-
Notifications
You must be signed in to change notification settings - Fork 103
Installation for Python3 old
Standalone compiled binaries are available for Windows (under Releases), this guide is only for running mac_apt from source code. Please follow the instructions in exact order.
Download mac_apt from github, then follow this document to install the dependencies. If you are on macos, there is an installer shell script that does it all automatically.
Use these links to jump to instructions for your OS:
Windows, Linux & Windows Subsystem for Linux, macOS
Use pip to install these dependencies. On windows, this will be found under your python_install_folder\Scripts\pip.exe
You will need the VC++ compiler to be installed as some dependencies need it.
Run the following command
pip install anytree biplist construct==2.9.45 xlsxwriter plistutils kaitaistruct lz4 pycryptodome cryptography pybindgen==0.21.0 pillow pyliblzfse nska_deserialize libvmdk-python pytsk3 libewf-python
fastchunking requires the VC++ compiler to be installed. Installation via pip may fail due to a long path issue, so you can do either of the steps shown below.
On the command line redirect the TEMP and TMP folders as follows, then run pip. Just run the following commands to do so:
mkdir C:\temp1
set TEMP=C:\temp1
set TMP=C:\temp1
pip install fastchunking
rmdir /S /Q C:\temp1
If the above still fails, try manually installing as shown below. Otherwise skip that step.
Download installation from here. Then unzip, browse to the folder on the Command prompt and run the following commands:
python3 setup.py build
python3 setup.py install
For pyaff4, uninstall any existing version you have using pip uninstall pyaff4
Then install a custom version that implements some required functionality. Get this from here: https://github.com/ydkhatri/mac_apt/raw/master/other_dependencies/pyaff4-0.31-yk.zip It will download as pyaff4-0.31-yk.zip
Once downloaded, run pip install pyaff4-0.31-yk.zip
. This should install pyaff4.
### Installing compiled dependencies:
Navigate to the /Libraries_For_Windows folder of the source code. Choose one of the folders listed there, depending on your version of python (3.7/3.8) and platform (32/64). The folder names end with either 37 or 38 indicating version 3.7 or 3.8 of python. So for example if you are running the 32 bit version of python 3.7 (Default installation on windows gets you 32 bit python), then choose the folder 32bit_py37. Copy all .pyd files contained in the chosen folder to your <Python37_install_folder>\Lib\site-packages folder. There are instructions contained in the Readme.txt file in that folder if you need more guidance.
Some of the dlls may have a VC++ dll dependency, so you may need to download and install Microsoft Visual C++ 2015 Redistributable package.
If you enable Windows Subsystem for Linux and then install Ubuntu from the Microsoft Store, you can use the same steps shown below (which also work on normal Ubuntu Linux). On windows, start by invoking bash.exe. On Linux, start a Terminal window.
sudo apt update
sudo apt install python3-pip python3-virtualenv python3-dev libbz2-dev zlib1g-dev
In order to avoid confusion about python libraries, we will lock down our environment using virtualenv. This way any dependencies we install/upgrade/remove will only affect that instance and nothing else. This will avoid hours of frustration later!
sudo pip3 install virtualenv
virtualenv env
source env/bin/activate
git clone https://github.com/ydkhatri/mac_apt
For pyaff4, if you have an existing version, you may need to uninstall it using sudo pip3 uninstall pyaff4
. Now install this custom version that implements some required functionality.
pip3 install mac_apt/other_dependencies/pyaff4-0.31-yk.zip
This should install pyaff4.
Download libewf-20140807.tar.gz from https://github.com/libyal/libewf-legacy/releases. Or use wget to download, then tar to unzip.
wget https://github.com/libyal/libewf-legacy/releases/download/20140808/libewf-20140808.tar.gz
tar xzf libewf-20140808.tar.gz
Then compile and install:
cd libewf-20140808
python setup.py build
python setup.py install
cd ..
pip3 install anytree biplist construct==2.9.45 xlsxwriter plistutils kaitaistruct lz4 pytsk3==20170802 libvmdk-python==20181227 pycryptodome cryptography pybindgen==0.21.0 pillow pyliblzfse nska_deserialize
Thats it! Test this by running
cd mac_apt
python mac_apt.py -h
You can deactivate the virtualenv when done with a simple deactivate
command.
