After a scan disk i have a lot of CHK-files in folders like "found.000", ...
I can find out the extensions with the file command:
for i in /media/Daten/found.*/*.chk ; do file $i; done
how can I use this to reconstruct all file extensions to these files?
On
To recover specific file types, first see what's there. Tested on OS X:
file --mime -b /media/Daten/FOUND.*/*.CHK | sort | uniq
application/octet-stream; charset=binary
application/ogg; charset=binary
application/pdf; charset=binary
application/zip; charset=binary
audio/x-wav; charset=binary
image/jpeg; charset=binary
image/png; charset=binary
video/3gpp; charset=binary
Then, for the types you want to keep:
mkdir /tmp/renamed
for f in /media/Daten/FOUND.*/*.CHK
do file --mime $f \
| perl -n -e \
'/^([^.]*).*(3gpp|jpeg|ogg|png|wav)/ && print "$1.CHK /tmp/renamed/$1.$2\n"' \
| xargs cp
done
This uses file --mime (or file -I, or file -i on Linux) to determine the MIME type, then passes the line with both the filename and the MIME type to Perl, which uses a regular expression to capture the base name (like FILE0001) and the file type (like jpeg) and prints a line like FILE0001.CHK /tmp/renamed/FILE0001.jpeg. Finally, that line is passed to cp.
(The \ continues a single-line command on the next line.)
This technique WILL NOT WORK FOR ALL FILES. I used to use this to help with data recovery.
The way this works is it uses the mime type functionality in the
filecommand then greps /etc/mime.types for it, picks the first extension in the list and then renames the file to that.This command will do mass renames, it will move first and ask questions later, so be 100% sure you're running this on the correct directory.
Next time, do not use chkdsk to recover files. You can damage them beyond repair. chkdsk will OM NOM NOM your data and burp afterwards. Always use recovery software to get back the files you need before you chkdsk.
Generally, the files are named .CHK though, not .chk (just fyi.)