Total Hit Counter

dd command examples

 Learning Linux dd command with examplesLinux command syntaxLinux command descriptionFile systems
dd if=/dev/urandom of=/dev/sda bs=4k
Fills the drive with random data
dd if=/dev/sda of=/dev/sdb bs=4096
Drive-to-drive duplication
dd if=/dev/zero of=/dev/sda bs=4k
Clean up a hard drive (may need to be repeated)
dd if=inputfile of=/dev/st0 bs=32k conv=sync
Copy from file to tape device
dd if=/dev/st0 of=outfile bs=32k conv=sync
The above, reversed
dd if=/dev/sda | hexdump -C | grep [^00]
Check if drive is really zeroed out
dd if=/dev/urandom of=/home/$user/hugefile\
 bs=4096
Fills out a partition (careful with system partitions!)
ls -l myfile
-rw-r--r-- 6703104 Oct 31 18:25 myfile
dd if=/dev/urandom of=myfile bs=6703104 count=1
Scramble a file (maybe before deleting it)
dd if=/dev/sda3 of=/dev/sdb3 bs=4096 \
conv=notrunc,noerror
Copy a partition to another partition
dd if=/proc/filesystems | hexdump -C | less
View available filesystems
dd if=/proc/partitions | hexdump -C | less
View availble partitions in kb
dd if=/dev/sdb2 ibs=4096 | gzip > partition.image.gz \
conv=noerror
Creates a gzipped image of the second partition 
of the second disk
dd bs=10240 cbs=80 conv=ascii,unblock\
 if=/dev/st0 of=ascii.out
Copy the contents of a tape drive to a file, converting
from EBCDIC to ASCII
dd if=/dev/st0 ibs=1024 obs=2048 of=/dev/st1
Copy from 1KB block device to 2KB block device
dd if=/dev/zero of=/dev/null bs=100M count=100
100+0 records in
100+0 records out
10485760000 bytes (10 GB) copied,

5.62955 s, 1.9 GB/s
Copy 10 GB of zeros to the garbage can.
dd if=/dev/zero of=/dev/sda bs=512 count=2
fdisk -s /dev/sda
dd if=/dev/zero of=/dev/sda seek=\
(number_of_sectors - 20) bs=1k
Erase GPT from disk. Since GPT writes data at the beginning
AND at the end of the drive, after 
erasing from the beginning, we need to find out the number 
of sectors (second command), then erase the last 20 sectors.
dd if=/home/$user/bootimage.img of=/dev/sdc
Create bootable USB drive (here shown as /dev/sdc)
dd if=/dev/sda of=/dev/null bs=1m
A good way to check for bad blocksBackup and system-related
dd if=/dev/sda of=/dev/fd0 bs=512 count=1
Copies the MBR to a floppy
dd if=/dev/sda1 of=/dev/sdb1 bs=4096
Drive-to-drive duplication
dd if=/dev/sr0 of=/home/$user/mycdimage.iso\
 bs=2048 conv=nosync
Create an image of a CD
mount -o loop /home/$user/mycdimage.iso\
 /mnt/cdimages/
Mount said image locally
dd if=/dev/sda of=/dev/sdb bs=64k conv=sync
Useful when replacing a disk with another of identical size
dd if=/dev/sda2 of=/home/$user/hddimage1.img\
 bs=1M count=4430
dd if=/dev/sda2 of=/home/$user/hddimage2.img\
 bs=1M count=8860
[...]
Create DVD images of a partition (useful for backing up)
dd if=/$location/hddimage1.img of=/dev/sda2\
 bs=1M
dd if=/$location/hddimage2.img of=/dev/sda2\
 seek=4430 bs=1M
dd if=/$location/hddimage3.img of=/dev/sda2\
 seek=8860 bs=1M
[and so on...]
Restore from above backup
dd if=/dev/zero count=1 bs=1024 seek=1 of=/dev/sda6
Destroy the superblock
dd if=/dev/zero count=1 bs=4096 seek=0 of=/dev/sda5
Another way to destroy the superblock
dd if=/home/$user/suspicious.doc | clamscan -
Check file for viruses (needs ClamAV)
dd if=/home/$user/binary file | hexdump -C | less
Look at the contents of a binary file (needs hexdump)
dd if=/home/$user/bigfile of=/dev/null
dd if=/dev/zero of=/home/$user/bigfile \
bs=1024 count=1000000
Benchmarks hard drive for read/write speed
dd if=/dev/sda of=/dev/sda
Gives new life to older hard drives that haven't been used for a while (disk must be unmounted)
dd if=/dev/mem | strings | grep 'string_to_search'
Examine memory contents (human-readable, that is)
dd if=/dev/fd0 of=/home/$user/floppy.image\
 bs=2x80x18b conv=notrunc
Copy a floppy disk
dd if=/proc/kcore | hexdump -C | less
View virtual memory
dd if=/proc/filesystems | hexdump -C | less
View available filesystems
dd if=/proc/kallsyms | hexdump -C | less
View loaded modules
dd if=/proc/interrupts | hexdump -C | less
View interrupt table
dd if=/proc/uptime | hexdump -C | less
View uptime in seconds
dd if=/proc/partitions | hexdump -C | less
View availble partitions in kb
dd if=/proc/meminfo | hexdump -C | less
View memstats
dd if=/dev/urandom of=/home/$user/myrandom \
bs=100 count=1
Creates a 1kb file of random gibberish
dd if=/dev/mem of=/home/$user/mem.bin\
 bs=1024
Creates an image of the actual state of your system memory
dd if=/home/$user/myfile
Prints the file to stdout
dd if=/dev/sda2 bs=16065 | hexdump -C\
 | grep 'text_to_search'
Search an entire partition for a string; even if it's secured,
you can boot a liveCD
dd if=/home/$user/file.bin skip=64k bs=1\
 of=/home/$user/convfile.bin
Copy file.bin to convfile.bin skipping the first 64 kB
dd if=/home/$user/bootimage.img of=/dev/sdc
Create bootable USB drive (here shown as /dev/sdc)
dd if=/dev/mem bs=1k skip=768 count=256 \
2>/dev/null | strings -n 8
Read BIOS.
dd bs=1k if=imagefile.nrg of=imagefile.iso skip=300k
Convert Nero image into ISO standard image. 
This is possible because the only difference between 
the two is a 300 kB header Nero adds to a standard ISO file.
echo -n "hello vertical world" | dd cbs=1 \
conv=unblock 2> /dev/null
Try it, it's safe. :-)
dd if=/dev/sda1 | gzip -c | split -b 2000m - \
/mnt/hdc1/backup.img.gz
Create a gzipped image of a partition using split

