From d6f3561995f0e92f943554ce648c53b3605e3aac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 12:34:47 +0200 Subject: [PATCH 01/10] Fix docs build dependencies --- docs/requirements.txt | 10 +++++----- mkdocs.yml | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/requirements.txt b/docs/requirements.txt index 74acabfad..37fb7d1e6 100644 --- a/docs/requirements.txt +++ b/docs/requirements.txt @@ -1,5 +1,5 @@ -mkdocs==1.2.3 -mkdocs-autorefs -mkdocs-material -mkdocs-material-extensions -mkdocstrings +mkdocs==1.6.1 +mkdocs-autorefs==1.2.0 +mkdocs-material==9.5.42 +mkdocs-material-extensions==1.3.1 +mkdocstrings==0.23.0 \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index 6c410dd1c..7918ec608 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -7,8 +7,8 @@ markdown_extensions: - attr_list - admonition - pymdownx.emoji: - emoji_index: !!python/name:materialx.emoji.twemoji - emoji_generator: !!python/name:materialx.emoji.to_svg + emoji_index: !!python/name:material.extensions.emoji.twemoji + emoji_generator: !!python/name:material.extensions.emoji.to_svg - pymdownx.superfences - pymdownx.inlinehilite - pymdownx.highlight: From 6e0cd23bbcb9514d6c2aaf5be7f5b58763df9157 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 13:17:47 +0200 Subject: [PATCH 02/10] Add license to Docker image metadata --- Dockerfile | 1 + Dockerfile.android | 1 + Dockerfile.ios | 1 + 3 files changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index faa1c0fae..28f92b6e2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -110,6 +110,7 @@ LABEL org.opencontainers.image.documentation="https://docs.mvt.re" LABEL org.opencontainers.image.source="https://github.com/mvt-project/mvt" LABEL org.opencontainers.image.title="Mobile Verification Toolkit" LABEL org.opencontainers.image.description="MVT is a forensic tool to look for signs of infection in smartphone devices." +LABEL org.opencontainers.image.licenses="MVT License 1.1" LABEL org.opencontainers.image.base.name=docker.io/library/ubuntu:22.04 # Install runtime dependencies diff --git a/Dockerfile.android b/Dockerfile.android index be4416771..acf776a7c 100644 --- a/Dockerfile.android +++ b/Dockerfile.android @@ -6,6 +6,7 @@ LABEL org.opencontainers.image.documentation="https://docs.mvt.re" LABEL org.opencontainers.image.source="https://github.com/mvt-project/mvt" LABEL org.opencontainers.image.title="Mobile Verification Toolkit (Android)" LABEL org.opencontainers.image.description="MVT is a forensic tool to look for signs of infection in smartphone devices." +LABEL org.opencontainers.image.licenses="MVT License 1.1" LABEL org.opencontainers.image.base.name=docker.io/library/python:3.10.14-alpine3.20 # Install runtime dependencies diff --git a/Dockerfile.ios b/Dockerfile.ios index ed3ec998d..4d5fb527f 100644 --- a/Dockerfile.ios +++ b/Dockerfile.ios @@ -111,6 +111,7 @@ LABEL org.opencontainers.image.documentation="https://docs.mvt.re" LABEL org.opencontainers.image.source="https://github.com/mvt-project/mvt" LABEL org.opencontainers.image.title="Mobile Verification Toolkit (iOS)" LABEL org.opencontainers.image.description="MVT is a forensic tool to look for signs of infection in smartphone devices." +LABEL org.opencontainers.image.licenses="MVT License 1.1" LABEL org.opencontainers.image.base.name=docker.io/library/python:3.10.14-alpine3.20 # Install runtime dependencies From 4598293c826df8dc58c1dc9c7511835a202c9181 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 