Getting Log2timeline / Plaso Installed on Ubuntu 18.04 with Virtual Box 6

Jumping straight back in with no news of what’s been happening, apart from a new job, and me generally forgetting about this altogether.

If you want a simple way to get timelining with log2timeline & plaso,  running it on Ubuntu is really easy.

You’ll need:

Virtual Box isntaller

Ubuntu iso

Direct Internet Access (I had challenges going through the proxy with apt, so would recommend this for ease of use).

Here’s how to get it happening:

1.Install Virtual Box  (Instructions here: https://brb.nci.nih.gov/seqtools/installUbuntu.html
2.Install Ubuntu

#This pre-empts Ubuntu’s requirement when you try to install Guest additions
3. sudo apt-get install build-essential gcc make perl dkms

4.Install VMWare Guest Additions

5.Reboot

6.Install Plaso

7. sudo add-apt-repository ppa:gift/stable
8. sudo apt-get update
9. sudo apt-get install plaso-tools

Wondering where the log2timeline and/or plaso scripts have been installed? Check with dkpg -L plaso-tools.

 

Have fun timelining/forensicating/ctf’ing ‘all the things’

 

Leave a Reply

Discover more from DFIR Insights

Subscribe now to keep reading and get access to the full archive.

Continue reading