diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..d7278a6 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,65 @@ +FROM ubuntu:20.04 + +# Ref. https://github.com/mvt-project/mvt + +# Fixing major OS dependencies +# ---------------------------- +RUN apt update \ + && apt install -y python3 python3-pip libusb-1.0-0-dev \ + && apt install -y wget \ + && apt install -y adb \ + && DEBIAN_FRONTEND=noninteractive apt-get -y install default-jre-headless + +# Install build tools for libimobiledevice +# ---------------------------------------- +RUN apt install -y build-essential \ + checkinstall \ + git \ + autoconf \ + automake \ + libtool-bin \ + libplist-dev \ + libusbmuxd-dev \ + libssl-dev \ + pkg-config + +# Clean up +# -------- +RUN apt-get clean \ + && rm -rf /var/lib/apt/lists/* + + +# Build libimobiledevice +# ---------------------- +RUN git clone https://github.com/libimobiledevice/libplist +RUN git clone https://github.com/libimobiledevice/libusbmuxd +RUN git clone https://github.com/libimobiledevice/libimobiledevice +RUN git clone https://github.com/libimobiledevice/usbmuxd + +RUN cd libplist && ./autogen.sh && make && make install && ldconfig + +RUN cd libusbmuxd && PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./autogen.sh && make && make install && ldconfig + +RUN cd libimobiledevice && PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./autogen.sh --enable-debug && make && make install && ldconfig + +RUN cd usbmuxd && PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./autogen.sh --prefix=/usr --sysconfdir=/etc --localstatedir=/var --runstatedir=/run && make && make install + +# Installing MVT +# -------------- +RUN pip3 install mvt + +# Installing ABE +# -------------- +RUN mkdir /opt/abe +RUN wget https://github.com/nelenkov/android-backup-extractor/releases/download/20210709062403-4c55371/abe.jar -O /opt/abe/abe.jar +# Create alias for abe +RUN echo 'alias abe="java -jar /opt/abe/abe.jar"' >> ~/.bashrc + +# Setup investigations environment +# -------------------------------- +RUN mkdir /home/cases +WORKDIR /home/cases +RUN echo 'echo "Mobile Verification Toolkit @ Docker\n------------------------------------\n\nYou can find information about how to use this image for Android (https://github.com/mvt-project/mvt/tree/master/docs/android) and iOS (https://github.com/mvt-project/mvt/tree/master/docs/ios) in the official docs of the project.\n"' >> ~/.bashrc +RUN echo 'echo "Note that to perform the debug via USB you might need to give the Docker image access to the USB using \"docker run -it --privileged -v /dev/bus/usb:/dev/bus/usb mvt\" or, preferably, the \"--device=\" parameter.\n"' >> ~/.bashrc + +CMD /bin/bash diff --git a/README.md b/README.md index 2a802a0..d96cc3d 100644 --- a/README.md +++ b/README.md @@ -14,16 +14,17 @@ It has been developed and released by the [Amnesty International Security Lab](h [Please check out the documentation.](https://mvt.readthedocs.io/en/latest/) + ## Installation -First you need to install dependencies, on Linux `sudo apt install python3 python3-pip libusb-1.0-0` or on MacOS `brew install python3 libusb`. +MVT can be installed from sources or conveniently using: + +`pip3 install mvt`. + +You will need some dependencies, so please check the [documentation](https://mvt.readthedocs.io/en/latest/install.html). + +Alternatively, you can decide to run MVT and all relevant tools through a [Docker container](https://mvt.readthedocs.io/en/latest/docker.html) -Then you can install mvt from pypi with `pip3 install mvt`, or directly from sources: -```bash -git clone https://github.com/mvt-project/mvt.git -cd mvt -pip3 install . -``` ## Usage @@ -40,6 +41,7 @@ MVT provides two commands `mvt-ios` and `mvt-android` with the following subcomm Check out [the documentation to see how to use them](https://mvt.readthedocs.io/en/latest/). + ## License The purpose of MVT is to facilitate the ***consensual forensic analysis*** of devices of those who might be targets of sophisticated mobile spyware attacks, especially members of civil society and marginalized communities. We do not want MVT to enable privacy violations of non-consenting individuals. Therefore, the goal of this license is to prohibit the use of MVT (and any other software licensed the same) for the purpose of *adversarial forensics*. diff --git a/docs/docker.md b/docs/docker.md new file mode 100644 index 0000000..2596fa1 --- /dev/null +++ b/docs/docker.md @@ -0,0 +1,35 @@ +## Using Docker + +Using Docker simplifies having all the required dependencies and tools (including most recent versions of [libimobiledevice](https://libimobiledevice.org)) readily installed. + +Install Docker following the [official documentation](https://docs.docker.com/get-docker/). + +Once installed, you can clone MVT's repository and build its Docker image: + +```bash +git clone https://github.com/mvt-project/mvt.git +cd mvt +docker build -t mvt . +``` + +Test if the image was created successfully: + +```bash +docker run -it mvt +``` + +If a prompt is spawned successfully, you can close it with `exit`. + +If you wish to use MVT to test an Android device you will need to enable the container's access to the host's USB devices. You can do so by enabling the `--privileged` flag and mounting the USB bus device as a volume: + +```bash +docker run -it --privileged -v /dev/bus/usb:/dev/bus/usb mvt +``` + +**Please note:** the `--privileged` parameter is generally regarded as a security risk. If you want to learn more about this check out [this explainer on container escapes](https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/) as it gives access to the whole system. + +Recent versions of Docker provide a `--device` parameter allowing to specify a precise USB device without enabling `--privileged`: + +```bash +docker run -it --device=/dev/ mvt +``` diff --git a/mkdocs.yml b/mkdocs.yml index 448b1f6..1837158 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -28,6 +28,7 @@ nav: - Welcome: "index.md" - Introduction: "introduction.md" - Installation: "install.md" + - Using Docker: "docker.md" - MVT for iOS: - iOS Forensic Methodology: "ios/methodology.md" - Install libimobiledevice: "ios/install.md"