13:18:43 +0200 Subject: [PATCH 03/10] Generate ADB key on first run to avoid static key in image --- Dockerfile | 3 ++- Dockerfile.android | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 28f92b6e2..f8c5bd18f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -144,7 +144,8 @@ ADD https://github.com/nelenkov/android-backup-extractor/releases/download/maste RUN echo 'alias abe="java -jar /opt/abe/abe.jar"' >> ~/.bashrc # Generate adb key folder -RUN mkdir /root/.android && adb keygen /root/.android/adbkey +RUN echo 'if [ ! -f /root/.android/adbkey ]; then adb keygen /root/.android/adbkey 2&>1 > /dev/null; fi' >> ~/.bashrc +RUN mkdir /root/.android # Setup investigations environment RUN mkdir /home/cases diff --git a/Dockerfile.android b/Dockerfile.android index acf776a7c..4d2f0c15f 100644 --- a/Dockerfile.android +++ b/Dockerfile.android @@ -28,6 +28,7 @@ ADD https://github.com/nelenkov/android-backup-extractor/releases/download/maste RUN echo 'alias abe="java -jar /opt/abe/abe.jar"' >> ~/.bashrc # Generate adb key folder -RUN mkdir /root/.android && adb keygen /root/.android/adbkey +RUN echo 'if [ ! -f /root/.android/adbkey ]; then adb keygen /root/.android/adbkey 2&>1 > /dev/null; fi' >> ~/.bashrc +RUN mkdir /root/.android ENTRYPOINT [ "/usr/local/bin/mvt-android" ] From cbb78b7ade3d89556f67c39ecfba30dad84ad927 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 13:19:10 +0200 Subject: [PATCH 04/10] Update pip version in image to try fix package build issue --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index f8c5bd18f..97fa5a287 100644 --- a/Dockerfile +++ b/Dockerfile @@ -134,6 +134,7 @@ COPY --from=build-usbmuxd /build / # Install mvt RUN apt-get update \ && apt-get install -y git python3-pip \ + && PIP_NO_CACHE_DIR=1 pip3 install --upgrade pip \ && PIP_NO_CACHE_DIR=1 pip3 install git+https://github.com/mvt-project/mvt.git@main \ && apt-get remove -y python3-pip git && apt-get autoremove -y \ && rm -rf /var/lib/apt/lists/* From 62cdfa1b59862b4f9e400192ab2c316e77afc8f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 13:19:34 +0200 Subject: [PATCH 05/10] Add info to docs on using docker image --- docs/docker.md | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/docs/docker.md b/docs/docker.md index ca98185eb..be8631ce1 100644 --- a/docs/docker.md +++ b/docs/docker.md @@ -2,7 +2,22 @@ Using Docker simplifies having all the required dependencies and tools (includin Install Docker following the [official documentation](https://docs.docker.com/get-docker/). -Once installed, you can clone MVT's repository and build its Docker image: +Once Docker is installed, you can run MVT by downloading a prebuilt MVT Docker image, or by building a Docker image yourself from the MVT source repo. + +### Using the prebuilt Docker image + +```bash +docker pull ghcr.io/mvt-project/mvt +``` + +You can then run the Docker container with: + +``` +docker run -it ghcr.io/mvt-project/mvt +``` + + +### Build and run Docker image from source ```bash git clone https://github.com/mvt-project/mvt.git @@ -18,6 +33,9 @@ docker run -it mvt If a prompt is spawned successfully, you can close it with `exit`. + +## Docker usage with Android devices + If you wish to use MVT to test an Android device you will need to enable the container's access to the host's USB devices. You can do so by enabling the `--privileged` flag and mounting the USB bus device as a volume: ```bash From 