Note: Every time you need to run the script you have to open a terminal, browse to the installation folder and activate the virtualenv with the command
source env/bin/activate
There is an automated install script that will download and install mac_apt and all dependencies. If you wish to use that, download mac_aptInstall-macOS-v21.sh from here, then run the following commands on the Terminal to add execution permission to the file and run it.
chmod u+x mac_aptInstall-macOS-v21.sh
./mac_aptInstall-macOS-v21.sh
Note: Every time you need to run the script you have to open a terminal, browse to the mac_apt folder and activate the virtualenv with the command
source env/bin/activate
Install Homebrew. You will need this to install the other components.
macOS already ships with python 2.7, however it does not come with pip or python dev libraries. It is not recommended to try to alter the installed python framework or upgrade any of the installed packages. There is also the fact that many of these packages are under System Integrity Protection and macOS will not let you alter them! So we install another instance of python using brew, this will automatically get pip and python-devel. Let's also install git with brew.
brew install python3 git
In order to avoid confusion about python libraries, we will lock down our environment using virtualenv. This way any dependencies we install/upgrade/remove will only affect that instance and nothing else. This will avoid hours of frustration later!
sudo pip3 install --upgrade virtualenv
Now go to the extracted mac_apt (source code) folder, from here create the virtual environment, we just call it 'env' here.
cd mac_apt
virtualenv --python python3 env
Now activate 'env' with command:
source env/bin/activate
Your environment is setup and ready for use. When you are done with the rest of the installation and need to go back to the regular shell, type deactivate
. Run all the commands below in this activated shell only.
Install pytsk3 version 20170802, the later versions are not fully tested and known to have issues with mac_apt.
pip3 install pytsk3==20170802 libvmdk-python==20181227
You should not need 'sudo' here, as its only writing to our custom environment.
Download libewf-20140807.tar.gz from https://github.com/libyal/libewf-legacy/releases
Unzip and compile:
cd libewf-20140807
python setup.py build
python setup.py install
pip install anytree biplist construct==2.9.45 xlsxwriter plistutils kaitaistruct lz4 pycryptodome cryptography pybindgen==0.21.0 pillow pyliblzfse nska_deserialize
For pyaff4, install this custom version that implements some required functionality: https://github.com/ydkhatri/mac_apt/raw/master/other_dependencies/pyaff4-0.31-yk.zip It will download as pyaff4-0.31-yk.zip
Once downloaded, run pip install pyaff4-0.31-yk.zip
. This should install pyaff4.
Now that all dependencies are installed, you can run python mac_apt.py -h
to run the script (-h shows you available options). You can deactivate
the virtualenv when done.
Note: Every time you need to run the script you have to open a terminal, browse to the mac_apt folder and activate the virtualenv with the command
source env/bin/activate
On Linux/macOS, certain E01 files may not be readable with the installed pyewf library. If you come across an E01 that can't be read correctly, then try this version of libewf: libewf-experimental-20171104. Follow the same procedure as outlined under Installing pyewf above.
For macOS, here is a modified version of the installation script that will install this alternate version of libewf - mac_aptInstall-macOS-v21a.sh
For other run-time problems, see Known-issues-and-Workarounds.
Getting Started
- Introduction
- Installation
-
Sample Usage
- ios_apt
- Artifact Only Mode
- Mounted System Data Mode
- Interpreting Output
- Issues & Workarounds
Plugins
- AUTOSTART
- BASICINFO
- BLUETOOTH
- DOMAINS
- FSEVENTS
- IDEVICEBACKUPS
- IDEVICEINFO
- IMESSAGE
- INETACCOUNTS
- INSTALLHISTORY
- MSOFFICE
- NETUSAGE
- NETWORKING
- NOTES
- NOTIFICATIONS
- PRINTJOBS
- QUARANTINE
- RECENTITEMS
- SAFARI
- SCREENTIME
- SPOTLIGHT
- SPOTLIGHTSHORTCUTS
- TERMINALSTATE
- TERMSESSIONS
- UNIFIEDLOGS
- USERS
- WIFI
Development
- Write a Plugin
- Plugin Helpers