Building SleuthKit from source on Windows with VC++

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Building SleuthKit from source on Windows with VC++

Edward Diener
In the instructions for building Sleuthkit from source on Windows with
the VC++ compiler it says in the win32/BUILDING.txt file:

"1) Download libewf-20130128 (or later).  The official releases are from:
     http://sourceforge.net/projects/libewf/"

There is no longer a libewf-20130128 release ( or any other libewf
release ) at Sourceforge and the only releases offered after that from
the libewf Github site are in Linux line ending format, come after the  
libewf-20130128 release, and are incompatible with the current Sleuthkit
source, whether 'master' or 'develop' branch. Furthermore the libewf
Github source is also incompatible with SleuthKit, as explained at
http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740.

How can I get the libewf-20130128 release for Windows so I can build
Sleuthkit from source using VC++ ?



------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org
Reply | Threaded
Open this post in threaded view
|

Re: Building SleuthKit from source on Windows with VC++

Brian Carrier-2
We use the 64-bit version on github, but I have an email from Joachim a while back saying to go to https://github.com/libyal/libewf/wiki for the older stable releases, which eventually directs you to this google drive: https://53efc0a7187d0baa489ee347026b8278fe4020f6.googledrive.com/host/0B3fBvzttpiiSMTdoaVExWWNsRjg/


> On Jun 24, 2016, at 3:31 PM, Edward Diener <[hidden email]> wrote:
>
> In the instructions for building Sleuthkit from source on Windows with
> the VC++ compiler it says in the win32/BUILDING.txt file:
>
> "1) Download libewf-20130128 (or later).  The official releases are from:
>     http://sourceforge.net/projects/libewf/"
>
> There is no longer a libewf-20130128 release ( or any other libewf
> release ) at Sourceforge and the only releases offered after that from
> the libewf Github site are in Linux line ending format, come after the  
> libewf-20130128 release, and are incompatible with the current Sleuthkit
> source, whether 'master' or 'develop' branch. Furthermore the libewf
> Github source is also incompatible with SleuthKit, as explained at
> http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740.
>
> How can I get the libewf-20130128 release for Windows so I can build
> Sleuthkit from source using VC++ ?
>
>
>
> ------------------------------------------------------------------------------
> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org


------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org
Reply | Threaded
Open this post in threaded view
|

Re: Building SleuthKit from source on Windows with VC++

Edward Diener
On 7/8/2016 11:56 PM, Brian Carrier wrote:
> We use the 64-bit version on github, but I have an email from Joachim a while back saying to go to https://github.com/libyal/libewf/wiki for the older stable releases, which eventually directs you to this google drive: https://53efc0a7187d0baa489ee347026b8278fe4020f6.googledrive.com/host/0B3fBvzttpiiSMTdoaVExWWNsRjg/
None of those versions are compatible with the latest TSK, whether
'develop' or 'master' branch. For the reason why please see
http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740&sid=cc46e2042f4e0696d6e7c22ed2efc90a.
I have been using the 64-bit version on Sleuthkit's github configured
for both 32-bit and 64-bit configurations, but I believe this may be a
very old libewf version.

Eddie Diener

>
>
>> On Jun 24, 2016, at 3:31 PM, Edward Diener <[hidden email]> wrote:
>>
>> In the instructions for building Sleuthkit from source on Windows with
>> the VC++ compiler it says in the win32/BUILDING.txt file:
>>
>> "1) Download libewf-20130128 (or later).  The official releases are from:
>>      http://sourceforge.net/projects/libewf/"
>>
>> There is no longer a libewf-20130128 release ( or any other libewf
>> release ) at Sourceforge and the only releases offered after that from
>> the libewf Github site are in Linux line ending format, come after the
>> libewf-20130128 release, and are incompatible with the current Sleuthkit
>> source, whether 'master' or 'develop' branch. Furthermore the libewf
>> Github source is also incompatible with SleuthKit, as explained at
>> http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740.
>>
>> How can I get the libewf-20130128 release for Windows so I can build
>> Sleuthkit from source using VC++ ?
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
>> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
>> present their vision of the future. This family event has something for
>> everyone, including kids. Get more information and register today.
>> http://sdm.link/attshape
>> _______________________________________________
>> sleuthkit-users mailing list
>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>> http://www.sleuthkit.org



------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org
Reply | Threaded
Open this post in threaded view
|

Re: Building SleuthKit from source on Windows with VC++

Brian Carrier-2
Has anyone tried libewf-20140608.tar.gz to see if it works without TSK code changes?  

