Merge pull request #4050 from rishwanth1995/live_Cd_Files

added live cd files to unix folder

unix/launch_script_bootable.sh

@@ -25,9 +25,7 @@ errorLog () {
 }
 
 #Verify we can find the script
-if [[ -x "$AUTOPSY_BIN" ]]; then
- infoLog "Autopsy found"
-else
+if [[ ! -x "$AUTOPSY_BIN" ]]; then
   errorLog "Autopsy binaries not found at $AUTOPSY_BIN. Exiting....."
 fi
 
@@ -50,29 +48,82 @@ options_length=0
 # Display list of mounted devices, prompt user, and store
 # results in global variables
 showAndReadOptions () {
-  echo "Select a mounted disk to create config directory"
+  echo -e "\n"
+  echo "Select a mounted disk to create config directory: "
   # Maintainers: Adjust these grep statements based on where your
   # platform mounts media.
-  mnt=( $(mount | grep "media" | grep "rw" | awk '{print $3}') )
+  echo -e "\n"
+  mnt=( $(findmnt -n -lo source,target,fstype,label,options,size | grep "media" | grep "rw" | awk '{print $1, $2, $4, $6}') )
 
-  # Add option to user to not use mounted media
-  length=${#mnt[@]}
+  local length=${#mnt[@]}
   mnt[length]="Do not store on mounted disk"
-  options_length=$(( length + 1 ))
+  options_length=$(( length / 4 + 1 ))
 
-  x=1
-  for word in "${mnt[@]}"
+  printf "%-10s\t%-10s\t%-30s\t%-10s\t%-10s\t\n" "Selection" "Source" "Target" "Label" "Size"
+
+  echo "-----------------------------------------------------------------------------------------------------"
+
+  for ((i=0;i< $options_length;i++));
   do
-    echo [$x] "${word}"
-    x=$((x + 1))
+    printf "%-10s\t" "$(( i+1 ))"
+    for((j=0;j<4;j++));
+    do
+      printf "%-10s\t" "${mnt[j + i * 4]}"
+    done
+    if [[ -d "${mnt[1 + i * 4]}/AutopsyConfig" ]]; then
+      printf "%-10s\t" "Contains Autopsy Config data"
+    fi
+    echo -e "\n\n"
   done
   read -n 1 option
+  echo -e "\n"
   if [[ $option = "" ]] || ! [[ "$option" =~ ^[0-9]+$ ]]; then
     echo "Please choose a valid option"
     showAndReadOptions
   fi
 }
 
+showCaseDirOptions () {
+
+  echo "Please select a drive to store case data: "
+  echo -e "\n"
+  casedirremovable=( $(lsblk -lno NAME,RM,MOUNTPOINT,LABEL | awk '$3 != "" {print $1,$2,$3,$4}' | awk '$2 == 1 {print $3}') )
+  casedir=( $(lsblk -lno NAME,SIZE,MOUNTPOINT | awk '$3 != "" {print $1,$2,$3}') )
+  local lengthCaseDir=${#casedir[@]}
+  optionsCasedirLength=$(( lengthCaseDir / 3 ))
+  printf "%-10s\t%-10s\t%-10s\t%-30s\t\n" "Selection" "Disk" "Size" "Mount"
+
+  echo "-----------------------------------------------------------------------------------------------------"
+
+  for ((i=0;i<$optionsCasedirLength;i++));
+  do
+    printf "%-10s\t" "$(( i+1 ))"
+    for((j=0;j<3;j++));
+    do
+      printf "%-10s\t" "${casedir[j + i  * 3]}"
+    done
+    if [[ -d "${casedir[2 + i * 3 ]}/AutopsyConfig" ]]; then
+      printf "%-10s\t" "Contains Autopsy config data"
+    fi
+    echo -e "\n\n"
+  done
+  read -n 1 casedirOption
+  echo -e "\n"
+  if [[ $casedirOption = "" ]] || ! [[ "$casedirOption" =~ ^[0-9]+$ ]]; then
+    echo "Please choose a valid option"
+    showCaseDirOptions
+  fi
+}
+
+showWarning() {
+  RED='\033[0;31m'
+  NC='\033[0m'
+  local e match="$1"
+  shift
+  for e; do [[ "$e" == "$match" ]] && return 0; done
+  echo -e "${RED}Warning: Case data stored in non removable disk cannot be saved${NC}"
+}
+
 
 # Show mounted drives and loop until it is valid
 while true
@@ -84,10 +135,21 @@ do
   echo "Please choose a valid option"
 done
 
