Autopsy 4 Development on GNU/Linux & OS X

Get help with module writing or platform code changes.

Moderator: carrier

Re: Autopsy 4 Development on GNU/Linux & OS X

Postby fdicarlo » Wed Nov 30, 2016 5:34 pm

Hoyt wrote:Hello fdiacarlo...

I've been a bit distracted lately and haven't worked on this since OSDFCon. From there I was working on the RegRipper scripts trying to get them to run properly under Linux. There's that, along with the other binaries, such as PhotoRec, that have to be addressed. The big question in my head at the time was about whether or not it would be better to simply make calls to those after they've been natively installed instead of trying to run them as proper modules. When you start thinking about it, it can become quite a dilemma either way.


RegRipper, great tool, I had to do some operations but is finally working on my laptop following this guide: https://linuxconfig.org/how-to-install-regripper-registry-data-extraction-tool-on-linux
fdicarlo
 
Posts: 2
Joined: Tue Nov 22, 2016 5:38 pm
Location: Dublin, Ireland

Re: Autopsy 4 Development on GNU/Linux & OS X

Postby Hoyt » Sat Mar 11, 2017 4:05 pm

Just an update...

I've been getting some email about what's going on with this project. We're still working on this, guys. It's not an abandoned issue and will gain meaningful traction at some point in the near future. Basis Tech is committed to the idea, too, so it's not just us independent guys who are invested. There will be real news soon.

Hoyt
Hoyt
 
Posts: 61
Joined: Thu Dec 11, 2014 4:02 am
Location: Little Rock, AR

Re: Autopsy 4 Development on GNU/Linux & OS X

Postby slippery » Fri Jun 02, 2017 1:44 pm

I'm interested, how can I help?
slippery
 
Posts: 1
Joined: Fri Jun 02, 2017 1:42 pm

Re: Autopsy 4 Development on GNU/Linux & OS X

Postby Hoyt » Thu Jul 20, 2017 3:17 pm

Discussion is going around now on the sleuthkit-users listserv regarding packaging. You can subscribe here:

https://sourceforge.net/projects/sleuth ... hkit-users

Personally, I've been horribly busy lately and have had no time to devote to this. The part I'm working on currently, however, is in regard to the included Windows-based dependencies. There are binary executables that ship with Autopsy as dependencies, such as Photorec, and other Windows-based dependencies, such as RegRipper. There's more than one way to skin a cat.

Those same dependencies that will work on *NIX platforms can also be shipped, but Autopsy's Java will need to be tweaked so that it knows to call the right ones depending on platform environment. The downside is installer package bloat and it's pretty big as it is.

Another option would be to make those dependencies native. In other words, they would be a separate installation and would have to be present on the system in order for Autopsy to install. Some could be downloaded/installed by the Autopsy installer, but others would have to be user downloaded/installed to be sure proper configuration is in place. The downside to this is less control over the specific version of those dependencies that may be available. For example, if Autopsy is built and tested against the Widget 3.7 library that's available only in the Ubuntu 14.04 repos, then trouble might follow when the user installs it on Ubuntu 16.04 that only has the Widget 4.1 library or above in its repo. It can be worse on Mac.

The last conversation I had with Brian made me think Basis is leaning toward including the *NIX dependencies, but I don't think they've fully decided. If they have, I'm not aware. As for me, I think the second way forward is actually better, even if the likelihood of breaking something down the road is greater and that's what I'm working on at least as a proof of concept.

There are those who are successfully building Autopsy for *NIX systems, but as you can see, those will have limited functionality until the above reaches a reasonable solution.
Hoyt
 
Posts: 61
Joined: Thu Dec 11, 2014 4:02 am
Location: Little Rock, AR

Previous

Return to Autopsy Developers Corner

Who is online

Users browsing this forum: No registered users and 1 guest

cron