Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F4324462
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Size
13 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/trunk/README b/trunk/README
index 8547db7..bd4a427 100644
--- a/trunk/README
+++ b/trunk/README
@@ -1,185 +1,214 @@
-FRED README FILE
+FRED README FILE REVISION 1
Table of contents
0.0 Author and license stuff
1.0 What is fred? - A short description
2.0 Installation instructions
2.1 Prerequisits
2.1.1 Linux
- 2.1.2 OSX
+ 2.1.2 Mac OSX
2.1.3 Windows
- 2.2 Install from a package
- 2.2.1 Linux
- 2.2.2 OSX
- 2.2.3 Windows
- 3.0 Building the source
- 3.1 Shared vs static
- 3.2 Linux
- 3.2.1 Prerequisites
- 3.2.2 Compiling
- 3.2.3 Packaging
- 3.3 OSX
- 3.3.1 Prerequisites
- 3.3.2 Compiling
- 3.3.3 Packaging
- 3.4 Windows
- 3.5 Crosscompiling for Windows
- 3.5.1 Prerequisites
- 3.5.1.1 Compiler
- 3.5.1.2 Qt
- 3.5.2 Compiling
- 3.5.3 Packaging
+ 2.2 Installing a prebuild binary package
+ 2.3 Installing from source
+ 2.3.1 Shared vs static libhivex
+ 2.3.2 Linux
+ 2.3.2.1 Prerequisites
+ 2.3.2.2 Compiling
+ 2.3.2.3 Packaging
+ 2.3.3 Mac OSX
+ 2.3.3.1 Prerequisites
+ 2.3.3.2 Compiling
+ 2.3.3.3 Packaging
+ 2.3.4 Windows
+ 2.3.5 Crosscompiling for Windows
+ 2.3.5.1 Prerequisites
+ 2.3.5.1.1 Compiler
+ 2.3.5.1.2 Qt
+ 2.3.5.2 Compiling
+ 2.3.5.3 Packaging
0.0 Author and license stuff
fred Copyright (c) 2011-2013 by Gillen Daniel <gillen.dan@pinguin.lu>
This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation, either version 3 of the License, or (at your option) any later
version.
This program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program. If not, see <http://www.gnu.org/licenses/>.
1.0 What is fred? - A short description
- TODO
+ Forensic Registry EDitor (fred) is a cross-platform M$ registry hive editor.
+ This project was born out of the need for a reasonably good registry hive
+ viewer for Linux to conduct forensic analysis. Therefore it includes some
+ functions not found in normal "free" registry editors like a hex viewer with
+ data interpreter and a reporting function that can easily be extended with
+ custom ECMAScript report templates.
2.0 Installation instructions
2.1 Prerequisits
+ If you are not going to use my prebuild packages, in addition to the
+ prerequisits below you probably will also need Richard W.M. Jones's libhivex
+ available from https://github.com/libguestfs/hivex.
+
2.1.1 Linux
- Some sort of Linux with a recent kernel (2.6.x or above) and Qt v4.x.
+ Any Linux with Qt v4.x libraries.
- 2.1.2 OSX
- OSX v10.5 or above and Qt v4.x.
+ 2.1.2 Mac OSX
+ OSX v10.5 or above with Qt v4.x libraries.
2.1.3 Windows
- Windows XP or newer.
+ Windows XP or newer with Qt v4.x libraries.
+
+ 2.2 Installing a prebuild binary package
+ Chances are I provide prebuild binary packages for your OS (generally
+ Debian/Ubuntu, Mac OSX and Windows). If so, you can simply download them
+ from https://www.pinguin.lu.
+
+ ForDebian/Ubuntu, add my repository and execute the following command:
+
+ $ sudo apt-get install fred fred-reports
+
+ For Mac OSX and Windows, execute the installer and follow the on-screen
+ instructions.
+
+ If I have no prebuild binary packages for your OS, you will have to compile
+ fred by yourself. In this case, read the instructions under "Installing from
+ source".
+
+ 2.3 Installing from source
+ Start by getting the source code from https://www.pinguin.lu and unpacking
+ it to some temporary directory. Under Linux and Mac OSX, use:
+
+ $ cd /some/temp/dir/
+ $ tar xfvz fred-x.x.x.tar.gz
+
+ Under Windows, use 7zip or alike to decompress the tar.gz file.
