Is it possible to repair these corrupted images ?

[samsimon123]

Hey,

1. I'm noob, but I've spent 20 hours to repair this files

2. I tried almost all what I could find on internet

3. I have few jpeg there - for example, for reference, i have one is corrupted and another is not, want to know if corrupted one possible to repair as well?

4. I cannot figure it out

https://drive.google.com/file/d/1q5wnUB ... rlOnk/view

5. I used theses sites as references:



HEX editor online

https://hex-works.com/eng

HEX to image online

https://codepen.io/abdhass/full/jdRNdj

PNG - File contents analysis

"https://asecuritysite.com/forensics/png?file=%2Flog%2Fbasn0g01.png"

Attachments

New folder.rar

(613.35 KiB) Downloaded 810 times

[fzabkar]

Contact forum member "Arch Stanton".

https://www.disktuna.com/

[samsimon123]

Contact forum member "Arch Stanton".

https://www.disktuna.com/

I just register, not sure how to contact him here\? can you guide a bit? thx

[Arch Stanton]

I only checked the JPEGs. Unfortunately they don't contain JPEG data. Any idea how they became corrupt? Are they recovered files?

[samsimon123]

I only checked the JPEGs. Unfortunately they don't contain JPEG data. Any idea how they became corrupt? Are they recovered files?

crazy story, I copy from 1 HD to 2 HD images..... then I didn't check, and few images didn't transfer.... before that I formatted HD 1 and installed windows on it.... Yes, I recovered 10-15 copies of these images but they all corrupted (strange) - and they have 2-3 versions of HEX.... I was able to get 20% of images somehow playing with HEX.... I don't recall how I did it - I was using online service HEX to Image....
Autopsy 4.15.0 software may help?

[Arch Stanton]

Doesn't make any sense to me what you're saying. These JPEGs are just binary blob with super high entropy (could be encrypted data) with many invalid JPEG markers throughout the entire files. Combination of that suggests it's not JPEG data.

I don't know Autopsy or what it can do.

Point is, that if you used some file recovery or undelete tool that 'produced' these files then they got it wrong. Could be due to the files being overwritten or that your undelete tool took a wrong turn. If the latter it may be worth trying to recover again using a different method. if you used a file system based recovery tool to recover these files, I'd try to carve instead.

[samsimon123]

I'd try to carve instead.

I don't know what carve is, what does it mean exactly? what I need to do ? thx

[Arch Stanton]

Sorry, I should have explained that.

So a normal undeleter or file recovery tool scans for file system structures. Such a structure could contain a filename, file size and points to clusters allocated to a file. A file recovery tool then follows these pointers and this way it can recover the file data. If these pointers are off or the file recovery tool didn't correctly work out the start of the file system and/or cluster size, which renders these pointers useless, it will recover corrupt files.

A carver or raw scanner instead scans for byte sequences that are typical and somewhat unique to be found inside a specific file type. So for example JPEGs start with bytes FF D8 FF. Simplest carver will now assume it found the start of a JPEG file and will save everything from this point up to the end of the file to a new file. PhotoRec is an example of a carver, it is open source and free to use.

Many file recovery tools actually use both methods, so they scan for file system structures as well as file signatures.

[samsimon123]

Interesting, I see, photorec also able to aid with PNG files?

[samsimon123]

Many file recovery tools actually use both methods, so they scan for file system structures as well as file signatures.

wow, thanks - this is one of the fastest and efficient software that I've tried (I've tried 10 most popular ones so far)
1. As I see it also recovers cache images from browsers history?
2. I cannot find my picture by name.... because all the recovered pictures have generic assigned name starting with F****** (*numbers)
any tips?