-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dockerize scalpel #44
base: master
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
pendrive.img | ||
device.img | ||
.git | ||
recovery |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,6 @@ | ||
pendrive.img | ||
device.img | ||
recovery | ||
# Compiled Object files | ||
*.slo | ||
*.lo | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
FROM ubuntu:16.04 | ||
|
||
# ADD https://github.com/sleuthkit/scalpel/archive/master.zip / | ||
|
||
RUN apt-get update && \ | ||
apt-get install -y -qq --no-install-recommends \ | ||
automake \ | ||
default-jdk \ | ||
g++ \ | ||
libtool \ | ||
libtre-dev \ | ||
make \ | ||
unzip && \ | ||
rm -rf /var/lib/apt/lists/* | ||
|
||
COPY . /scalpel | ||
WORKDIR /scalpel | ||
RUN ./bootstrap && ./configure --disable-shared && make | ||
ENTRYPOINT ["/scalpel/entrypoint.sh"] |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,26 @@ | ||
# s4ros/scalpel | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This should be changed to |
||
|
||
In courtesy of https://github.com/sleuthkit/scalpel | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This segment should be removed, since this will actually be in the official |
||
|
||
## Docker | ||
|
||
### Run the container | ||
|
||
```sh | ||
docker run --rm -it \ | ||
-v $(pwd)/device.img:/scalpel/device.img \ | ||
-v $(pwd)/recovery:/scalpel/recovery \ | ||
s4ros/scalpel | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This should be changed to |
||
``` | ||
|
||
#### Volumes description | ||
There are two docker volumes that you need to mount to recover any files from the `device.img` | ||
|
||
* `/scalpel/device.img` - this has to be the image file of the device you want to recovery data from | ||
* `/recovery` - this is the place where any recovered files will be written | ||
|
||
## | ||
|
||
******************************************************************** | ||
|
||
As of 6/27/2013 Scalpel has been released under the Apache 2.0 License | ||
|
@@ -71,13 +94,13 @@ int the future. | |
|
||
COMPILE INSTRUCTIONS ON SUPPORTED PLATFORMS: | ||
|
||
Linux/Mac OS X: | ||
Linux/Mac OS X: | ||
% ./bootstrap | ||
% ./configure | ||
% ./configure | ||
% make | ||
|
||
Windows (mingw): | ||
cd src | ||
cd src | ||
mingw32-make -f Makefile.win | ||
|
||
|
||
|
@@ -128,10 +151,3 @@ distributed with tre-0.7.5, which is licensed under the LGPL. | |
Cheers, | ||
|
||
--Golden and Vico. | ||
|
||
|
||
|
||
|
||
|
||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
#!/usr/bin/env bash | ||
|
||
|
||
# set -x | ||
ERRORS=() | ||
|
||
PWD=/scalpel | ||
|
||
if [[ ! -f ${PWD}/device.img ]]; then | ||
ERRORS+=("No ${PWD}/device.img file available!") | ||
fi | ||
|
||
if [[ ! -d ${PWD}/recovery ]]; then | ||
ERRORS+=("No ${PWD}/recovery directory available!") | ||
fi | ||
|
||
function print_errors() { | ||
# echo Num of array items "${#ERRORS[@]}" | ||
if [[ ${#ERRORS[*]} -gt 0 ]]; then | ||
echo "There are ${#ERRORS[@]} errors:" | ||
for item in "${ERRORS[@]}"; do | ||
echo "- $item" | ||
done | ||
return 1 | ||
fi | ||
return 0 | ||
} | ||
|
||
print_errors || exit 1 | ||
|
||
if [[ $# -gt 0 ]]; then | ||
eval "$@" | ||
else | ||
./scalpel -o ${PWD}/recovery ${PWD}/device.img | ||
fi |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
#!/usr/bin/env bash | ||
|
||
|
||
# set -x | ||
ERRORS=() | ||
|
||
PWD=$(pwd) | ||
|
||
if [[ ! -f ${PWD}/device.img ]]; then | ||
ERRORS+=("No ${PWD}/device.img file available!") | ||
fi | ||
|
||
# if [[ ! -d ${PWD}/recovery ]]; then | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Commented out code should be removed before pushing to production |
||
# ERRORS+=("No ${PWD}/recovery directory available!") | ||
# fi | ||
|
||
function print_errors() { | ||
# echo Num of array items "${#ERRORS[@]}" | ||
if [[ ${#ERRORS[*]} -gt 0 ]]; then | ||
echo "There are ${#ERRORS[@]} errors:" | ||
for item in "${ERRORS[@]}"; do | ||
echo "- $item" | ||
done | ||
return 1 | ||
fi | ||
return 0 | ||
} | ||
|
||
print_errors || exit 1 | ||
|
||
docker run --rm -it \ | ||
-v ${PWD}/device.img:/scalpel/device.img \ | ||
-v ${PWD}/recovery:/scalpel/recovery \ | ||
s4ros/scalpel $@ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This should be changed to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it's time to let go of
apt-get
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
apt-get should still be used in scripts