autopsy
autopsy copied to clipboard
sleuthkit
Kali linux cannot run bin/autopsy , Library not found in jar (libtsk_jni) SleuthkitJNI: failed to load libtsk_jni
Here is the error i have when i try to run bin/autopsy after i follow all the installation
┌──(maliki㉿Maliki-club)-[~/hack/autopsy-4.21.0/bin] └─$ sudo ./autopsy WARNING: Unknown module: javafx.base specified to --add-exports WARNING: Unknown module: javafx.controls specified to --add-exports WARNING: Unknown module: javafx.controls specified to --add-opens Library not found in jar (libtsk_jni) SleuthkitJNI: failed to load libtsk_jni
Fatal Error! X Problem with Sleuth Kit JNI. Test call failed! Is Autopsy or Cyber Triage already running? Details: java.lang.UnsatisfiedLinkError: 'java.lang.String org.sleuthkit.datamodel.SleuthkitJNI.getVersionNat()' OK
It seem that autopsy application cannot be download in kali and but we can use the web app (i prefrere the normal app like in windows)
Can you run the command mmls -V and report what the version of Sleuthkit is?
Here are steps that I have done to uninstall/install Autopsy in a Kali VM.
mkdir autopsy-install cd autopsy-install
sudo apt-get purge --auto-remove autopsy sudo apt-get purge --auto-remove sleuthkit
sudo apt-get update
curl -s -O https://raw.githubusercontent.com/sleuthkit/autopsy/master/linux_macos_install_scripts/install_prereqs_ubuntu.sh chmod 755 install_prereqs_ubuntu.sh
curl -s -O https://raw.githubusercontent.com/sleuthkit/autopsy/master/linux_macos_install_scripts/install_application.sh chmod 755 install_application.sh
curl -L https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.21.0/autopsy-4.21.0.zip -O autopsy-4.21.0.zip curl -L https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.21.0/autopsy-4.21.0.zip.asc -O autopsy-4.21.0.zip.asc curl -L https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.12.1/sleuthkit-java_4.12.1-1_amd64.deb -O sleuthkit-java_4.12.1-1_amd64.deb
Install the newest release of sleuthktit
sudo apt-get install ./sleuthkit-java_4.12.1-1_amd64.deb
Install the prereqs for Autopsy
./install_prereqs_ubuntu.sh
Run the following command to get the Java Home
java -XshowSettings:properties -version 2>&1 > /dev/null | grep 'java.home'
Set Java Home based on previous step
I suggest updating this in your profile so it will be persistent
export JAVA_HOME=
./install_application.sh -z ~/autopsy-install/autopsy-4.21.0.zip -i ~/autopsy -j $JAVA_HOME -n autopsy -v autopsy-4.21.0.zip.asc
Change to autopsy bin directory
./autopsy --nosplash
Let me know if this does or does not work for you.
Wow, I thought this was only an issue on arm64 architecture. Sorry, I should have specified I’m running Parrot on arm (which should make it identical to kali), so I assumed that was the issue.
Just because I couldn’t install sleuthkit from the deb Package.
So is that not the issue here?
If so, I’ll try this.
Thanks so much!
On Tue, Jun 11, 2024 at 10:47 AM Mark McKinnon @.***> wrote:
Here are steps that I have done to uninstall/install Autopsy in a Kali VM.
mkdir autopsy-install cd autopsy-install
sudo apt-get purge --auto-remove autopsy sudo apt-get purge --auto-remove sleuthkit
sudo apt-get update
curl -s -O https://raw.githubusercontent.com/sleuthkit/autopsy/master/linux_macos_install_scripts/install_prereqs_ubuntu.sh chmod 755 install_prereqs_ubuntu.sh
curl -s -O https://raw.githubusercontent.com/sleuthkit/autopsy/master/linux_macos_install_scripts/install_application.sh chmod 755 install_application.sh
curl -L https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.21.0/autopsy-4.21.0.zip -O autopsy-4.21.0.zip curl -L https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.21.0/autopsy-4.21.0.zip.asc -O autopsy-4.21.0.zip.asc curl -L https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.12.1/sleuthkit-java_4.12.1-1_amd64.deb -O sleuthkit-java_4.12.1-1_amd64.deb Install the newest release of sleuthktit
sudo apt-get install ./sleuthkit-java_4.12.1-1_amd64.deb Install the prereqs for Autopsy
./install_prereqs_ubuntu.sh Run the following command to get the Java Home
java -XshowSettings:properties -version 2>&1 > /dev/null | grep 'java.home' Set Java Home based on previous step I suggest updating this in your profile so it will be persistent
export JAVA_HOME=
./install_application.sh -z ~/autopsy-install/autopsy-4.21.0.zip -i ~/autopsy -j $JAVA_HOME -n autopsy -v autopsy-4.21.0.zip.asc Change to autopsy bin directory
./autopsy --nosplash
Let me know if this does or does not work for you.