319bc7e9cdd9b2170c4a7ab2e0bd227d15b02f2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 14:56:35 +0200 Subject: [PATCH 06/10] Switch docker build to use local context rather than pulling --- .dockerignore | 2 -- Dockerfile | 14 ++++++++------ Dockerfile.android | 5 +++-- Dockerfile.ios | 7 ++++--- 4 files changed, 15 insertions(+), 13 deletions(-) delete mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore deleted file mode 100644 index 65b326f76..000000000 --- a/.dockerignore +++ /dev/null @@ -1,2 +0,0 @@ -# Ignore everything, the dockerfile always pulls from https://github.com/mvt-project/mvt.git@main -* diff --git a/Dockerfile b/Dockerfile index 97fa5a287..dcc8645e0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -131,13 +131,15 @@ COPY --from=build-libusbmuxd /build / COPY --from=build-libimobiledevice /build / COPY --from=build-usbmuxd /build / -# Install mvt +# Install mvt using the locally checked out source +COPY . mvt/ RUN apt-get update \ - && apt-get install -y git python3-pip \ - && PIP_NO_CACHE_DIR=1 pip3 install --upgrade pip \ - && PIP_NO_CACHE_DIR=1 pip3 install git+https://github.com/mvt-project/mvt.git@main \ - && apt-get remove -y python3-pip git && apt-get autoremove -y \ - && rm -rf /var/lib/apt/lists/* + && apt-get install -y git python3-pip \ + && PIP_NO_CACHE_DIR=1 pip3 install --upgrade pip \ + && PIP_NO_CACHE_DIR=1 pip3 install ./mvt \ + && apt-get remove -y python3-pip git && apt-get autoremove -y \ + && rm -rf /var/lib/apt/lists/* \ + && rm -rf mvt # Installing ABE ADD https://github.com/nelenkov/android-backup-extractor/releases/download/master-20221109063121-8fdfc5e/abe.jar /opt/abe/abe.jar diff --git a/Dockerfile.android b/Dockerfile.android index 4d2f0c15f..e6cd57f4c 100644 --- a/Dockerfile.android +++ b/Dockerfile.android @@ -18,9 +18,10 @@ RUN apk add --no-cache \ sqlite # Install mvt +COPY ./ mvt RUN apk add --no-cache git \ - && PIP_NO_CACHE_DIR=1 pip3 install git+https://github.com/mvt-project/mvt.git@main \ - && apk del git + && PIP_NO_CACHE_DIR=1 pip3 install ./mvt \ + && apk del git && rm -rf ./mvt # Installing ABE ADD https://github.com/nelenkov/android-backup-extractor/releases/download/master-20221109063121-8fdfc5e/abe.jar /opt/abe/abe.jar diff --git a/Dockerfile.ios b/Dockerfile.ios index 4d5fb527f..a2a29e961 100644 --- a/Dockerfile.ios +++ b/Dockerfile.ios @@ -128,9 +128,10 @@ COPY --from=build-libusbmuxd /build / COPY --from=build-libimobiledevice /build / COPY --from=build-usbmuxd /build / -# Install mvt +# Install mvt using the locally checked out source +COPY ./ mvt RUN apk add --no-cache git \ - && PIP_NO_CACHE_DIR=1 pip3 install git+https://github.com/mvt-project/mvt.git@main \ - && apk del git + && PIP_NO_CACHE_DIR=1 pip3 install ./mvt \ + && apk del git && rm -rf ./mvt ENTRYPOINT [ "/usr/local/bin/mvt-ios" ] From 37705d11fae21dbe0c4b25e5a88845cdbcf1e9a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 14:56:59 +0200 Subject: [PATCH 07/10] Add checksum for ABE jar --- Dockerfile | 3 ++- Dockerfile.android | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index dcc8645e0..3f42c1922 100644 --- a/Dockerfile +++ b/Dockerfile @@ -142,7 +142,8 @@ RUN apt-get update \ && rm -rf mvt # Installing ABE -ADD https://github.com/nelenkov/android-backup-extractor/releases/download/master-20221109063121-8fdfc5e/abe.jar /opt/abe/abe.jar +ADD --checksum=sha256:a20e07f8b2ea47620aff0267f230c3f1f495f097081fd709eec51cf2a2e11632 \ + https://github.com/nelenkov/android-backup-extractor/releases/download/master-20221109063121-8fdfc5e/abe.jar /opt/abe/abe.jar # Create alias for abe RUN echo 'alias abe="java -jar /opt/abe/abe.jar"' >> ~/.bashrc diff --git a/Dockerfile.android b/Dockerfile.android index e6cd57f4c..5563f426d 100644 --- a/Dockerfile.android +++ b/Dockerfile.android @@ -24,7 +24,8 @@ RUN apk add --no-cache git \ && apk del git && rm -rf ./mvt # Installing ABE -ADD https://github.com/nelenkov/android-backup-extractor/releases/download/master-20221109063121-8fdfc5e/abe.jar /opt/abe/abe.jar +ADD --checksum=sha256:a20e07f8b2ea47620aff0267f230c3f1f495f097081fd709eec51cf2a2e11632 \ + https://github.com/nelenkov/android-backup-extractor/releases/download/master-20221109063121-8fdfc5e/abe.jar /opt/abe/abe.jar # Create alias for abe RUN echo 'alias abe="java -jar /opt/abe/abe.jar"' >> ~/.bashrc From 7772d2de723218b2b38dfa56360200664bcdcd8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 15:10:11 +0200 Subject: [PATCH 08/10] Add build dependencies for pyahocorasick --- Dockerfile.android | 4 ++-- Dockerfile.ios | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile.android b/Dockerfile.android index 5563f426d..6056e4560 100644 --- a/Dockerfile.android +++ b/Dockerfile.android @@ -19,9 +19,9 @@ RUN apk add --no-cache \ # Install mvt COPY ./ mvt -RUN apk add --no-cache git \ +RUN apk add --no-cache --virtual .build-deps gcc musl-dev \ && PIP_NO_CACHE_DIR=1 pip3 install ./mvt \ - && apk del git && rm -rf ./mvt + && apk del .build-deps gcc musl-dev && rm -rf ./mvt # Installing ABE ADD --checksum=sha256:a20e07f8b2ea47620aff0267f230c3f1f495f097081fd709eec51cf2a2e11632 \ diff --git a/Dockerfile.ios b/Dockerfile.ios index a2a29e961..d5387fb5a 100644 --- a/Dockerfile.ios +++ b/Dockerfile.ios @@ -130,8 +130,8 @@ COPY --from=build-usbmuxd /build / # Install mvt using the locally checked out source COPY ./ mvt -RUN apk add --no-cache git \ +RUN apk add --no-cache --virtual .build-deps git gcc musl-dev \ && PIP_NO_CACHE_DIR=1 pip3 install ./mvt \ - && apk del git && rm -rf ./mvt + && apk del .build-deps git gcc musl-dev && rm -rf ./mvt ENTRYPOINT [ "/usr/local/bin/mvt-ios" ] From 17b625f3118eefe1a1ec0355ed43a2883ed444ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 15:16:28 +0200 Subject: [PATCH 09/10] Make multiplatform images --- .github/workflows/publish-release-docker.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish-release-docker.yml b/.github/workflows/publish-release-docker.yml index 067611cd4..62a8f9275 100644 --- a/.github/workflows/publish-release-docker.yml +++ b/.github/workflows/publish-release-docker.yml @@ -47,6 +47,7 @@ jobs: uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 with: context: . + platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From 83c1bbf7146e062b20d5351306fa658184c3b131 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Wed, 23 Oct 2024 15:22:11 +0200 Subject: [PATCH 10/10] Revert "Make multiplatform images" This reverts commit 17b625f3118eefe1a1ec0355ed43a2883ed444ff. --- .github/workflows/publish-release-docker.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/publish-release-docker.yml b/.github/workflows/publish-release-docker.yml index 62a8f9275..067611cd4 100644 --- a/.github/workflows/publish-release-docker.yml +++ b/.github/workflows/publish-release-docker.yml @@ -47,7 +47,6 @@ jobs: uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 with: context: . - platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }}