...
 
Commits (9)
autopsy-4.10.0/
sleuthkit-4.6.5/
# Run autopsy in a container
FROM ubuntu:cosmic
LABEL maintainer "djds djds@ccs.neu.edu"
ENV DEBIAN_FRONTEND="noninteractive"
RUN apt-get update && apt-get dist-upgrade -y \
&& apt-get install -y \
ant \
ca-certificates \
g++ \
gcc \
gpg \
java-common \
libafflib-dev \
libboost-dev \
libewf-dev \
libgl1-mesa-dri \
libgl1-mesa-glx \
libsolr-java \
libsqlite3-dev \
libswt-gtk-4-java \
libtika-java \
libtool \
libtsk-dev \
libvhdi-dev \
libvmdk-dev \
make \
openjfx \
postgresql \
software-properties-common \
sqlite3 \
testdisk \
wget \
zip \
zlib1g-dev
WORKDIR /opt
RUN wget "https://d3pxv6yz143wms.cloudfront.net/8.212.04.1/java-1.8.0-amazon-corretto-jdk_8.212.04-1_amd64.deb" \
&& apt-get install -y ./java-1.8.0-amazon-corretto-jdk_8.212.04-1_amd64.deb \
&& apt-get install -y --fix-missing
RUN wget "https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.10.0/autopsy-4.10.0.zip" \
&& wget "https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.10.0/autopsy-4.10.0.zip.asc" \
&& wget "https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.6.5/sleuthkit-4.6.5.tar.gz" \
&& wget "https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.6.5/sleuthkit-4.6.5.tar.gz.asc"
RUN gpg --recv-keys "0917A7EE58A9308B13D3963338AD602EC7454C8B" \
&& gpg --verify autopsy-4.10.0.zip.asc \
&& gpg --verify sleuthkit-4.6.5.tar.gz.asc \
&& tar -xf sleuthkit-4.6.5.tar.gz \
&& unzip autopsy-4.10.0.zip
WORKDIR /opt/sleuthkit-4.6.5
RUN export JAVA_HOME="/usr/lib/jvm/java-1.8.0-amazon-corretto/" \
&& ./configure \
&& make \
&& make install
WORKDIR /opt/autopsy-4.10.0
RUN chmod +x ./unix_setup.sh \
&& export JAVA_HOME="/usr/lib/jvm/java-1.8.0-amazon-corretto/" \
&& ./unix_setup.sh \
&& apt-get install -y --fix-broken \
&& chmod +x /opt/autopsy-4.10.0/bin/autopsy
ARG GID
ARG ID
ARG AUDIO
RUN groupadd -g $GID autopsy \
&& groupmod -g $AUDIO audio \
&& useradd -m -G audio,video,plugdev -u $ID -g $GID autopsy \
&& mkdir -p /home/autopsy/data \
&& chown -R autopsy:autopsy /home/autopsy \
&& rm -rf /var/lib/apt/lists/* \
&& rm /opt/sleuthkit-4.6.5.tar.gz \
&& rm /opt/autopsy-4.10.0.zip
WORKDIR /home/autopsy/data
# Run as non privileged user
USER autopsy
ENTRYPOINT [ "/opt/autopsy-4.10.0/bin/autopsy" ]
#!/bin/bash
# Use bghost/autopsy:cosmic by default
tag="${1:-openjdk}"
REGISTRY="${REGISTRY:-$DOCKER_REGISTRY}"
if [ ! -d "${HOME}/.autopsy" ]; then
mkdir "${HOME}/.autopsy"
fi
docker run --rm -d \
-c 4 \
-m 8192M \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--device /dev/dri \
--device /dev/snd \
-v "/dev/shm:/dev/shm" \
-v "${HOME}/.autopsy:/home/autopsy/.autopsy" \
-v "$(pwd):/home/autopsy/data" \
--name autopsy \
"${REGISTRY}djds/autopsy:${tag}"
#!/bin/bash
set -euo pipefail
REGISTRY="${REGISTRY:-}"
user='djds'
repo='autopsy'
tag=${1:-corretto}
# set environment vars
GID="${GID:-$(id -g)}"
AUDIO="${AUDIO:-$(getent group audio | cut -d ':' -f 3)}"
ID="${ID:-$(id -u)}"
# build the container:
docker build \
--build-arg GID="${GID}" \
--build-arg ID="${ID}" \
--build-arg AUDIO="${AUDIO}" \
-t "${REGISTRY}${user}/${repo}:${tag}" .
if [[ "${PUSH:-}" == "true" ]]; then
docker push "${REGISTRY}${user}/${repo}:${tag}"
fi
# clean up our host environment
unset {GID,ID,AUDIO}
......@@ -19,6 +19,18 @@ RUN git clone "https://github.com/keydet89/RegRipper2.8.git" \
/usr/share/perl5/Parse/Win32Registry/WinNT/Key_old.pm \
&& cp Key.pm /usr/share/perl5/Parse/Win32Registry/WinNT/Key.pm
WORKDIR /opt/RegRipper2.8
# Change #! and plugin locations for Linux
RUN sed -i 's/#! c:\\perl\\bin\\perl.exe/#!\/usr\/bin\/perl/g' rip.pl \
&& sed -i 's/^#push(@INC,$str);/push(@INC,$str);/g' rip.pl \
&& sed -i '/($^O eq "MSWin32") ? ($plugindir = $str."plugins\/")/d' rip.pl \
&& sed -i '/: ($plugindir = File::Spec->catfile("plugins"));/d' rip.pl \
&& sed -i 's/^#my $plugindir = $str."plugins\/";/my $plugindir = $str."\/opt\/RegRipper2.8\/plugins\/";/g' rip.pl \
&& sed -i 's/^#my $plugindir = File::Spec->catfile("plugins");/my $plugindir = File::Spec->catfile("\/opt\/RegRipper2.8\/plugins");/g' rip.pl \
&& sed -i 's/^#print "Plugins Dir = ".$plugindir."\\n";/print "Plugins Dir = ".$plugindir."\\n";/g' rip.pl \
&& chmod +x rip.pl
ARG GID
ARG ID
......@@ -33,4 +45,4 @@ WORKDIR /home/regripper/data
# Run as non privileged user
USER regripper
ENTRYPOINT ["/usr/bin/perl", "/opt/RegRipper2.8/rip.pl"]
ENTRYPOINT ["/opt/RegRipper2.8/rip.pl"]
#!/bin/bash
# Use bghost/volitility:cosmic by default
# Use bghost/regripper:cosmic by default
REGISTRY="${REGISTRY:-}"
tag="cosmic"
......@@ -13,5 +13,4 @@ docker run --rm -it \
-v "$(pwd):/home/regripper/data" \
-v /dev/shm:/dev/shm \
--name regripper \
--entrypoint=/bin/bash \
"${REGISTRY}djds/regripper:${tag}" "${@}"