We tried the latest experimental a while back, but ran into some problems with that and backed off.


> On Jul 9, 2016, at 12:28 AM, Edward Diener <[hidden email]> wrote:
>
> On 7/8/2016 11:56 PM, Brian Carrier wrote:
>> We use the 64-bit version on github, but I have an email from Joachim a while back saying to go to https://github.com/libyal/libewf/wiki for the older stable releases, which eventually directs you to this google drive: https://53efc0a7187d0baa489ee347026b8278fe4020f6.googledrive.com/host/0B3fBvzttpiiSMTdoaVExWWNsRjg/
> None of those versions are compatible with the latest TSK, whether
> 'develop' or 'master' branch. For the reason why please see
> http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740&sid=cc46e2042f4e0696d6e7c22ed2efc90a.
> I have been using the 64-bit version on Sleuthkit's github configured
> for both 32-bit and 64-bit configurations, but I believe this may be a
> very old libewf version.
>
> Eddie Diener
>>
>>
>>> On Jun 24, 2016, at 3:31 PM, Edward Diener <[hidden email]> wrote:
>>>
>>> In the instructions for building Sleuthkit from source on Windows with
>>> the VC++ compiler it says in the win32/BUILDING.txt file:
>>>
>>> "1) Download libewf-20130128 (or later).  The official releases are from:
>>>     http://sourceforge.net/projects/libewf/"
>>>
>>> There is no longer a libewf-20130128 release ( or any other libewf
>>> release ) at Sourceforge and the only releases offered after that from
>>> the libewf Github site are in Linux line ending format, come after the
>>> libewf-20130128 release, and are incompatible with the current Sleuthkit
>>> source, whether 'master' or 'develop' branch. Furthermore the libewf
>>> Github source is also incompatible with SleuthKit, as explained at
>>> http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740.
>>>
>>> How can I get the libewf-20130128 release for Windows so I can build
>>> Sleuthkit from source using VC++ ?
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
>>> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
>>> present their vision of the future. This family event has something for
>>> everyone, including kids. Get more information and register today.
>>> http://sdm.link/attshape
>>> _______________________________________________
>>> sleuthkit-users mailing list
>>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>>> http://www.sleuthkit.org
>
>
>
> ------------------------------------------------------------------------------
> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org


------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org
Reply | Threaded
Open this post in threaded view
|

Re: Building SleuthKit from source on Windows with VC++

Kam Woods
Yes - I have been using 20140608 for some time with both 4.2.0 and the TSK GitHub master. Configuring with --enable-v1-api and compiling on stock Ubuntu 14.04 and 16.04 64-bit boxes. No code changes, compiles clean and everything seems to work.

Kam

On Sat, Jul 9, 2016 at 10:08 AM, Brian Carrier <[hidden email]> wrote:
Has anyone tried libewf-20140608.tar.gz to see if it works without TSK code changes?

We tried the latest experimental a while back, but ran into some problems with that and backed off.


> On Jul 9, 2016, at 12:28 AM, Edward Diener <[hidden email]> wrote:
>
> On 7/8/2016 11:56 PM, Brian Carrier wrote:
>> We use the 64-bit version on github, but I have an email from Joachim a while back saying to go to https://github.com/libyal/libewf/wiki for the older stable releases, which eventually directs you to this google drive: https://53efc0a7187d0baa489ee347026b8278fe4020f6.googledrive.com/host/0B3fBvzttpiiSMTdoaVExWWNsRjg/
> None of those versions are compatible with the latest TSK, whether
> 'develop' or 'master' branch. For the reason why please see
> http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740&sid=cc46e2042f4e0696d6e7c22ed2efc90a.
> I have been using the 64-bit version on Sleuthkit's github configured
> for both 32-bit and 64-bit configurations, but I believe this may be a
> very old libewf version.
>
> Eddie Diener
>>
>>
>>> On Jun 24, 2016, at 3:31 PM, Edward Diener <[hidden email]> wrote:
>>>
>>> In the instructions for building Sleuthkit from source on Windows with
>>> the VC++ compiler it says in the win32/BUILDING.txt file:
>>>
>>> "1) Download libewf-20130128 (or later).  The official releases are from:
>>>     http://sourceforge.net/projects/libewf/"
>>>
>>> There is no longer a libewf-20130128 release ( or any other libewf
>>> release ) at Sourceforge and the only releases offered after that from
>>> the libewf Github site are in Linux line ending format, come after the
>>> libewf-20130128 release, and are incompatible with the current Sleuthkit
>>> source, whether 'master' or 'develop' branch. Furthermore the libewf
>>> Github source is also incompatible with SleuthKit, as explained at
>>> http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740.
>>>
>>> How can I get the libewf-20130128 release for Windows so I can build
>>> Sleuthkit from source using VC++ ?
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
>>> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
>>> present their vision of the future. This family event has something for
>>> everyone, including kids. Get more information and register today.
>>> http://sdm.link/attshape
>>> _______________________________________________
>>> sleuthkit-users mailing list
>>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>>> http://www.sleuthkit.org
>
>
>
> ------------------------------------------------------------------------------
> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org


