Few people know that when you take photos there is also a thumbnail embeded inside the file, even some forensic guys may have no idea about this important clue. That means if you see a damaged photo, you could try to extract the thumbnail inside the photo, thus you could see it clearly. Let me show you how to do it manually with Winhex.

1. A damaged photo, some part of it is missing, so we could not see the face of our suspect clearly...

2.Open it with Winhex, and search hex value "FFD8FF" which means the file header of JPGs. There are two hits, and the second one is the header of thumbnamil we're looking for.

3. Go to the second hit and mark it as the begining of block.

4.Search hex value "FFD9" which means the footer of JPGs and go to the footer of thumbnail we're looking for. Also mark it as the end of block.

5. Now we could copy this block into a new file.

6. That's it. Now you could see the face of our suspect, including the weapon on his/her hans and viechle...

7. Of course some tools could do this for you, still you have to know why and how and take it into practice.

Recover damage pictures to see the crime scene的更多相关文章

  1. [转帖]IOC Security: Indicators of Attack vs. Indicators of Compromise

    IOC Security: Indicators of Attack vs. Indicators of Compromise https://www.crowdstrike.com/blog/ind ...

  2. A planning attack on a commuter train carriage in Taipei

    Last night an explosion on a commuter train carriage in Taipei Songshan railway station wounded at l ...

  3. 犯罪现场调查第一季/全集CSI迅雷下载

    英文译名 CSI (第1季) (2000首播)CBS. 本季看点:<犯罪现场调查>赌城拉斯维加斯吸引着做发财梦的人,也吸引着形形色色的罪犯,该市警察局的犯罪现场调查局在全美国名列第二.该剧 ...

  4. [C5] Andrew Ng - Structuring Machine Learning Projects

    About this Course You will learn how to build a successful machine learning project. If you aspire t ...

  5. 1163 - Bank Robbery

    1163 - Bank Robbery   In one very cold morning, Mark decides to rob a bank. But while trying hacking ...

  6. oracle_How to Recover Data (Without a Backup!)

    How to Recover Data (Without a Backup!) It's the classic career-limiting maneuver(职业限制机动): accidenta ...

  7. Leetcode 笔记 99 - Recover Binary Search Tree

    题目链接:Recover Binary Search Tree | LeetCode OJ Two elements of a binary search tree (BST) are swapped ...

  8. [LeetCode] Recover Binary Search Tree 复原二叉搜索树

    Two elements of a binary search tree (BST) are swapped by mistake. Recover the tree without changing ...

  9. Unity Game窗口中还原Scene窗口摄像机操作 强化版

    之前写的那个版本看来真的是不行啊.最近研究了一下官方第一人称脚本,人家的平滑过渡真的是没得说.借鉴了一下,写出来了一个新的比较完美的控制. 之前我们的操作是通过鼠标输入的开始坐标和转动坐标.其实官方有 ...

随机推荐

  1. android按钮监听器的四种技术

    android开发中经常会用到各种各样的监听器,android监听器的写法与java又有不同的地方; 1,activity中使用内部类实现接口 ,创建内部类实例  使用add方法  与java类似 创 ...

  2. 点击Listview弹出PopWindow的用法

    先来张截图: 如图点击listview中的Item在item的下方弹出一个框框,这个框框就是用的Popwindow.    用法很简单:首先写一个PopupWindow并自定义它的布局:       ...

  3. ubuntu安装mysql5.7

    sudo apt-get updatesudo apt-get upgradesudo apt-get install mysql-server mysql-client   #自动安装会装上5.7的 ...

  4. ice介绍 z

    什么是ICE(Internet Communications Engine)呢,它是由Zeroc公司开 发的一套开源中间件系统,与DCOM,CORBA,WEB SERVICEDcom类似,支持RPC( ...

  5. iOS学习笔记总结整理

    来源:http://mobile.51cto.com/iphone-386851_all.htm 学习IOS开发这对于一个初学者来说,是一件非常挠头的事情.其实学习IOS开发无外乎平时的积累与总结.下 ...

  6. JS获取两个日期的月份差

    function getMonthBetween(startDate,endDate){ startDate=new Date(startDate.replace(/-/g,'/')); endDat ...

  7. java生产随机字符串

    public static String getRandomString(int length) { //length表示生成字符串的长度 String base = "abcdefghij ...

  8. IDEA的查询引用、调用关系图的功能

    Eclipse的"Call Hierarchy"可以查看一个Java方法或类成员变量的调用树(caller和callee两个方向),非常方便. 在IDEA中类似功能被划分到了三个命 ...

  9. APKTool 提取APK文件的资源

    APK文件本身是一个压缩包,直接用解压工具即可打开,但里面的文件都已被编码为二进制文件格式,不能直接看,比如程序描述文件AndroidManifest.xml. 使用apktool工具可以将这些文件解 ...

  10. poj 2240 Arbitrage bellman-ford算法

    点击打开链接 Arbitrage Time Limit: 1000MS   Memory Limit: 65536K Total Submissions: 13434   Accepted: 5657 ...