mirror of
https://github.com/mvt-project/mvt.git
synced 2024-06-29 07:39:00 +00:00
Add Dockerfile with Android dependencies solved
This commit is contained in:
parent
add5b1640e
commit
8c855b645d
29
Dockerfile
Normal file
29
Dockerfile
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
FROM ubuntu:20.04
|
||||||
|
|
||||||
|
# Fixing major OS dependencies
|
||||||
|
# ----------------------------
|
||||||
|
RUN apt update \
|
||||||
|
&& apt install -y python3 python3-pip libusb-1.0-0 \
|
||||||
|
&& apt install -y wget \
|
||||||
|
&& apt install -y adb \
|
||||||
|
&& DEBIAN_FRONTEND=noninteractive apt-get -y install default-jre-headless \
|
||||||
|
&& apt-get clean \
|
||||||
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
# Installing MVT
|
||||||
|
# --------------
|
||||||
|
RUN pip3 install mvt
|
||||||
|
|
||||||
|
# Installing ABE
|
||||||
|
# --------------
|
||||||
|
RUN mkdir /opt/abe
|
||||||
|
RUN wget https://github.com/nelenkov/android-backup-extractor/releases/download/20210709062403-4c55371/abe.jar -O /opt/abe/abe.jar
|
||||||
|
# Create shortcut for abe
|
||||||
|
RUN echo "java -jar /opt/abe/abe.jar" > /usr/local/bin/abe && chmod +x /usr/local/bin/abe
|
||||||
|
|
||||||
|
# Setup investigations environment
|
||||||
|
# --------------------------------
|
||||||
|
RUN mkdir /home/cases
|
||||||
|
WORKDIR /home/cases
|
||||||
|
|
||||||
|
CMD /bin/bash
|
42
README.md
42
README.md
|
@ -10,7 +10,46 @@ Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and a
|
||||||
|
|
||||||
[Please check out the documentation](https://mvt-docs.readthedocs.io/en/latest/)..
|
[Please check out the documentation](https://mvt-docs.readthedocs.io/en/latest/)..
|
||||||
|
|
||||||
## Installation
|
### Installation using the Docker image
|
||||||
|
|
||||||
|
Using Docker is the easiest way of having all the dependencies fixed with a couple of commands.
|
||||||
|
Install Docker using the [official instructions](https://docs.docker.com/get-docker/) provided in the Website page.
|
||||||
|
|
||||||
|
Afterwards, you can build the Docker image once inside:
|
||||||
|
|
||||||
|
```
|
||||||
|
bash
|
||||||
|
git clone https://github.com/mvt-project/mvt.git
|
||||||
|
cd mvt
|
||||||
|
docker build -t mvt .
|
||||||
|
```
|
||||||
|
|
||||||
|
Once the image is built, can now be tested using, what will prompt a bash terminal:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker run -it mvt
|
||||||
|
```
|
||||||
|
|
||||||
|
If this is correct, close the container (`exit`) and it is time to connect the Android device to analyse to the USB port using the development mode as explained in the official docs [here](https://developer.android.com/studio/debug/dev-options).
|
||||||
|
To have visibility of the USB, the container WILL need to have access to the USB which is not activated in Docker by default.
|
||||||
|
This can be done using the `--privileged` parameter when launching Docker as follows and mounting the USB as a volume.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker run -it --privileged -v /dev/bus/usb:/dev/bus/usb mvt
|
||||||
|
```
|
||||||
|
|
||||||
|
Note that using the `--pivileged` parameter is insecure for a number of reasons explained in detail [here](https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/) as it gives access to the whole system.
|
||||||
|
As a brief explanation, the `-v <host_path>:<docker_path>` syntax maps the host path to the dockerized path to allow the connection.
|
||||||
|
Modern versions of Docker have a `--device` option where you can specify the exact USB to mount without the `--privileged` option:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker run -it --device=/dev/<your_usb_port> mvt
|
||||||
|
```
|
||||||
|
|
||||||
|
The Docker image contains the dependencies fixed to perform a forensic analysis on an Android device using MVT, including ADB (reachable using `adb` as expected) and ABE (installed under `/opt/abe` and reachable using `abe` from the command line) which is ready to be launched using the installed version of Java.
|
||||||
|
Thus, the forensic analyst can proceed as expected to grab the evidences needed and performs the required tests.
|
||||||
|
|
||||||
|
## Manual Installation
|
||||||
|
|
||||||
First you need to install dependencies, on Linux `sudo apt install python3 python3-pip libusb-1.0-0` or on MacOS `brew install python3 libusb`.
|
First you need to install dependencies, on Linux `sudo apt install python3 python3-pip libusb-1.0-0` or on MacOS `brew install python3 libusb`.
|
||||||
|
|
||||||
|
@ -35,6 +74,7 @@ MVT provides two commands `mvt-ios` and `mvt-android` with the following subcomm
|
||||||
|
|
||||||
Check out [the documentation to see how to use them.](https://mvt-docs.readthedocs.io/en/latest/).
|
Check out [the documentation to see how to use them.](https://mvt-docs.readthedocs.io/en/latest/).
|
||||||
|
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
The purpose of MVT is to facilitate the ***consensual forensic analysis*** of devices of those who might be targets of sophisticated mobile spyware attacks, especially members of civil society and marginalized communities. We do not want MVT to enable privacy violations of non-consenting individuals. Therefore, the goal of this license is to prohibit the use of MVT (and any other software licensed the same) for the purpose of *adversarial forensics*.
|
The purpose of MVT is to facilitate the ***consensual forensic analysis*** of devices of those who might be targets of sophisticated mobile spyware attacks, especially members of civil society and marginalized communities. We do not want MVT to enable privacy violations of non-consenting individuals. Therefore, the goal of this license is to prohibit the use of MVT (and any other software licensed the same) for the purpose of *adversarial forensics*.
|
||||||
|
|
Loading…
Reference in New Issue
Block a user