cat /mnt/hdc1/backup.img.gz.* | gzip -dc |\
 dd of=/dev/sda1
Restore above backup

dd if=/dev/zero of=myimage bs=1024 count=10240
Create an empty disk image

dd ibs=10 skip=1
Strip first 10 bytes of stdin

dd bs=265b conv=noerror if=/dev/st0 \
of=/tmp/bad.tape.image
Make image of a tape drive with bad spots

dd if=/dev/sda count=1 | hexdump -C
View your MBR

dd if=/dev/sda | nc -l 10001 
nc $system_to_backup_IP 10001 | dd\
 of=sysbackupsda.img
Fast network backup using netcat
dd if=/dev/zero of=/dev/sdX\
 bs=1024000 count=1
Clear first 10MB of the partition
dd if=/dev/zero of=tmpswap bs=1k\
 count=1000000
chmod 600 tmpswap
mkswap tmpswap
swapon tmpswap
Create temporary swap space
dd if=/dev/sda of=/dev/null bs=1024k \
count=1024
1073741824 bytes (1.1 GB) copied, 
24.1684 s, 44.4 MB/s
Determine sequential I/O speed of your drive. Reading 1GB file
dd if=/dev/random count=1 2>/dev/null | od -t u1 |\
 awk '{ print $2}' | head -1
Generate random number
dd if=/dev/mem of=myRAM bs=1024
Copy RAM memory to a file
dd if=/dev/sda bs=512 count=1 | od -xa
See content of your MBR in hex and ASCII format
dd if=/my/old/mbr of=/dev/sda bs=446 count=1
Restore MBR without disturbing partition table record 
which is between 447 - 511 bytes
dd if=/dev/sda1 | split -b 700m - sda1-image
Create a partition copy and save images where maximum
volume size is 700MBText manipulation
ls -l | dd conv=ucase
Convert the output of a command to uppercase
echo "MY UPPER CASE TEXT" | dd conv=lcase
Convert any text to lowercase
dd if=/etc/passwd cbs=132 conv=ebcdic of=/tmp/passwd.ebcdic
Convert the system password file to fixed-length EBCDIC-format file
dd if=text.ascii of=text.ebcdic conv=ebcdic
Convert from ASCII to EBCDIC
dd if=myfile of=myfile conv=ucase
Convert a file to uppercase (simple sed or tr replacement)

No comments:

Post a Comment

Subscribe to: Posts (Atom)