±Forensic Focus Partners

±Your Account


Nickname
Password


Forgotten password/username?


Membership:
New Today: 0
New Yesterday: 1
Overall: 27354
Visitors: 61

±Follow Forensic Focus

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Subscribe to blog

Subscribe to tweets

Log2timeline on Windows

Forensic software discussion (commercial and open source/freeware). Strictly no advertising.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page 1, 2, 3, 4, 5, 6  Next 
  

Log2timeline on Windows

Post Posted: Tue Dec 11, 2012 4:50 pm

This may not be the right place to ask this, because it's technically a perl question, but if anyone can help it would be greatly appreciated

I'm trying to put together a batch file to install log2timeline on windows.
I've got perl installed, got the latest version of log2timeline and Chris Pogues instructions on how to do it (http://log2timeline.net/INSTALL.txt).

What I'm getting stuck on is is how do I get the perl libraries to install without having to run the ppm install X command from an online repository.
I've tried to change the location of the repository to be a local folder, but that hasn't seemed to work.

I'm sure its an easy fix, but my perl knowledge is quite limited.  

randomaccess
Senior Member
 
 
  

Re: Log2timeline on Windows

Post Posted: Tue Dec 11, 2012 10:11 pm

I would say copy the libraries from your install. No need to download them from an online repository.  

BitHead
Senior Member
 
 
  

Re: Log2timeline on Windows

Post Posted: Wed Dec 12, 2012 12:55 am

so its probably my lack of understanding, but does perl just take the PM files from the lib directory and thats that?
Or is there more to it?

I'll have to play around wiht it and figure it out  

randomaccess
Senior Member
 
 
  

Re: Log2timeline on Windows

Post Posted: Wed Dec 12, 2012 1:26 am

- randomaccess
so its probably my lack of understanding, but does perl just take the PM files from the lib directory and thats that?
Pretty much. If you look at the install instructions for manually copying Mac-PropertyList and XML-Entities, that is all the Package Manager is really doing with the dependencies.

So as long as your files are up to date in your installer, there is no reason to call the Package Manager just to copy some files.  

BitHead
Senior Member
 
 
  

Re: Log2timeline on Windows

Post Posted: Thu Jan 03, 2013 7:39 am

so i may have found a way to get it to work (but have to do it for log2timeline)

basically install the dependencies on using ppm install on an internet connected pc
once that's all installed and working then you can copy the site and lib folder to the forensic workstation and that should work

im sure that one could copy the files into the right places, but this way it installs the dependencies etc for you

next step is looking into perl2exe for log2timeline so that i dont have to keep reinstalling it every time i reghost my pc  

randomaccess
Senior Member
 
 
  

Re: Log2timeline on Windows

Post Posted: Thu Jan 03, 2013 11:40 am

- randomaccess
so i may have found a way to get it to work (but have to do it for log2timeline)


Good luck. Please let me know if you get it to work Wink

Btw, are you able to get MFT data running it on Windows? I could never get Windows to see the $MFT and other system files hence log2timeline would not see and parse them out. After some trial and error, I discovered it did work (Windows would see these files) if you mounted your disk image as an emulated network share. Encase is one tool that has this capability.  

davnads
Member
 
 
  

Re: Log2timeline on Windows

Post Posted: Thu Jan 03, 2013 11:43 am

oh, by the way, if you don't already know there is a new python version of log2timeline out called "plaso" also by Kristinn. This is distributed in source, binary (i.e. EXE), and also in my tool called "4n6time" which a GUI interface for creation and review of timelines. Theres not as many parsers available for this version yet and still in sorta beta. Here' some more info - sites.google.com/a/kid...net/plaso/  

davnads
Member
 
 
Reply to topicReply to topic

Share this forum topic to encourage more replies



Page 1 of 6
Go to page 1, 2, 3, 4, 5, 6  Next