BitCurator Access Webtools

From BitCurator
Jump to: navigation, search

BitCurator Access Webtools (bitcurator-access-webtools), is an open source toolset to enable access to disk images and the file systems they contain on the web. Software developed by the BitCurator Access team is licensed under the GNU General Public License Version 3. Software dependencies for bitcurator-access-webtools may be covered by other open source licenses and attribution terms.

If you can't find the information about bitcurator-access-webtools you need on this page, join and post questions to the BitCurator Users listserv.

Overview

The bitcurator-access-webtools software provides simple access to disk images over the web using open source technologies including The Sleuth Kit, PyTSK, and Flask. Simply point bitcurator-access-webtools at a local directory that contains raw (dd) or forensically-packaged disk images, and it will create a web portal that allows you to browse the file systems, download files, and examine disk image metadata.

Bca-webtools-v4.png


Getting Started

Note! The must up-to-date instructions can be found in the README.md on the bitcurator-access-webtools git repository at:

   https://github.com/bitcurator/bitcurator-access-webtools

Read on for a brief overview of running the application in a Vagrant box:

The bitcurator-access-webtools application needs VirtualBox and Vagrant in order to run. You can download the current version of VirtualBox for you operating system here and the current version of Vagrant here. Once you have these two tools installed, you must download a "base" Vagrant virtual machine box corresponding to the environment you wish to run any software in. In the case of bitcurator-access-webtools, this is currently a 64-bit build of Ubuntu 14.04LTS. You can download this base box by issuing the following command in a t erminal:

   vagrant box add ubuntu/trusty64

Now, check out the bitcurator-access-webtools code repository by cloning the GitHub repository at:

   git clone https://github.com/bitcurator/bitcurator-access-webtools

The application includes a couple of sample disk images in the 'disk-images' directory; you may add additional raw or E01-packaged images to this directory as needed, or simply test the application with the supplied images. To start the application the first time, run the following commands:

   cd bitcurator-access-webtools
   vagrant up

The first time you bring the application up, a new VM will be created (with a name of the form "bitcurator-access-webtools-X.X.X") and various software tools will be installed. This may take 20-30 minutes, depending on the speed of your computer. Note that this VM will run in "headless" mode; you will not see a new window appear - the name of the VM will simply appear within the VirtualBox Manager.

Now, open a web browser on your host machine and navigate to 127.0.0.1:8080, and you should see the application running.

To terminate both the application and the VM, simply type:

   vagrant halt

within the bitcurator-access-webtools directory. If you need to recreate the VM from scratch, you can type:

   vagrant destroy

Running the "vagrant up" command again from within the bitcurator-access-webtools directory will boot and reinstall the necessary software in a new virtual machine. To see some screenshots of the app in action, visit the BitCurator Access Webtools Screenshots page.

Dependencies

The bitcurator-access-webtools project is a Flask application. It has been tested with Python 2.7.3, Flask 0.11, Jinja2, and Postgres 9.3 (but will likely work with other versions). Python 3 should also work. You'll also need several other libraries and tools, including AFFLIB (v3.7.4 or later), libewf (20140427 or later), The Sleuth Kit (4.1.3 or later), and PyTSK.

On a Debian or Ubuntu system, some of these dependencies are simply apt packages. Others are a bit more involved, as the required versions are not packaged. To simplify the process, we've written a bootstrap script that updates and upgrades all the necessary packages, compiles and installs the necessary source packages, and sets up the database. This script (bootstrap.sh) is located in the provision directory, and is only run the first time you execute the "vagrant up" command.