Merge pull request #4050 from rishwanth1995/live_Cd_Files

added live cd files to unix folder
This commit is contained in:
Brian Carrier 2018-08-23 15:37:15 -04:00 committed by GitHub
commit ed9251ba35
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 163 additions and 27 deletions

BIN
unix/autopsy.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 47 KiB

BIN
unix/autopsy_wallpaper1.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 47 KiB

BIN
unix/autopsy_wallpaper2.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 48 KiB

View File

@ -25,24 +25,22 @@ errorLog () {
}
#Verify we can find the script
if [[ -x "$AUTOPSY_BIN" ]]; then
infoLog "Autopsy found"
else
errorLog "Autopsy binaries not found at $AUTOPSY_BIN. Exiting....."
if [[ ! -x "$AUTOPSY_BIN" ]]; then
errorLog "Autopsy binaries not found at $AUTOPSY_BIN. Exiting....."
fi
# Create folders on external drive
createConfigDirectories () {
if [ ! -d "$1" ]; then
mkdir $1
if [ ! -d "$1" ]; then
mkdir $1
if [ ! -d "$1" ]; then
errorLog "error while creating $1"
else
infoLog "$1 successfully created"
fi
errorLog "error while creating $1"
else
infoLog "$1 successfully created"
fi
return 0
fi
return 0
}
@ -50,29 +48,82 @@ options_length=0
# Display list of mounted devices, prompt user, and store
# results in global variables
showAndReadOptions () {
echo "Select a mounted disk to create config directory"
echo -e "\n"
echo "Select a mounted disk to create config directory: "
# Maintainers: Adjust these grep statements based on where your
# platform mounts media.
mnt=( $(mount | grep "media" | grep "rw" | awk '{print $3}') )
echo -e "\n"
mnt=( $(findmnt -n -lo source,target,fstype,label,options,size | grep "media" | grep "rw" | awk '{print $1, $2, $4, $6}') )
# Add option to user to not use mounted media
length=${#mnt[@]}
local length=${#mnt[@]}
mnt[length]="Do not store on mounted disk"
options_length=$(( length + 1 ))
options_length=$(( length / 4 + 1 ))
x=1
for word in "${mnt[@]}"
printf "%-10s\t%-10s\t%-30s\t%-10s\t%-10s\t\n" "Selection" "Source" "Target" "Label" "Size"
echo "-----------------------------------------------------------------------------------------------------"
for ((i=0;i< $options_length;i++));
do
echo [$x] "${word}"
x=$((x + 1))
printf "%-10s\t" "$(( i+1 ))"
for((j=0;j<4;j++));
do
printf "%-10s\t" "${mnt[j + i * 4]}"
done
if [[ -d "${mnt[1 + i * 4]}/AutopsyConfig" ]]; then
printf "%-10s\t" "Contains Autopsy Config data"
fi
echo -e "\n\n"
done
read -n 1 option
echo -e "\n"
if [[ $option = "" ]] || ! [[ "$option" =~ ^[0-9]+$ ]]; then
echo "Please choose a valid option"
showAndReadOptions
echo "Please choose a valid option"
showAndReadOptions
fi
}
showCaseDirOptions () {
echo "Please select a drive to store case data: "
echo -e "\n"
casedirremovable=( $(lsblk -lno NAME,RM,MOUNTPOINT,LABEL | awk '$3 != "" {print $1,$2,$3,$4}' | awk '$2 == 1 {print $3}') )
casedir=( $(lsblk -lno NAME,SIZE,MOUNTPOINT | awk '$3 != "" {print $1,$2,$3}') )
local lengthCaseDir=${#casedir[@]}
optionsCasedirLength=$(( lengthCaseDir / 3 ))
printf "%-10s\t%-10s\t%-10s\t%-30s\t\n" "Selection" "Disk" "Size" "Mount"
echo "-----------------------------------------------------------------------------------------------------"
for ((i=0;i<$optionsCasedirLength;i++));
do
printf "%-10s\t" "$(( i+1 ))"
for((j=0;j<3;j++));
do
printf "%-10s\t" "${casedir[j + i * 3]}"
done
if [[ -d "${casedir[2 + i * 3 ]}/AutopsyConfig" ]]; then
printf "%-10s\t" "Contains Autopsy config data"
fi
echo -e "\n\n"
done
read -n 1 casedirOption
echo -e "\n"
if [[ $casedirOption = "" ]] || ! [[ "$casedirOption" =~ ^[0-9]+$ ]]; then
echo "Please choose a valid option"
showCaseDirOptions
fi
}
showWarning() {
RED='\033[0;31m'
NC='\033[0m'
local e match="$1"
shift
for e; do [[ "$e" == "$match" ]] && return 0; done
echo -e "${RED}Warning: Case data stored in non removable disk cannot be saved${NC}"
}
# Show mounted drives and loop until it is valid
while true
@ -84,10 +135,21 @@ do
echo "Please choose a valid option"
done
#Show case drives and loop until it is valid
while true
do
showCaseDirOptions
if [ "$casedirOption" -ge "1" ] && [ "$casedirOption" -le "$optionsCasedirLength" ]; then
break
fi
echo "Please choose a valid option"
done
if [ "$option" != "$options_length" ]; then
index=$(( option - 1 ))
echo "Autopsy configurations will be stored in" "${mnt[$index]}"". Are you sure? (y/n)"
read affirmation
index=$(( (option - 1) * 4 + 1 ))
casedirIndex=$(( (casedirOption - 1) * 3 + 2 ))
read -p "Autopsy configurations will be stored in ${mnt[$index]}. Are you sure? (y/n): " affirmation
if [ "$affirmation" == "y" ] || [ "$affirmation" == "Y" ]; then
if [[ -d "${mnt[$index]}" ]]; then
selectedMount=${mnt[$index]}
@ -101,14 +163,15 @@ if [ "$option" != "$options_length" ]; then
errorLog "Mount point $selectedMount does not have write permission"
fi
showWarning "${casedir[$casedirIndex]}" "${casedirremovable[@]}"
# Make the directories on the media
userDirectory="$autopsyConfigDir/userdir"
createConfigDirectories $autopsyConfigDir && createConfigDirectories $userDirectory
if [ $? -eq 0 ]; then
sh $AUTOPSY_BIN --userdir $userDirectory
sh $AUTOPSY_BIN --userdir $userDirectory --liveAutopsy=${casedir[$casedirIndex]}
fi
fi
else
sh $AUTOPSY_BIN
sh $AUTOPSY_BIN
fi

