❤️ Patreon → / dfirscience
🕸️ Blog → DFIR.Science
🤖 Code → github.com/DFIRScience
🐦 Follow → / dfirscience
📰 DFIR Newsletter → bit.ly/DFIRNews
010100110111010101100010011100110110001101110010011010010110001001100101
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Please link back to the original video. If you want to use this video for commercial purposes, please contact us first. We would love to see what you are doing.