— Reply to this email directly, view it on GitHub https://github.com/sleuthkit/autopsy/issues/7887#issuecomment-2160954937, or unsubscribe https://github.com/notifications/unsubscribe-auth/BCBEEEWWZLKQDAODJWOVKDTZG4EXJAVCNFSM6AAAAABE6SHCESVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNRQHE2TIOJTG4 . You are receiving this because you commented.Message ID: @.***>
So I’ve followed those instructions, with the exception of manually installing sleuthkit from the tar provided instead of the deb,
And I get the same errors as in the original post.
On Tue, Jun 11, 2024 at 10:47 AM Mark McKinnon @.***> wrote:
Here are steps that I have done to uninstall/install Autopsy in a Kali VM.
mkdir autopsy-install cd autopsy-install
sudo apt-get purge --auto-remove autopsy sudo apt-get purge --auto-remove sleuthkit
sudo apt-get update
curl -s -O https://raw.githubusercontent.com/sleuthkit/autopsy/master/linux_macos_install_scripts/install_prereqs_ubuntu.sh chmod 755 install_prereqs_ubuntu.sh
curl -s -O https://raw.githubusercontent.com/sleuthkit/autopsy/master/linux_macos_install_scripts/install_application.sh chmod 755 install_application.sh
curl -L https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.21.0/autopsy-4.21.0.zip -O autopsy-4.21.0.zip curl -L https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.21.0/autopsy-4.21.0.zip.asc -O autopsy-4.21.0.zip.asc curl -L https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.12.1/sleuthkit-java_4.12.1-1_amd64.deb -O sleuthkit-java_4.12.1-1_amd64.deb Install the newest release of sleuthktit
sudo apt-get install ./sleuthkit-java_4.12.1-1_amd64.deb Install the prereqs for Autopsy
./install_prereqs_ubuntu.sh Run the following command to get the Java Home
java -XshowSettings:properties -version 2>&1 > /dev/null | grep 'java.home' Set Java Home based on previous step I suggest updating this in your profile so it will be persistent
export JAVA_HOME=
./install_application.sh -z ~/autopsy-install/autopsy-4.21.0.zip -i ~/autopsy -j $JAVA_HOME -n autopsy -v autopsy-4.21.0.zip.asc Change to autopsy bin directory
./autopsy --nosplash
Let me know if this does or does not work for you.
— Reply to this email directly, view it on GitHub https://github.com/sleuthkit/autopsy/issues/7887#issuecomment-2160954937, or unsubscribe https://github.com/notifications/unsubscribe-auth/BCBEEEWWZLKQDAODJWOVKDTZG4EXJAVCNFSM6AAAAABE6SHCESVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNRQHE2TIOJTG4 . You are receiving this because you commented.Message ID: @.***>
What tar are you referring to. The error states the jar file cannot be found so my guess is that installing from the tar did not put the jar file in the correct place. If you install from the deb it will put the jar file in the correct place.
There is no deb available for arm64 architecture. That’s my main problem I think. I also transferred the jar file into the correct location, and the link error persisted. I don’t think that’s the issue.
On Wed, Jun 12, 2024 at 7:10 AM Mark McKinnon @.***> wrote:
What tar are you referring to. The error states the jar file cannot be found so my guess is that installing from the tar did not put the jar file in the correct place. If you install from the deb it will put the jar file in the correct place.
— Reply to this email directly, view it on GitHub https://github.com/sleuthkit/autopsy/issues/7887#issuecomment-2162739428, or unsubscribe https://github.com/notifications/unsubscribe-auth/BCBEEEUW7S62QCRUHRHS3R3ZHAUC7AVCNFSM6AAAAABE6SHCESVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNRSG4ZTSNBSHA . You are receiving this because you commented.Message ID: @.***>