Monday, July 14, 2008

PTK 0.2 Released

PTK labs has released beta 0.2. Improvements include searching for strings in slackspace and a new installer. Now installation will be somewhat easier. You simply have to unzip the files into your apache owned folder (var/www/, /var/www/htdocs, /var/www/html etc). Make sure the permissions are set correctly. Open your browser and go to http://127.0.0.1/ptk/install.php You will see the installation page and can just fill it out as needed.

Edit 10/18: I've decided to add a patch to address the comment below.
Apply it as follows:


patch -b install.php install_diff.txt

6 comments:

Anonymous said...

I cannot get the installer past the sluethkit check it says the files are not found but i can use them at the terminal prompt. What permissions should I set?

Jamie Levy said...

Where is sleuthkit installed? Is it located in /usr/local/bin? (type `which ils` for example to see the path)

Also, which OS are you running? Not that I have time to play tech support, but I think I may know what's the problem...

Also, for future issues you can try the PTK help forums or the mailing list.

Anonymous said...

It is installed to the /usr/local/bin. I am using Fedora 9 (sorry) I found an RPM for TSK that is written for Fedora 10 but I was able to use it and PTK installed w/o problem. Thank you very much for responding.

Just curious what you thought the problem was I am still learning this OS in depth as I go, and can you get PTK to load a split dd image as one w/o putting back together with "cat"

Jamie Levy said...

Well, the problem is that /usr/local/bin is not in the path. You can find this out by adding this to the install.php script:

$cmd = 'set';
echo "<pre>".shell_exec($cmd)."</pre>";

Which most likely will give you a path of:

PATH="/sbin:/usr/sbin:/bin:/usr/bin"

So you have to either move the executable to /usr/bin or put them in your path. One way you could do this its to modify the install.php script like so:

Change

$fsstat = shell_exec("which fsstat");

to the following:

$fsstat = shell_exec('export PATH="/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin"; which fsstat');

And so on....

Hope this helps.

Jamie Levy said...

BTW, I see that someone else had your problem in the forums on CentOS... I went ahead an gave them this reply as well.

Let me know if this works for you...

Anonymous said...

That patch was the problem thank you.