dd_rescue - Fault tolerant "dd" utility for rescuing data from bad media

Distribution: Fedora 25
Repository: CERT Forensics Tools i386
Package name: dd_rescue
Package version: 1.99
Package release: 1.fc25
Package architecture: i686
Package type: rpm
Installed size: 999.74 KB
Download size: 379.96 KB
Official Mirror: forensics.cert.org
ddrescue is a utility similar to the system utility "dd" which copies data from a file or block device to another. ddrescue does however not abort on errors in the input file. This makes it suitable for rescuing data from media with errors, e.g. a disk with bad sectors. This package includes dd_rhelp, a wrapper script facilitating data recovery.



  • dd_rescue = 1.99-1.fc25
  • dd_rescue(x86-32) = 1.99-1.fc25
  • libddr_crypt.so
  • libddr_hash.so
  • libddr_lzo.so
  • libddr_null.so


    Install Howto

    1. Download cert-forensics-tools-release-25 rpm:
    2. Install cert-forensics-tools-release-25 rpm:
      # rpm -Uvh cert-forensics-tools-release*rpm
    3. Install dd_rescue rpm package:
      # dnf --enablerepo=forensics install dd_rescue


    • /usr/bin/dd_rescue
    • /usr/bin/dd_rhelp
    • /usr/lib/libddr_MD5.so
    • /usr/lib/libddr_crypt.so
    • /usr/lib/libddr_hash.so
    • /usr/lib/libddr_lzo.so
    • /usr/lib/libddr_null.so
    • /usr/share/doc/dd_rescue/COPYING
    • /usr/share/doc/dd_rescue/FAQ.dd_rhelp
    • /usr/share/doc/dd_rescue/README
    • /usr/share/doc/dd_rescue/README.dd_rhelp
    • /usr/share/man/man1/dd_rescue.1.gz
    • /usr/share/man/man1/ddr_crypt.1.gz
    • /usr/share/man/man1/ddr_lzo.1.gz


    2015-09-09 - Lawrence R. Rogers <lrr@cert.org> - 1.99-1 * Release 1.99-1 Version 1.99 brings updates to the ddr_crypt plugin: It adds hardware acceleration for ARMv8 CPUs/SOCs (even if in 32bit mode) -- this is a 10x speedup on AES en/decryption operations. (An Cortex-A57 at 2.1GHz (Exy7420) does ~1GB/s with AES128-CTR.) The ddr_crypt plugin xattr support has been extended and it has an option to process openSSL compatible Salted__ files. A bug in CTR initialization has been fixed. The main program sees improved write error retry logic and better fault injection logic (support for ranges, using absolute positions). There are now more variants of Android binaries.

    2015-05-30 - Lawrence R. Rogers <lrr@cert.org> - 1.98-1 * Release 1.98-1 It has a few improvements such as a few cleanups, a fault injection framework for testing and significantly improved speed of the pseudo RNG. But the important feature is the addtion of a crypt plugin. You can insert it into the plugin chain to de/encrypt data using the AES family of algorithms. (More are planned for the future.) You can use 128/192/256 bit keys and optionally use a higher number of rounds to have an increased security margin. Keys (and IVs) can be generated, saved, retrieved or generated from password and salt. Please be aware that despite diligent testing this is a new plugin -- so be prepared that there will be some changes and bugfixes to it in the near future.

    2014-08-09 - Lawrence R. Rogers <lrr@cert.org> - 1.46-1 * Release 1.46-1 ddr_hash now supports calculating HMACS instead of plain hashes. The hash calculation has been cleaned up a bit. When a seed val of 0 is passed on the command line, additional randomness is created using the rdrand() command on x86/x86-64 (if available). (2014-06-27) A vulnerability in most implementations of lzo decompression has been reported. The liblzo2 library (up to and including v 2.06) used by the ddr_lzo plugin (until dd_rescue-1.45) is affected. You need i to feed specially crafted compressed data in blocks of 16MB or larger to the decompressor on 32bit platforms to exploit it, see the report for more details. (This issue has ID LMS-20140616-1/ CVE-2014-4607.) The man page ddr_lzo advises to be careful when feeding data from untrusted sources to the decompressor; it seems that this advice has been wise. Fortunately, ddr_lzo does not normally feed such large blocks to the decompressor; you'd need to manually increase the soft block size to at least 8MB and ignore a warning to trigger this issue with dd_rescue. But it is possible. So here's my advice: Update liblzo2 to 2.07 (or a fixed 2.06 version) which has this issue fixed (your Linux distributor should provide this very soon). This is enough to fix the issue, as the ddr_lzo plugin of dd_rescue does dynamically link against liblzo2, except for Android. If using my provided Android binaries, redownload and reinstall the libddr_lzo.so binary (now with version number 1.45a), which has been compiled against liblzo2.a v 2.07 or better use the binaries from 1.46. Be careful with media consumption -- ffmpeg/mplayer seems to be badly affected by this issue, even on 64bit platforms.

    2014-05-27 - Lawrence R. Rogers <lrr@cert.org> - 1.45-1 * Release 1.45-1 ddr_hash received a bugfix (sha512/sha384 could overflow a buffer). It gained support for sha1 hash. ddr_hash can now conveniently retrieve (and check) and store hashes in xattrs and md5sum/sha256sum/... style files. A new null plugin (ddr_null) was added.

    2014-05-23 - Lawrence R. Rogers <lrr@cert.org> - 1.44-1 * Release 1.44-1 The plugin libddr_MD5.so (short ddr_MD5) has been renamed to ddr_hash, reflecting that we also support sha1, sha256, sha224, sha512, sha384 now. Checks have been added to the test suite and the documentation been updated accordingly.