Forensic Server Project (FSP) on Unix/Macosx 1

Posted by Peter Burkholder Fri, 26 Oct 2007 15:23:00 GMT

I’ve been working with the security incident response tools on the Helix CD, and been intrigued by Harvey Carlan’s Forensic Server Project

However, the Sourceforge files for the FSP server don’t run on MacOSX or other Unix-style machines because it uses the Win32::GetCwd and Win32::SetCwd modules. The simple patch, below, can be saved as, say, “fspc.patch” in the same directory as the unzipped FSP files. To patch, run:

patch -p0 < fscp.patch

Here’s the patch:

--- fspc.pl.orig    2007-10-24 15:40:22.000000000 -0400
+++ fspc.pl    2007-10-24 16:18:09.000000000 -0400
@@ -18,6 +18,7 @@
 use Digest::MD5;
 use Digest::SHA1;
 use Getopt::Long;
+use Cwd;

 #--------------------------------------------------------------------------
 # Globals
@@ -39,7 +40,7 @@
     exit 1;
 }

-$setup{basedir} = Win32::GetCwd();
+$setup{basedir} = getcwd();
 $setup{casedir} = $config{casedir} || "cases";
 $setup{casename} = $config{casename};
 $setup{port} = $config{port} || 7070;
@@ -296,14 +297,14 @@
 #------------------------------------------
 sub _setup {
 # clean up the directory names
-    $setup{basedir} = $setup{basedir}."\\" unless ($setup{basedir} =~ m/\\$/); 
-    $setup{casedir} = $setup{casedir}."\\" unless ($setup{casedir} =~ m/\\$/);
-    $setup{casename} = $setup{casename}."\\" unless ($setup{casename} =~ m/\\$/);
+    $setup{basedir} = $setup{basedir}."/" unless ($setup{basedir} =~ m/\/$/); 
+    $setup{casedir} = $setup{casedir}."/" unless ($setup{casedir} =~ m/\/$/);
+    $setup{casename} = $setup{casename}."/" unless ($setup{casename} =~ m/\/$/);
     my $casedir = $setup{basedir}.$setup{casedir};
     mkdir $casedir if (! -e $casedir && ! -d $casedir);
     my $curr_case = $casedir.$setup{casename};
-    mkdir $curr_case if (! -e $curr_case && ! -d $curr_case);
-    Win32::SetCwd($curr_case);
+     mkdir $curr_case if (! -e $curr_case && ! -d $curr_case);
+    chdir($curr_case);
     print "Setup complete.\n" if ($config{verbose});
 }

@@ -312,5 +313,5 @@
 # clears setup data so it can be renewed
 #------------------------------------------
 sub _reset {
-    Win32::SetCwd($setup{basedir});
+    chdir($setup{basedir});
 }
Comments

Leave a comment

  1. Spielautomaten 4 months later:
    puh, thanks for the tip! I drove me mad but because I couldn't get the thing running on my mac server! Thanks a lot!
Comments