Few people know that when you take photos there is also a thumbnail embeded inside the file, even some forensic guys may have no idea about this important clue. That means if you see a damaged photo, you could try to extract the thumbnail inside the photo, thus you could see it clearly. Let me show you how to do it manually with Winhex.

1. A damaged photo, some part of it is missing, so we could not see the face of our suspect clearly...

2.Open it with Winhex, and search hex value "FFD8FF" which means the file header of JPGs. There are two hits, and the second one is the header of thumbnamil we're looking for.

3. Go to the second hit and mark it as the begining of block.

4.Search hex value "FFD9" which means the footer of JPGs and go to the footer of thumbnail we're looking for. Also mark it as the end of block.

5. Now we could copy this block into a new file.

6. That's it. Now you could see the face of our suspect, including the weapon on his/her hans and viechle...

7. Of course some tools could do this for you, still you have to know why and how and take it into practice.

Recover damage pictures to see the crime scene的更多相关文章

  1. [转帖]IOC Security: Indicators of Attack vs. Indicators of Compromise

    IOC Security: Indicators of Attack vs. Indicators of Compromise https://www.crowdstrike.com/blog/ind ...

  2. A planning attack on a commuter train carriage in Taipei

    Last night an explosion on a commuter train carriage in Taipei Songshan railway station wounded at l ...

  3. 犯罪现场调查第一季/全集CSI迅雷下载

    英文译名 CSI (第1季) (2000首播)CBS. 本季看点:<犯罪现场调查>赌城拉斯维加斯吸引着做发财梦的人,也吸引着形形色色的罪犯,该市警察局的犯罪现场调查局在全美国名列第二.该剧 ...

  4. [C5] Andrew Ng - Structuring Machine Learning Projects

    About this Course You will learn how to build a successful machine learning project. If you aspire t ...

  5. 1163 - Bank Robbery

    1163 - Bank Robbery   In one very cold morning, Mark decides to rob a bank. But while trying hacking ...

  6. oracle_How to Recover Data (Without a Backup!)

    How to Recover Data (Without a Backup!) It's the classic career-limiting maneuver(职业限制机动): accidenta ...

  7. Leetcode 笔记 99 - Recover Binary Search Tree

    题目链接:Recover Binary Search Tree | LeetCode OJ Two elements of a binary search tree (BST) are swapped ...

  8. [LeetCode] Recover Binary Search Tree 复原二叉搜索树

    Two elements of a binary search tree (BST) are swapped by mistake. Recover the tree without changing ...

  9. Unity Game窗口中还原Scene窗口摄像机操作 强化版

    之前写的那个版本看来真的是不行啊.最近研究了一下官方第一人称脚本,人家的平滑过渡真的是没得说.借鉴了一下,写出来了一个新的比较完美的控制. 之前我们的操作是通过鼠标输入的开始坐标和转动坐标.其实官方有 ...

随机推荐

  1. [物理学与PDEs]书中出现的向量公式汇总

    P 11 1. $\rot (\phi{\bf A})=\n \phi\times{\bf A}+\phi\ \rot{\bf A}$. 2. $-\lap {\bf A}=\rot\rot {\bf ...

  2. jquery实现的下拉和收缩代码实例

    <!DOCTYPE html>  <html>  <head>  <meta charset=" utf-8">  <meta ...

  3. web.xml配置

    <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" ...

  4. IDEA激活服務器

    IDEA: http://www.iteblog.com/idea/key.php webstorm11:http://15.idea.lanyus.com/

  5. oracle decode

    decode()函数简介: 主要作用:将查询结果翻译成其他值(即以其他形式表现出来,以下举例说明): 使用方法: Select decode(columnname,值1,翻译值1,值2,翻译值2,.. ...

  6. Cordova是做什么的

    Cordova提供了一组设备相关的API,通过这组API,移动应用能够以JavaScript访问原生的设备功能,如摄像头.麦克风等. Cordova还提供了一组统一的JavaScript类库,以及为这 ...

  7. (转)C#精确时间计时器

    原文地址:http://blog.sina.com.cn/s/blog_699d3f1b01012vgb.html 1 调用WIN API中的GetTickCount [DllImport(" ...

  8. MySQL主存复制与读写分离的感悟

    1.主存复制: 就是实现数据拷贝,有点实时的感觉,完成数据同步,存储两份数据. 项目开发中,类似场景许多,尤其是异构系统之间的交互,协作.-------------------场景目的:为了安全,各自 ...

  9. JQuery上传插件uploadify优化

    旧版的uploadify是基于flash上传的,但是总有那么些问题,让我们用的不是很舒服.今天主要分享下在项目中用uploadify遇到的一些问题,以及优化处理 官方下载 官方文档 官方演示 下面是官 ...

  10. that-annoying-insert-problem-getting-data-into-the-db-using-dapper

    http://samsaffron.com/archive/2012/01/16/that-annoying-insert-problem-getting-data-into-the-db-using ...