Merge branch 'dockerizing' of https://github.com/febrezo/mvt into febrezo-dockerizing

Dockerfile

@@ -0,0 +1,65 @@
+FROM ubuntu:20.04
+
+# Ref. https://github.com/mvt-project/mvt
+
+# Fixing major OS dependencies
+# ----------------------------
+RUN apt update \
+  && apt install -y python3 python3-pip libusb-1.0-0-dev \
+  && apt install -y wget \ 
+  && apt install -y adb \ 
+  && DEBIAN_FRONTEND=noninteractive apt-get -y install default-jre-headless
+
+# Install build tools for libimobiledevice
+# ----------------------------------------
+RUN apt install -y build-essential \
+	checkinstall \
+	git \
+	autoconf \
+	automake \
+	libtool-bin \
+	libplist-dev \
+	libusbmuxd-dev \
+	libssl-dev \
+    pkg-config
+
+# Clean up
+# --------
+RUN apt-get clean \
+  && rm -rf /var/lib/apt/lists/*
+
+
+# Build libimobiledevice
+# ----------------------
+RUN git clone https://github.com/libimobiledevice/libplist
+RUN git clone https://github.com/libimobiledevice/libusbmuxd
+RUN git clone https://github.com/libimobiledevice/libimobiledevice
+RUN git clone https://github.com/libimobiledevice/usbmuxd
+
+RUN cd libplist && ./autogen.sh && make && make install && ldconfig
+
+RUN cd libusbmuxd && PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./autogen.sh && make && make install && ldconfig
+
+RUN cd libimobiledevice && PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./autogen.sh --enable-debug && make && make install && ldconfig
+
+RUN cd usbmuxd && PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./autogen.sh --prefix=/usr --sysconfdir=/etc --localstatedir=/var --runstatedir=/run && make && make install
+
+# Installing MVT
+# --------------
+RUN pip3 install mvt
+
+# Installing ABE
+# --------------
+RUN mkdir /opt/abe
+RUN wget https://github.com/nelenkov/android-backup-extractor/releases/download/20210709062403-4c55371/abe.jar -O /opt/abe/abe.jar
+# Create alias for abe
+RUN echo 'alias abe="java -jar /opt/abe/abe.jar"' >> ~/.bashrc
+
+# Setup investigations environment
+# --------------------------------
+RUN mkdir /home/cases
+WORKDIR /home/cases 
+RUN echo 'echo "Mobile Verification Toolkit @ Docker\n------------------------------------\n\nYou can find information about how to use this image for Android (https://github.com/mvt-project/mvt/tree/master/docs/android) and iOS (https://github.com/mvt-project/mvt/tree/master/docs/ios) in the official docs of the project.\n"' >> ~/.bashrc
+RUN echo 'echo "Note that to perform the debug via USB you might need to give the Docker image access to the USB using \"docker run -it --privileged -v /dev/bus/usb:/dev/bus/usb mvt\" or, preferably, the \"--device=\" parameter.\n"' >> ~/.bashrc
+
+CMD /bin/bash

README.md

@@ -14,7 +14,45 @@ It has been developed and released by the [Amnesty International Security Lab](h
 
 [Please check out the documentation.](https://mvt.readthedocs.io/en/latest/)
 
-## Installation
+### Installation using the Docker image
+
+Using Docker is the easiest way of having all the dependencies fixed with a couple of commands.
+Install Docker using the [official instructions](https://docs.docker.com/get-docker/) provided in the Website page.
+
+Afterwards, you can build the Docker image once inside:
+
+```bash
+git clone https://github.com/mvt-project/mvt.git
+cd mvt
+docker build -t mvt .
+```
+
+Once the image is built, can now be tested using, what will prompt a bash terminal:
+
+```bash
+docker run -it mvt
+```
+
+If this is correct, close the container (`exit`) and it is time to connect the Android device to analyse to the USB port using the development mode as explained in the official docs [here](https://developer.android.com/studio/debug/dev-options).
+To have visibility of the USB, the container WILL need to have access to the USB which is not activated in Docker by default.
+This can be done using the `--privileged` parameter when launching Docker as follows and mounting the USB as a volume.
+
+```bash
+docker run -it --privileged -v /dev/bus/usb:/dev/bus/usb mvt
+```
+
+Note that using the `--privileged` parameter is insecure for a number of reasons explained in detail [here](https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/) as it gives access to the whole system.
+As a brief explanation, the `-v <host_path>:<docker_path>` syntax maps the host path to the dockerized path to allow the connection.
+Modern versions of Docker have a `--device` option where you can specify the exact USB to mount without the `--privileged` option:
+
+```bash
+docker run -it --device=/dev/<your_usb_port> mvt
+```
+
+The Docker image contains the dependencies fixed to perform a forensic analysis on an Android device using MVT, including ADB (reachable using `adb` as expected) and ABE (installed under `/opt/abe` and reachable using `abe` from the command line) which is ready to be launched using the installed version of Java. 
+Thus, the forensic analyst can proceed as expected to grab the evidences needed and performs the required tests.
+
+## Manual Installation
 
 First you need to install dependencies, on Linux `sudo apt install python3 python3-pip libusb-1.0-0` or on MacOS `brew install python3 libusb`.
 
@@ -40,6 +78,7 @@ MVT provides two commands `mvt-ios` and `mvt-android` with the following subcomm
 
 Check out [the documentation to see how to use them](https://mvt.readthedocs.io/en/latest/).
 
+
 ## License
 
 The purpose of MVT is to facilitate the ***consensual forensic analysis*** of devices of those who might be targets of sophisticated mobile spyware attacks, especially members of civil society and marginalized communities. We do not want MVT to enable privacy violations of non-consenting individuals. Therefore, the goal of this license is to prohibit the use of MVT (and any other software licensed the same) for the purpose of *adversarial forensics*.