+#Show case drives and loop until it is valid
+
+while true
+do
+  showCaseDirOptions
+  if [ "$casedirOption" -ge "1" ] && [ "$casedirOption" -le "$optionsCasedirLength" ]; then
+    break
+  fi
+  echo "Please choose a valid option"
+done
+
 if [ "$option" != "$options_length" ]; then
-  index=$(( option - 1 ))
-  echo "Autopsy configurations will be stored in" "${mnt[$index]}"". Are you sure? (y/n)"
-  read affirmation
+  index=$(( (option - 1) * 4 + 1 ))
+  casedirIndex=$(( (casedirOption - 1) * 3 + 2 ))
+  read -p "Autopsy configurations will be stored in ${mnt[$index]}. Are you sure? (y/n): " affirmation
   if [ "$affirmation" == "y" ] || [ "$affirmation" == "Y" ]; then
     if [[ -d "${mnt[$index]}" ]]; then
       selectedMount=${mnt[$index]}
@@ -101,12 +163,13 @@ if [ "$option" != "$options_length" ]; then
       errorLog "Mount point $selectedMount does not have write permission"
     fi
 
+    showWarning  "${casedir[$casedirIndex]}" "${casedirremovable[@]}"
     # Make the directories on the media
     userDirectory="$autopsyConfigDir/userdir"
     createConfigDirectories $autopsyConfigDir && createConfigDirectories $userDirectory
 
     if [ $? -eq 0 ]; then
-        sh $AUTOPSY_BIN --userdir $userDirectory
+      sh $AUTOPSY_BIN --userdir $userDirectory --liveAutopsy=${casedir[$casedirIndex]}
     fi
   fi
 else

unix/live_iso.sh

@@ -0,0 +1,73 @@
+#This script is used automate the process of creating the live ISO.
+
+#!/bin/bash
+
+
+set -e
+
+#installing java8
+
+apt-get purge ubiquity
+add-apt-repository ppa:webupd8team/java;
+apt-get update;
+apt-get install oracle-java8-installer;
+source /etc/profile.d/jdk.sh
+
+#installing sleuthkit dependencies
+
+apt-get update && apt-get upgrade;
+apt-get install libtool automake libpq-dev postgresql libewf-dev libafflib-dev libvhdi-dev libvmdk-dev git testdisk ant build-essential aptitude wget unzip;
+apt-get install libstdc++6;
+
+#installing sleuthkit using the debian files
+
+if [ "$1" != ""  ]; then
+[ ! -f "./$1" ] && wget https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-${1:15:5}/$1;
+  apt-get -y install ./$1;
+  rm ./$1
+fi
+
+
+installAutopsy () {
+[ ! -f "./$1" ] && wget https://github.com/sleuthkit/autopsy/releases/download/${1%.*}/$1;
+   [ ! -d "/${1%.*}" ] && unzip ./$1 -d /
+   cd /${1%.*} && sh unix_setup.sh && cd -
+   rm ./$1 > /dev/null
+ }
+
+
+#installing autopsy using the zip files
+
+if [ "$2" != "" ]; then
+   installAutopsy $2;
+fi
+
+[ ! -f "./launch_script_bootable.sh" ] && wget https://raw.githubusercontent.com/sleuthkit/autopsy/develop/unix/launch_script_bootable.sh
+mv launch_script_bootable.sh /${2%.*}/autopsy.sh
+sed -i -e "s/\/usr\/share\/autopsy-4.7.0\/bin\/autopsy/\/${2%.*}\/bin\/autopsy/g" /${2%.*}/autopsy.sh
+chmod +x /${2%.*}/autopsy.sh
+
+ln -s /${2%.*}/autopsy.sh /usr/local/bin/autopsy
+
+touch /usr/share/applications/autopsy.desktop
+
+echo -e "[Desktop Entry]\nVersion=1.0\nName=Autopsy\nComment=Complete Digital forensics analysis suite\nExec=sudo /usr/local/bin/autopsy\nIcon=/usr/share/icons/autopsy.png\nTerminal=true\nType=Application\nCategories=Utility;System;" > /usr/share/applications/autopsy.desktop
+
+chmod +x /usr/share/applications/autopsy.desktop
+
+#setup desktop files
+mkdir /etc/skel/Desktop
+cp /usr/share/applications/autopsy.desktop /etc/skel/Desktop/
+cp /usr/share/applications/lxterminal.desktop /etc/skel/Desktop/
+
+#setup autopsy icon
+[ ! -f "./autopsy.png" ] && wget https://github.com/sleuthkit/autopsy/raw/develop/unix/autopsy.png
+mv ./autopsy.png /usr/share/icons
+
+#setup iso wallpaper
+[ ! -f "./autopsy_wallpaper1.png" ] && wget https://github.com/sleuthkit/autopsy/raw/develop/unix/autopsy_wallpaper1.png
+mv ./autopsy_wallpaper1.png /usr/share/lubuntu/wallpapers/autopsy_wallpaper.png
+unlink /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.png
+unlink /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.jpg
+ln -s /usr/share/lubuntu/wallpapers/autopsy_wallpaper.png /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.png
+ln -s /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.png /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.jpg