Few people know that when you take photos there is also a thumbnail embeded inside the file, even some forensic guys may have no idea about this important clue. That means if you see a damaged photo, you could try to extract the thumbnail inside the photo, thus you could see it clearly. Let me show you how to do it manually with Winhex.

1. A damaged photo, some part of it is missing, so we could not see the face of our suspect clearly...

2.Open it with Winhex, and search hex value "FFD8FF" which means the file header of JPGs. There are two hits, and the second one is the header of thumbnamil we're looking for.

3. Go to the second hit and mark it as the begining of block.

4.Search hex value "FFD9" which means the footer of JPGs and go to the footer of thumbnail we're looking for. Also mark it as the end of block.

5. Now we could copy this block into a new file.

6. That's it. Now you could see the face of our suspect, including the weapon on his/her hans and viechle...

7. Of course some tools could do this for you, still you have to know why and how and take it into practice.

Recover damage pictures to see the crime scene的更多相关文章

  1. [转帖]IOC Security: Indicators of Attack vs. Indicators of Compromise

    IOC Security: Indicators of Attack vs. Indicators of Compromise https://www.crowdstrike.com/blog/ind ...

  2. A planning attack on a commuter train carriage in Taipei

    Last night an explosion on a commuter train carriage in Taipei Songshan railway station wounded at l ...

  3. 犯罪现场调查第一季/全集CSI迅雷下载

    英文译名 CSI (第1季) (2000首播)CBS. 本季看点:<犯罪现场调查>赌城拉斯维加斯吸引着做发财梦的人,也吸引着形形色色的罪犯,该市警察局的犯罪现场调查局在全美国名列第二.该剧 ...

  4. [C5] Andrew Ng - Structuring Machine Learning Projects

    About this Course You will learn how to build a successful machine learning project. If you aspire t ...

  5. 1163 - Bank Robbery

    1163 - Bank Robbery   In one very cold morning, Mark decides to rob a bank. But while trying hacking ...

  6. oracle_How to Recover Data (Without a Backup!)

    How to Recover Data (Without a Backup!) It's the classic career-limiting maneuver(职业限制机动): accidenta ...

  7. Leetcode 笔记 99 - Recover Binary Search Tree

    题目链接:Recover Binary Search Tree | LeetCode OJ Two elements of a binary search tree (BST) are swapped ...

  8. [LeetCode] Recover Binary Search Tree 复原二叉搜索树

    Two elements of a binary search tree (BST) are swapped by mistake. Recover the tree without changing ...

  9. Unity Game窗口中还原Scene窗口摄像机操作 强化版

    之前写的那个版本看来真的是不行啊.最近研究了一下官方第一人称脚本,人家的平滑过渡真的是没得说.借鉴了一下,写出来了一个新的比较完美的控制. 之前我们的操作是通过鼠标输入的开始坐标和转动坐标.其实官方有 ...

随机推荐

  1. php 消息队列

    本消息队列用于linux下,进程通信 #根据路径和后缀创建一个id $key = ftok(__DIR__, 'R'); #获取队列中的消息 $q = msg_get_queue($key); #删除 ...

  2. js方法收藏

    1.验证非负数字 //onfocusout="checkQty(this);" function checkQty(obj) { //排除0开头的非法输入 if (obj.valu ...

  3. Java注解教程:自定义注解示例,利用反射进行解析

    Java注解能够提供代码的相关信息,同时对于所注解的代码结构又没有直接影响.在这篇教程中,我们将学习Java注解,如何编写自定义注解,注解的使用,以及如何使用反射解析注解. 注解是Java 1.5引入 ...

  4. EventBroker

    Sample publisher Publish an event topic: ? 1 2 3 4 5 6 7 8 9 10 public class Publisher {     [EventP ...

  5. 衔接UI线程和管理后台工作线程的类(多线程、异步调用)

    一个不错的UI多线程操作类 http://www.cnblogs.com/net66/archive/2005/08/03/206132.html

  6. ruby4种比较符号

    The == comparison checks whether two values are equal eql? checks if two values are equal and of the ...

  7. nginx 环境搭建(基于linux)

    Nginx是一种服务器软件,故而其最主要.最基本的功能当然是可以与服务器硬件结合,让程序员可以将程序放在Nginx服务器上,将程序发布出去,让成千上万的网民可以浏览.除此之外,Nginx是一种高性能的 ...

  8. [ActionScript3.0] 传递任意数量的参数

    function setAgument(a:int,...rest):void{ for(var i:int=0;i<rest.length;i++){ trace(rest[i]); }}se ...

  9. Ubuntu 之 initramfs 报错解决之一

    问题出现: ubuntu 更新后,编辑文件提示权限不够,并提示更新错误,重启后进入 initramfs ,仔细看提示错误有: file system check of the root filesys ...

  10. esriSRGeoCS3Type Constants

    ArcGIS Developer Help  (Geometry)     esriSRGeoCS3Type Constants More available geographic coordinat ...