Xplico 0.6.1 for Fedora 11, 12, 13, and 14
Page 1 of 1

Author:  lrr [ Thu Dec 09, 2010 7:28 pm ]
Post subject:  Xplico 0.6.1 for Fedora 11, 12, 13, and 14


I have built and released Xplico 0.6.1 for Fedora 11 (i386), 12 (i386 and x86_64), 13 (i386 and x86_64), and 14 (i386 and x86_64). You can find it at the CERT Linux Forensics Tools Repository (http://www.cert.org/forensics/repository/). Follow the directions to connect to the repository and then do
yum install xplico

I took lots of time (because I had to) to make the installation preserve an existing database. With the addition of additional configuration files in the database creation script, i needed to see if in fact these tables were missing from the database, in which case they needed to be added. Here is the post install script:

/sbin/chkconfig --add xplico
cd /opt/xplico/script/db/sqlite
if [ -e $DB ]; then
   echo "Preserving previous Xplico database"
   service xplico status | grep -q running
   if [ "$XPLICO_SERVER_STATUS" -eq 0 ]; then
      service xplico stop
   if echo .tables | sqlite3 $DB | grep -q '\<msn_chats\>'
      echo "Database $DB already has msn_chats table"
      echo -n "Adding msn_chats table to $DB..."
      sqlite3 $DB < msns.sql
      echo "done"
   if echo .tables | sqlite3 $DB | grep -q '\<paltalk_rooms\>'
      echo "Database $DB already has paltalk_rooms table"
      echo -n "Adding paltalk_rooms table to $DB..."
      sqlite3 $DB < paltalks.sql
      echo "done"
   echo -n "Turning foreign_keys on in database $DB..."
   echo "PRAGMA foreign_keys = ON;" | sqlite3 $DB
   echo "done"
   echo -n "Value of auto_vacuum in database $DB is "
   echo "PRAGMA auto_vacuum ;" | sqlite3 $DB
   if [ "$XPLICO_SERVER_STATUS" -eq 0 ]; then
      service xplico start
   echo "Creating new Xplico database"
   sh create_xplico_db.sh /
if [ -f /usr/bin/pcl6 ]; then
   cp -p /usr/bin/pcl6 /opt/xplico/bin
if [ -f /usr/bin/videosnarf ]; then
   cp -p /usr/bin/videosnarf /opt/xplico/bin

This release and the previous one (0.6.0) install the code necessary to use the Web interface. I've also provided an init script (that goes in /etc/init.d/xplico) that is based on the Ubuntu startup script.

Please provide any comments and feedback to lrr@cert.org. With the holidays coming up, I may not be in a position to respond immediately but I will try.


Lawrence R. Rogers
Senior Member, Technical Staff

Digital Investigations and Intelligence (http://www.cert.org/forensics)
Survivability and Information Assurance (SIA) Curriculum Development Team (http://www.cert.org/sia)

CERT Certified Computer Security Incident Handler
GIAC Certified Forensics Analyst

CERT Program*
Software Engineering Institute
Carnegie Mellon University
4500 Fifth Avenue
Pittsburgh, PA 15213

Phone: 412-268-8042 (Direct)
FAX: 412-268-9260

KeyID: 0x16441F81 (RSA)
Fingerprint: C851 9DA0 0BC8 2B6F E0C4 DB15 CF3B 92D4
http://pgp.mit.edu:11371/pks/lookup?op= ... 0x16441F81

KeyID: 0xF8546B01 (DSA)
Fingerprint: 002C B634 E913 9EF1 EEE3 8B4F 8313 51B0 F854 6B01
http://pgp.mit.edu:11371/pks/lookup?op= ... 0xF8546B01

* CERT is registered in the U.S. Patent and Trademark Office by Carnegie Mellon University.

Page 1 of 1 All times are UTC
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group