Monday, July 14, 2008

PTK 0.2 Released

PTK labs has released beta 0.2. Improvements include searching for strings in slackspace and a new installer. Now installation will be somewhat easier. You simply have to unzip the files into your apache owned folder (var/www/, /var/www/htdocs, /var/www/html etc). Make sure the permissions are set correctly. Open your browser and go to http://127.0.0.1/ptk/install.php You will see the installation page and can just fill it out as needed.

Edit 10/18: I've decided to add a patch to address the comment below.
Apply it as follows:

patch -b install.php install_diff.txt

at

6 comments:

  1. Anonymous9:15 PM

    I cannot get the installer past the sluethkit check it says the files are not found but i can use them at the terminal prompt. What permissions should I set?

    ReplyDelete
  2. Jamie Levy11:50 AM

    Where is sleuthkit installed? Is it located in /usr/local/bin? (type `which ils` for example to see the path)

    Also, which OS are you running? Not that I have time to play tech support, but I think I may know what's the problem...

    Also, for future issues you can try the PTK help forums or the mailing list.

    ReplyDelete
  3. Anonymous8:17 PM

    It is installed to the /usr/local/bin. I am using Fedora 9 (sorry) I found an RPM for TSK that is written for Fedora 10 but I was able to use it and PTK installed w/o problem. Thank you very much for responding.

    Just curious what you thought the problem was I am still learning this OS in depth as I go, and can you get PTK to load a split dd image as one w/o putting back together with "cat"

    ReplyDelete
  4. Jamie Levy11:26 PM

    Well, the problem is that /usr/local/bin is not in the path. You can find this out by adding this to the install.php script:

    $cmd = 'set';
    echo "<pre>".shell_exec($cmd)."</pre>";

    Which most likely will give you a path of:

    PATH="/sbin:/usr/sbin:/bin:/usr/bin"

    So you have to either move the executable to /usr/bin or put them in your path. One way you could do this its to modify the install.php script like so:

    Change

    $fsstat = shell_exec("which fsstat");

    to the following:

    $fsstat = shell_exec('export PATH="/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin"; which fsstat');

    And so on....

    Hope this helps.

    ReplyDelete
  5. Jamie Levy11:34 PM

    BTW, I see that someone else had your problem in the forums on CentOS... I went ahead an gave them this reply as well.

    Let me know if this works for you...

    ReplyDelete
  6. Anonymous12:05 PM

    That patch was the problem thank you.

    ReplyDelete