Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
From: Michael Brown general.bison@gmail.com
Subject: [sleuthkit-users] Providing a password for protected archives in Autopsy 3
Date: February 28, 2014 3:02:41 PM EST
To: sleuthkit-users@lists.sourceforge.net
Hi all,
Whenever I run the archive extraction ingest module in Autopsy 3 I get
the following error when a protected archive is encountered:
"No password was provided for opening protected archive."
How exactly do I provide passwords for protected archives? In Encase
it's just a matter of right clicking on the file in table view, I
can't seem to find any way to provide Autopsy 3 with a password to use
for encrypted archive files.
Collecting all the password protected zip-files in an easy to find location could make handling of these easier, and the investigator is probably more likely to notice them. Referring to the picture at http://www.sleuthkit.org/autopsy/images/v3/overview.png, perhaps under Results -> Extracted content -> Password protected files?
Some encrypted archives show the original file names of all the compressed files in clear text, only encrypting the actual data contents of the files. The file names themselves can be of great interest to the investigator, so they ought to be shown if they are there.
From: Michael Brown general.bison@gmail.com Subject: [sleuthkit-users] Providing a password for protected archives in Autopsy 3 Date: February 28, 2014 3:02:41 PM EST To: sleuthkit-users@lists.sourceforge.net
Hi all,
Whenever I run the archive extraction ingest module in Autopsy 3 I get the following error when a protected archive is encountered:
"No password was provided for opening protected archive."
How exactly do I provide passwords for protected archives? In Encase it's just a matter of right clicking on the file in table view, I can't seem to find any way to provide Autopsy 3 with a password to use for encrypted archive files.
Anyone have any advice?