73
unix/live_iso.sh Normal file
View File

@ -0,0 +1,73 @@
#This script is used automate the process of creating the live ISO.
#!/bin/bash
set -e
#installing java8
apt-get purge ubiquity
add-apt-repository ppa:webupd8team/java;
apt-get update;
apt-get install oracle-java8-installer;
source /etc/profile.d/jdk.sh
#installing sleuthkit dependencies
apt-get update && apt-get upgrade;
apt-get install libtool automake libpq-dev postgresql libewf-dev libafflib-dev libvhdi-dev libvmdk-dev git testdisk ant build-essential aptitude wget unzip;
apt-get install libstdc++6;
#installing sleuthkit using the debian files
if [ "$1" != "" ]; then
[ ! -f "./$1" ] && wget https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-${1:15:5}/$1;
apt-get -y install ./$1;
rm ./$1
fi
installAutopsy () {
[ ! -f "./$1" ] && wget https://github.com/sleuthkit/autopsy/releases/download/${1%.*}/$1;
[ ! -d "/${1%.*}" ] && unzip ./$1 -d /
cd /${1%.*} && sh unix_setup.sh && cd -
rm ./$1 > /dev/null
}
#installing autopsy using the zip files
if [ "$2" != "" ]; then
installAutopsy $2;
fi
[ ! -f "./launch_script_bootable.sh" ] && wget https://raw.githubusercontent.com/sleuthkit/autopsy/develop/unix/launch_script_bootable.sh
mv launch_script_bootable.sh /${2%.*}/autopsy.sh
sed -i -e "s/\/usr\/share\/autopsy-4.7.0\/bin\/autopsy/\/${2%.*}\/bin\/autopsy/g" /${2%.*}/autopsy.sh
chmod +x /${2%.*}/autopsy.sh
ln -s /${2%.*}/autopsy.sh /usr/local/bin/autopsy
touch /usr/share/applications/autopsy.desktop
echo -e "[Desktop Entry]\nVersion=1.0\nName=Autopsy\nComment=Complete Digital forensics analysis suite\nExec=sudo /usr/local/bin/autopsy\nIcon=/usr/share/icons/autopsy.png\nTerminal=true\nType=Application\nCategories=Utility;System;" > /usr/share/applications/autopsy.desktop
chmod +x /usr/share/applications/autopsy.desktop
#setup desktop files
mkdir /etc/skel/Desktop
cp /usr/share/applications/autopsy.desktop /etc/skel/Desktop/
cp /usr/share/applications/lxterminal.desktop /etc/skel/Desktop/
#setup autopsy icon
[ ! -f "./autopsy.png" ] && wget https://github.com/sleuthkit/autopsy/raw/develop/unix/autopsy.png
mv ./autopsy.png /usr/share/icons
#setup iso wallpaper
[ ! -f "./autopsy_wallpaper1.png" ] && wget https://github.com/sleuthkit/autopsy/raw/develop/unix/autopsy_wallpaper1.png
mv ./autopsy_wallpaper1.png /usr/share/lubuntu/wallpapers/autopsy_wallpaper.png
unlink /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.png
unlink /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.jpg
ln -s /usr/share/lubuntu/wallpapers/autopsy_wallpaper.png /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.png
ln -s /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.png /usr/share/lubuntu/wallpapers/lubuntu-default-wallpaper.jpg