Platinum Member
Posted 20 July 2014 - 08:26 PM
Hi,
Following the ImDisk example provided by v77 here, I gave it a go for an EWF proxy for ImDisk.
Find here attached the proxy.dll binary along with its source code (in delphi).
To launch the proxy : devio --dll=proxy.dll;dllopen shm:test_proxy c:\test.e01.
To use the proxy from ImDisk : imdisk -a -t proxy -o shm -o ro -f test_proxy -m Z: .
Note the RO flag as EWF can only be mounted as read only.
Regards,
Erwan
proxy_EWF.zip 710.19KB
770 downloads
Platinum Member
Posted 03 May 2015 - 05:28 PM
A new version build with latest libewf.
Built so that it depends on msvcrt.dll and no longer on msvcrtxxx.dll.
Proxy.dll size down to 90k.
Zip contains latest devio.exe and a batch example to launch devio and imdisk in one go.
proxy_ewf.zip 649.48KB
666 downloads
Gold Member
Posted 03 May 2015 - 06:25 PM
Platinum Member
Posted 03 May 2015 - 06:37 PM
Thanks, but either I am doing something wrong or there is something wrong with this proxy_EWF.zip. I can't seem to decompress it.
new zip file.
i have the feeling win8.1 is killing all my zip files these days...
proxy_ewf.zip 649.48KB
710 downloads
Gold Member
Posted 03 May 2015 - 06:49 PM
Works perfectly. Thanks!
But in this case I see quite a lot of messages like "Read request - size:4096 offset:nnnn".
Silver Member
Posted 03 May 2015 - 06:50 PM
Platinum Member
Posted 03 May 2015 - 06:52 PM
hi erwan.l & Olaf,
first I just want to say you guys (incl. Wonko also) are amazing to watch as these new developments come to be here at reboot.pro
for the record though (and the folks who are searching "EWF") this is not Embedded Write Filter (EWF) is it?
following the other threads that youve been working in I noticed this different EWF. can you clarify a bit on that?
Thanks
EWF as in Expert Witness Compression Format.
http://www.forensics...age_file_format
Platinum Member
Posted 03 May 2015 - 06:53 PM
Works perfectly. Thanks!
But in this case I see quite a lot of messages like "Read request - size:4096 offset:nnnn".
Indeed, i did not remove yet the debugging messages.
I had been using these messages for specific debug purposes but no longer need there.
Groups →
Project forge →
ImDisk →
Does ImDisk support drives on External Drive?Started by NobodyWithNoName , 04 Nov 2022  imdisk
|
|
|
||
Groups →
Project forge →
Load_RamDiskStarted by alacran , 28 Aug 2022 imdisk, ramdisk
|
|
|
||
Groups →
Project forge →
ImDisk →
ImDisk stopped working properly on Windows 11Started by NobodyWithNoName , 14 Jun 2022 imdisk, windows11
|
|
|
||
Groups →
Project forge →
ImDisk →
4k Read/Write speed very slow when select "Use AWE physical memory"Started by yygymcu , 08 Feb 2022 imdisk, ramdisk
|
|
|
||
 Answered
Groups →
Project forge →
ImDisk →
RAM Disk Too Small?Started by johnywhy , 23 Apr 2019 imdisk, ramdisk, compression
|
|
|
0 members, 0 guests, 0 anonymous users