------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org


------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org
Reply | Threaded
Open this post in threaded view
|

Re: Building SleuthKit from source on Windows with VC++

Edward Diener
On 7/9/2016 10:47 AM, Kam Woods wrote:
Yes - I have been using 20140608 for some time with both 4.2.0 and the TSK GitHub master. Configuring with --enable-v1-api and compiling on stock Ubuntu 14.04 and 16.04 64-bit boxes. No code changes, compiles clean and everything seems to work.
I did not know about an " --enable-v1-api" switch, but this sounds as if I am compiling with an old version of libewf when  using it. Also the libewf-20140608.tar.gz file has Unix line endings and I am working on Windows with VC++.

Eddie Diener

Kam

On Sat, Jul 9, 2016 at 10:08 AM, Brian Carrier <[hidden email]> wrote:
Has anyone tried libewf-20140608.tar.gz to see if it works without TSK code changes?

We tried the latest experimental a while back, but ran into some problems with that and backed off.


> On Jul 9, 2016, at 12:28 AM, Edward Diener <[hidden email]> wrote:
>
> On 7/8/2016 11:56 PM, Brian Carrier wrote:
>> We use the 64-bit version on github, but I have an email from Joachim a while back saying to go to https://github.com/libyal/libewf/wiki for the older stable releases, which eventually directs you to this google drive: https://53efc0a7187d0baa489ee347026b8278fe4020f6.googledrive.com/host/0B3fBvzttpiiSMTdoaVExWWNsRjg/
> None of those versions are compatible with the latest TSK, whether
> 'develop' or 'master' branch. For the reason why please see
> http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740&sid=cc46e2042f4e0696d6e7c22ed2efc90a.
> I have been using the 64-bit version on Sleuthkit's github configured
> for both 32-bit and 64-bit configurations, but I believe this may be a
> very old libewf version.
>
> Eddie Diener
>>
>>
>>> On Jun 24, 2016, at 3:31 PM, Edward Diener <[hidden email]> wrote:
>>>
>>> In the instructions for building Sleuthkit from source on Windows with
>>> the VC++ compiler it says in the win32/BUILDING.txt file:
>>>
>>> "1) Download libewf-20130128 (or later).  The official releases are from:
>>>     http://sourceforge.net/projects/libewf/"
>>>
>>> There is no longer a libewf-20130128 release ( or any other libewf
>>> release ) at Sourceforge and the only releases offered after that from
>>> the libewf Github site are in Linux line ending format, come after the
>>> libewf-20130128 release, and are incompatible with the current Sleuthkit
>>> source, whether 'master' or 'develop' branch. Furthermore the libewf
>>> Github source is also incompatible with SleuthKit, as explained at
>>> http://forum.sleuthkit.org/viewtopic.php?f=9&t=2740.
>>>
>>> How can I get the libewf-20130128 release for Windows so I can build
>>> Sleuthkit from source using VC++ ?
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
>>> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
>>> present their vision of the future. This family event has something for
>>> everyone, including kids. Get more information and register today.
>>> http://sdm.link/attshape
>>> _______________________________________________
>>> sleuthkit-users mailing list
>>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>>> http://www.sleuthkit.org
>
>
>
> ------------------------------------------------------------------------------
> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org


------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org



------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports.http://sdm.link/zohodev2dev
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org