Monday, July 14, 2008

PTK 0.2 Released

PTK labs has released beta 0.2. Improvements include searching for strings in slackspace and a new installer. Now installation will be somewhat easier. You simply have to unzip the files into your apache owned folder (var/www/, /var/www/htdocs, /var/www/html etc). Make sure the permissions are set correctly. Open your browser and go to You will see the installation page and can just fill it out as needed.

Edit 10/18: I've decided to add a patch to address the comment below.
Apply it as follows:

patch -b install.php install_diff.txt


Anonymous said...

I cannot get the installer past the sluethkit check it says the files are not found but i can use them at the terminal prompt. What permissions should I set?

Jamie Levy said...

Where is sleuthkit installed? Is it located in /usr/local/bin? (type `which ils` for example to see the path)

Also, which OS are you running? Not that I have time to play tech support, but I think I may know what's the problem...

Also, for future issues you can try the PTK help forums or the mailing list.

Anonymous said...

It is installed to the /usr/local/bin. I am using Fedora 9 (sorry) I found an RPM for TSK that is written for Fedora 10 but I was able to use it and PTK installed w/o problem. Thank you very much for responding.

Just curious what you thought the problem was I am still learning this OS in depth as I go, and can you get PTK to load a split dd image as one w/o putting back together with "cat"

Jamie Levy said...

Well, the problem is that /usr/local/bin is not in the path. You can find this out by adding this to the install.php script:

$cmd = 'set';
echo "<pre>".shell_exec($cmd)."</pre>";

Which most likely will give you a path of:


So you have to either move the executable to /usr/bin or put them in your path. One way you could do this its to modify the install.php script like so:


$fsstat = shell_exec("which fsstat");

to the following:

$fsstat = shell_exec('export PATH="/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin"; which fsstat');

And so on....

Hope this helps.

Jamie Levy said...

BTW, I see that someone else had your problem in the forums on CentOS... I went ahead an gave them this reply as well.

Let me know if this works for you...

Anonymous said...

That patch was the problem thank you.