Skip to content

Instantly share code, notes, and snippets.

@pr3l14t0r

pr3l14t0r/Dockerfile

Last active October 15, 2021 22:10
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save pr3l14t0r/b5f51b6169be1b7903e9c037878facad to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save pr3l14t0r/b5f51b6169be1b7903e9c037878facad to your computer and use it in GitHub Desktop.
Download ZIP
Idifference2.py Dockerfile
Raw
readme.md

Dockerfile for idifference2.py script

This Dockerfile will enable you to use the idifference2.py script from the DFXML project OS-independently by executing it in/via Docker.

Build image locally

  • Copy the Dockerfile
  • Build the image: docker build -t idifference2:latest .

Use my pushed image:

  • pull: docker pull pr3l14t0r/forensics:idifference2

  • use directly: docker run --rm -v /path/to/images:/images pr3l14t0r/forensics:idifference2

General usage

The entrypoint will invoke the script directly and accepts parameters. Mount the directory where your Images are located to the container.

Print help: docker run --rm -v C:\path\to\images:/images idifference2

Invoke comparison: docker run --rm -v /path/to/images:/images pr3l14t0r/forensics:idifference2 -x output.xml Image01.raw Image02.raw

And that's already it :)

Raw
Dockerfile
FROM python:3
RUN apt update \
&& apt install -y sleuthkit \
&& mkdir /images \
&& mkdir /DFXML \
&& cd /DFXML \
&& git clone https://github.com/dfxml-working-group/dfxml_python.git \
&& cd /DFXML/dfxml_python \
&& pip3 install .
WORKDIR /images
ENTRYPOINT [ "python3","/DFXML/dfxml_python/dfxml/bin/idifference2.py" ]
CMD [ "-h" ]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment