in reply to raw file system and registry data

Depends on your OS. On some flavour of *NIX you'd just open up the raw (or block) device file with open() (presuming suitable privileges to do so, of course). Someone else will have to speak as to the situation on Wintendo . . .

Replies are listed 'Best First'.
Re^2: raw file system and registry data
by ketema (Scribe) on Dec 01, 2005 at 20:32 UTC
    Should have been a little more clear...This is pertaining to windows. End goal is to create a script that lists discrepancies between a normal API file system scan and a the raw data from disk. Much like what RootKitRevealer does from sysinternals, but unlike that program written in beloved perl and able to be automated.
[reply]

In Section Seekers of Perl Wisdom