+
+ 2.3.1 Shared vs static libhivex
+ When compiling fred from source, you have two possibilities how to include
+ libhivex. When using Linux, chances are your distribution has a package
+ for it available. In this case, you may install the binary and developper
+ version of it and go ahead to build fred. If your distribution has no
+ libhivex package available (Mac OSX and Windows definitely haven't), or
+ you want to use the latest version of it available that might fix some
+ bugs, make sure you use the "--static-hivex" command line option when
+ running my bootstrap.sh script. This will checkout, compile and statically
+ link the latest libhivex compatible with fred while building.
- 2.2 Install from a package
- 2.2.1 Linux
- Chances are I provide prebuild binary packages for Debian and Ubuntu. In
- this case, you only have to fire up your distribution's package manager
- and install fred. See https://www.pinguin.lu for more information and
- download links. If you added my repository, simpy execute the following
- command:
+ 2.3.2 Linux
+ 2.3.2.1 Prerequisites
+ TODO
- sudo apt-get install fred fred-reports
-
- 2.2.2 OSX
- See https://www.pinguin.lu for more information and download links.
+ 2.3.2.2 Compiling
+ Compiling under Linux for Linux should be very simple. Just execute the
+ following commands:
- 2.2.3 Windows
- See https://www.pinguin.lu for more information and download links.
+ $ cd /path/to/fred/source/
+ $ ./autogen.sh --platform=linux
-3.0 Building the source
- 3.1 Shared vs static
- TODO
+ Or, if you want to use the static libhivex:
- 3.2 Linux
- 3.2.1 Prerequisites
- TODO
+ $ cd /path/to/fred/source/
+ $ ./autogen.sh --static-hivex --platform=linux
- 3.2.2 Compiling
- Compiling under Linux for Linux should be very simple. Just execute the
- following commands:
+ 2.3.2.3 Packaging
+ TODO
- $ cd /path/to/fred/source
- $ ./autogen.sh --platform=linux
+ 2.3.3 Mac OSX
+ 2.3.3.1 Prerequisites
+ In order to compile fred under Mac OSX, you need to install the
+ following software:
- 3.2.3 Packaging
- TODO
+ - XCode from Apple
+ - Git from http://code.google.com/p/git-osx-installer/
+ - MacPorts from http://www.macports.org
+ - Qt 4.8.x library from http://qt-project.org
- 3.3 OSX
- 3.3.1 Prerequisites
- In order to compile fred under OSX, you need to install the following
- software:
+ Aditionally, after installing MacPorts, install the following packages:
- - XCode from Apple
- - Git from http://code.google.com/p/git-osx-installer/
- - MacPorts from http://www.macports.org
- - Qt 4.8.x library from http://qt-project.org
+ $ sudo port install ocaml libxml2 pkgconfig autoconf gettext
- Aditionally, after installing MacPorts, install the following packages
+ 2.3.3.2 Compiling
+ Compilation should be straight forward executing the following command:
- $ sudo port install ocaml libxml2 pkgconfig autoconf gettext
+ $ cd /path/to/fred/source/
+ $ ./autogen.sh --static-hivex --platform=mac
- 3.3.2 Compiling
- Compilation should be straight forward executing the following command:
+ 2.3.3.3 Packaging
+ TODO
- $ cd /path/to/fred/source
- $ ./autogen.sh --platform=mac
+ 2.3.4 Windows
+ Until beta5, fred for Windows was build under Windows. But it was a pain
+ in the bud to do so. Therefore I switched to crosscompiling under Linux
+ which works very well. If you want to build fred under Windows, good luck
+ and please, don't contact me if you have any problems! My only answer will
+ be:
- 3.3.3 Packaging
- TODO
+ Crosscompile under Linux!
- 3.4 Windows
- Until beta5, fred for Windows was build under Windows. But it was a pain in
- the bud to do so. Therefore I switched to crosscompiling under Linux which
- works very well. If you want to build fred under Windows, good luck and
- please, don't contact me if you have any problems! My only answer will be:
-
- Crosscompile under Linux!
+ 2.3.5 Crosscompiling for Windows
+ 2.3.5.1 Prerequisites
+ The following instructions are for Debian / Ubuntu like distros. If you
+ are using another distro, you will need to get the compiler and Qt on
+ your own.
- 3.5 Crosscompiling for Windows
- 3.5.1 Prerequisites
- The following instructions are for Debian / Ubuntu like distros. If you
- are using another distro, you will need to get the compiler and qt on your
- own.
