Re: [Tutor] pytsk

[Zachary Ware]

Hi Peter,

On Fri, Apr 29, 2016 at 8:15 AM, Tees, Peter (EthosEnergy)
 wrote:
> Hi folks
>
> I'm pretty new to Python and programming, I've done the first four modules of 
> the Python course at Coursera.org to get started
>
> Now I want to put what I've learned to good use, based on the articles by 
> David Cowen at the Hacking Exposed blog and in particular his series 
> "Automating DFIR - How to series on programming libtsk with Python" (which is 
> Python 2.7, same as Coursera.org)
>
> The very first thing to be done, after installing Python, is to grab a 
> Windows installer for the pytsk library from here 
> https://github.com/log2timeline/l2tbinaries/blob/master/win32/pytsk3-4.1.3-20140506.win32-py2.7.msi
>
> But that link doesn't work (Page 404), and any other downloads I've seen so 
> far refer either to binding to The Sleuthkit or refer to pytsk3 which I don't 
> think is what I need
>
> Can anyone point me to a Windows 32-bit installer for a pytsk library that 
> will work with Python 2.7?

I can't find one easily, but it does look like pytsk3 is what you want
-- looking at the link you provided, the name is 'pytsk3-...'.  So
what should be sufficient is to install the Microsoft Visual C++
Compiler for Python 2.7 [1], then run 'python -m pip install pytsk3'.
That should be enough to get you going.

[1] https://aka.ms/vcpython27

Hope this helps,
-- 
Zach
___
Tutor maillist  -  Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor

Re: [Tutor] pytsk

[SM]

I often refer to the same blog (hacking exposed), and find many of the
links broken, even though there is a lot of very useful information there.
I use pytsk on Linux and always build it from source from here:
https://github.com/py4n6/pytsk/releases/download/<>/pytsk-<>.tgz

e.g:
https://github.com/py4n6/pytsk/releases/download/20150406/pytsk-20150406.tgz

-Sunita


On Fri, Apr 29, 2016 at 9:15 AM, Tees, Peter (EthosEnergy) <
peter.t...@ethosenergygroup.com> wrote:

> Hi folks
>
> I'm pretty new to Python and programming, I've done the first four modules
> of the Python course at Coursera.org to get started
>
> Now I want to put what I've learned to good use, based on the articles by
> David Cowen at the Hacking Exposed blog and in particular his series
> "Automating DFIR - How to series on programming libtsk with Python" (which
> is Python 2.7, same as Coursera.org)
>
> The very first thing to be done, after installing Python, is to grab a
> Windows installer for the pytsk library from here
> https://github.com/log2timeline/l2tbinaries/blob/master/win32/pytsk3-4.1.3-20140506.win32-py2.7.msi
>
> But that link doesn't work (Page 404), and any other downloads I've seen
> so far refer either to binding to The Sleuthkit or refer to pytsk3 which I
> don't think is what I need
>
> Can anyone point me to a Windows 32-bit installer for a pytsk library that
> will work with Python 2.7?
>
> Thanks & regards
>
> Peter Tees
> IT Compliance & Forensic Analyst
>
> D: +44 (0) 1224 367212
> peter.tees@ethosenergygroup
> www.ethosenergygroup.com
>
> [cid:image002.png@01D1A221.84A5E4A0]
> Follow Us! [cid:image001.jpg@01D04497.89DA9B20] <
> https://www.linkedin.com/company/ethosenergy>
> [cid:image002.jpg@01D04497.89DA9B20] <
> https://www.youtube.com/channel/UCMP35rfJ-hkeETNrQbxPZ4w>
> [cid:image003.jpg@01D04497.89DA9B20] <
> https://www.facebook.com/EthosEnergyPPS>
> [cid:image004.jpg@01D04497.89DA9B20] <
> https://plus.google.com/110364885156198751003/posts?gpinv=AMIXal-_9u3UwfxLb8KZ2DC-RzET6qMa_DF0n7FxQ_Qi6dpzq-cF3aS9Lfyij0Fzj2TO7jdOxp4S_A96oFmZ-kat-Bs_aBbwRs_CwM34wY_GOVaTZlEUNH0=1>
> [cid:image005.jpg@01D04497.89DA9B20] 
> This email and its attachments may contain information which is
> confidential and/or legally privileged. If you are not the intended
> recipient of this email please notify the sender immediately by email and
> delete this email and its attachments from your computer and IT systems.
> You must not copy, re-transmit, use or disclose (other than to the sender)
> the existence or contents of this email or its attachments or permit anyone
> else to do so.
>
> -- This email is confidential and may be
> protected by legal privilege. If you are not the intended recipient you
> should not copy it, re-transmit it, use it or disclose its contents, but
> should return it to the sender immediately and delete your copy from your
> system. Internet emails are not necessarily secure. The company does not
> accept responsibility for changes made to this message after it was sent.
> While all reasonable care has been taken to avoid the transmission of
> viruses, it is the responsibility of the recipient to ensure that the
> onward transmission, opening or use of this message and any attachments
> will not adversely affect its systems or data. No responsibility is
> accepted by the company in this regard and the recipient should carry out
> such virus and other checks as it considers appropriate. This email has
> been scanned for Virus and Spam content by EthosEnergy.
> ___
> Tutor maillist  -  Tutor@python.org
> To unsubscribe or change subscription options:
> https://mail.python.org/mailman/listinfo/tutor
>
___
Tutor maillist  -  Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor

Re: [Tutor] pytsk

[Alan Gauld via Tutor]

On 29/04/16 14:15, Tees, Peter (EthosEnergy) wrote:

> Now I want to put what I've learned to good use, based on the 
> articles by David Cowen at the Hacking Exposed blog
> and in particular his series "Automating DFIR - How to series
> on programming libtsk with Python"

> Can anyone point me to a Windows 32-bit installer 

Nope, I can only find the Github site which requires you to
build it from source. And given it appears to be written in
C that may be too advanced a topic for you just now.

Maybe you should start with something simpler? Or find
a different library to do what you want to do...

> for a pytsk library that will work with Python 2.7?

I did find a v3 pytsk, which presumably is for Python v3.
I didn't notice a Win32 installer for it though.

Normally I'd refer you to the pytsk community for further
support since its really outside the scope of this list,
but I didn't see any links to such a group. You may be best
emailing the author (or the author of the tutorial you
were reading)

-- 
Alan G
Author of the Learn to Program web site
http://www.alan-g.me.uk/
http://www.amazon.com/author/alan_gauld
Follow my photo-blog on Flickr at:
http://www.flickr.com/photos/alangauldphotos


___
Tutor maillist  -  Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor