search

teamdfir / sift

SIFT
MIT License
483 stars 67 forks source link

SIFT Installer doesn't seem to support i386 #300

Closed Resistor52 closed 6 years ago

Resistor52 commented 6 years ago

Installed ubuntu-16.04.5-desktop-i386 (http://releases.ubuntu.com/xenial/ubuntu-16.04.5-desktop-i386.iso) on VMWare Workstation. Ran the following commands:

# apt update && apt upgrade
# apt install curl
# curl -Lo /usr/local/bin/sift https://github.com/sans-dfir/sift-cli/releases/download/v1.7.1/sift-cli-linux
# chmod +x /usr/local/bin/sift
# sift install
bash: /usr/local/bin/sift: cannot execute binary file: Exec format error

Googled the error message: https://askubuntu.com/questions/648555/bash-program-cannot-execute-binary-file-exec-format-error TLDR: "You're trying to run an executable compiled for an ARM architecture on an x86-64 architecture, which is much like asking your processor who only speaks English to take directions in Chinese."

Recomendation: On the installer page (https://digital-forensics.sans.org/community/downloads) advise that users should use the AMD Iso or have the sift install script detect the cpu architecture and either raise a graceful error message or better yet, refactor it to support both AMD and i386 architectures.

ekristen commented 6 years ago

32 bit is not supported.

/close

Sent from my iPhone

On Aug 19, 2018, at 18:42, Kenneth G. Hartman notifications@github.com wrote:

Installed ubuntu-16.04.5-desktop-i386 (http://releases.ubuntu.com/xenial/ubuntu-16.04.5-desktop-i386.iso) on VMWare Workstation. Ran the following commands:

apt update && apt upgrade

apt install curl

curl -Lo /usr/local/bin/sift https://github.com/sans-dfir/sift-cli/releases/download/v1.7.1/sift-cli-linux

chmod +x /usr/local/bin/sift

sift install

bash: /usr/local/bin/sift: cannot execute binary file: Exec format error Googled the error message: https://askubuntu.com/questions/648555/bash-program-cannot-execute-binary-file-exec-format-error TLDR: "You're trying to run an executable compiled for an ARM architecture on an x86-64 architecture, which is much like asking your processor who only speaks English to take directions in Chinese."

Recomendation: On the installer page (https://digital-forensics.sans.org/community/downloads) advise that users should use the AMD Iso or have the sift install script detect the cpu architecture and either raise a graceful error message or better yet, refactor it to support both AMD and i386 architectures.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.