+ 2.3.5.1.1 Compiler
+ You need the mingw-w64 gcc and g++ compiler. When using Debian/Ubuntu
+ install the following packages:
- 3.5.1.1 Compiler
- You need the mingw-w64 gcc and g++ compiler. When using Debian/Ubuntu
- install the following packages:
+ $ sudo apt-get install mingw-w64 mingw-w64-tools g++-mingw-w64 \
+ gcc-mingw-w64 mingw-ocaml
- $ sudo apt-get install mingw-w64 mingw-w64-tools g++-mingw-w64 \
- gcc-mingw-w64 mingw-ocaml
+ 2.3.5.1.2 Qt
+ After you have a compiler, you will need to crosscompile Qt as it is
+ currently not available as package. Start by getting the source:
- 3.5.1.2 Qt
- After you have a compiler, you will need to crosscompile Qt as it is
- currently not available as package. Start by getting the source:
+ $ cd /some/temp/dir/
+ $ QTU="http://download.qt-project.org/official_releases/qt/4.8/4.8.4"
+ $ QTP="qt-everywhere-opensource-src-4.8.4"
+ $ wget $QTU/$QTP.tar.gz
+ $ tar xfvz $QTP.tar.gz
+ $ cd $QTP
- $ cd /some/temp/dir/
- $ wget http://download.qt-project.org/official_releases/qt/4.8/4.8.4/qt-everywhere-opensource-src-4.8.4.tar.gz
- $ tar xfvz qt-everywhere-opensource-src-4.8.4.tar.gz
- $ cd qt-everywhere-opensource-src-4.8.4
+ Unfortunately, Qt won't build until you apply two small patches:
- Unfortunately, Qt won't build until you apply two small patches:
+ $ SRC="/path/to/fred/source/qt_patches"
+ $ patch -p1 <"$SRC/mingw32-qt-4.8.0-no-webkit-tests.patch"
+ $ patch -p1 <"$SRC/qt-4.8.4-fix-sse-suppport-build-regression.patch"
- $ patch -p1 </path/to/fred/qt_patches/ \
- mingw32-qt-4.8.0-no-webkit-tests.patch
- $ patch -p1 </path/to/fred/qt_patches/ \
- qt-4.8.4-fix-sse-suppport-build-regression.patch
+ Now configure, compile and install Qt (I compiled it on my dual Xeon
+ machine with 24 cores (using make -j24) which took about 5 minutes. It
+ might take a bit longer on your machine :-p):
- Now configure, compile and install Qt (I compiled it on my dual Xeon
- machine with 24 cores (using make -j24) which took about 5 minutes. It
- might take a bit longer on your machine :-p):
+ $ sudo ./configure -prefix /opt/qt-4.8.4-mingw -opensource \
+ -no-qt3support -no-multimedia -no-audio-backend \
+ -no-phonon -no-phonon-backend -no-javascript-jit \
+ -nomake examples -nomake demos -nomake docs \
+ -xplatform win32-g++-4.6 \
+ -device-option CROSS_COMPILE=i686-w64-mingw32-
+ $ sudo make
+ $ sudo make install
- $ sudo ./configure -prefix /opt/qt-4.8.4-mingw -opensource \
- -no-qt3support -no-multimedia -no-audio-backend \
- -no-phonon -no-phonon-backend -no-javascript-jit \
- -nomake examples -nomake demos -nomake docs \
- -xplatform win32-g++-4.6 \
- -device-option CROSS_COMPILE=i686-w64-mingw32-
- $ sudo make
- $ sudo make install
+ If you are asking you why the heck I used sudo to run configure, well,
+ Qt likes to copy some files to the prefix dir in that step which will
+ fail if you aren't root.
- If you are asking you why the heck I used sudo to run configure, well,
- Qt likes to copy some files to the prefix dir in that step which will
- fail if you aren't root.
+ 2.3.5.3 Compiling
+ If all the above worked, you are ready to crosscompile fred:
- 3.5.3 Compiling
- If all the above worked, you are ready to crosscompile fred:
+ $ cd /path/to/fred/source/
+ $ ./autogen.sh --static-hivex --platform=win32
- $ cd /path/to/fred/source
- $ ./autogen.sh --static-hivex --platform=win32
-
- The build process of hivex will probably complain and might even fail
- with an error but normally the lib gets build before that without errors,
- so just ignore it.
+ The build process of hivex will probably complain and might even fail
+ with an error but normally the lib gets build before that without errors,
+ so just ignore it.
- 3.5.4 Packaging
- TODO
+ 2.3.5.4 Packaging
+ TODO
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Mon, Dec 23, 11:34 AM (11 h, 35 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1176922
Default Alt Text
(13 KB)
Attached To
Mode
rFRED fred
Attached
Detach File
Event Timeline
Log In to Comment