Installing Autopsy 4.6.0 on linux

» » Installing Autopsy 4.6.0 on linux

Installing Autopsy 4.6.0 on linux

   Thursday, June 07, 2018      


Autopsy is a digital forensics tool that needs no introduction. It has a ton of capabilities such as registry analysis, email analysis, media analysis, android analysis etc. The fact that it's open source and is bundled with the ability to analyze android images is just super awesome.

I had previously tried to compile Autopsy for linux but i had little luck. I decided to try again with this version, that's packaged for linux. Here is how to go about it.

Update and install dependencies

  • apt-get update
  • apt-get install libafflib-dev libbfio-dev libc3p0-java libewf-dev libpostgresql-jdbc-java sleuthkit-java

Install and configure Java 8

Add Java repository and install the Java 8 installer 
  • sudo add-apt-repository ppa:webupd8team/java
  • sudo apt-get install oracle-java8-installer
Check for the Java version:
  • java -version
  • javac -version
Confirm the Java path
  • sudo update-alternatives --config java
Add path to environment
  • sudo nano /etc/environment
  • JAVA_HOME="/opt/jdk1.8.0_101"
  • export JAVA_HOME
Initialize environment:
  • source /etc/environment
Test Java HOME variable:
  • echo $JAVA_HOME

Download and setup Autopsy

Create working directory:
  • mkdir autopsy-4.6.0-linux
  • cd autopsy-4.6.0-linux/
Download Autopsy:
  • wget -nc -cq --show-progress https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.6.0-linux1/sleuthkit-java_4.6.0-1_amd64.deb
  • wget -nc -cq --show-progress https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.6.0-linux1/autopsy-4.6.0-linux1.zip
Extract sleuthkit and manual install:
  • dpkg -x sleuthkit-java_4.6.0-1_amd64.deb sleuthkit
  • sudo cp -r sleuthkit/usr/* /usr/
Extract Autopsy:
  • mkdir autopsy-4.6.0-linux
  • unzip autopsy-4.6.0-linux1.zip -d autopsy-4.6.0-linux
Configure Autopsy:
  • cd autopsy-4.6.0-linux/
  • chmod +x unix_setup.sh
  • ./unix_setup.sh
Start autopsy:
  • cd bin/
  • ./autopsy
If all goes well, you should get your nice and simple GUI, as shown below. 


I will work on a follow up blog post, that will highlight how to create android images and analyze them using Autopsy.

References



  

   2 Comments

at Thursday, June 07, 2018

2 comments :

  1. NadiaJanuary 22, 2020 at 5:48 PM

    thank you

    ReplyDelete
  2. AnonymousMay 5, 2020 at 2:07 PM

    Hello.
    Nice article.
    But I have a problem with Java. Because when I do "./unix_setup.sh" terminal show me "ERROR: Java was not found...."
    I tried all folders that a find Java with "sudo update-alternatives --config java" in my case:

    /usr/lib/jvm/java-11-openjdk-amd64/bin/java
    /usr/lib/jvm/java-11-openjdk-amd64/bin/java
    /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java

    I tried that routes in /etc/enviroment, and I checked was change correctly with "echo $JAVA_HOME", but doesn't work for me.
    Can you help me?
    All previous steps works very well.

    ReplyDelete

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments ( Atom )