Closed RASHA909 closed 3 years ago
gnittala
commented
3 years ago Can you please provide some more details about this curl download. Are you downloading the CLI and installing it as sudo sift install or are you trying to download the .ova.
RASHA909
commented
3 years ago Sure Sir.. -> i downloaded .ova -- no issues -> logged into root -- no issues -> now i want to download sift..so, for that .. i want to download the sift package from root -> however, when i used curl commend given on ur github page.. https://github.com/teamdfir/sift-cli/releases/tag/v1.9.2 -> the command given there is.. curl -Lo /usr/local/bin/sift https://github.com/sans-dfir/sift-cli/releases/download/v1.9.2/sift-cli-linux chmod +x /usr/local/bin/sift -> when i executed it said facing curl(23) issue
ekristen
commented
3 years ago Sounds permissions related
CURL Exit Code 23 is the following.
Write error. Curl could not write data to a local filesystem or similar. curl receives data chunk by chunk from the network and it stores it like at (or writes it to stdout), one piece at a time. If that write action gets an error, this is the exit status.
digitalsleuth
commented
3 years ago @RASHA909 Were you able to resolve this? Based on your previous post, it looks like you didn't use the sudo command before your curl -Lo /usr/local/bin/sift command. If this is resolved, please get back to us and let us know.
RASHA909
commented
3 years ago No Sir ..do u have VMDK image with sift installed.. i mean.. a reputed company like u..has not completed the work.. pls send link of vmdk image with sift installed.. Regards
On Tue, Feb 2, 2021 at 9:37 AM Digital Sleuth notifications@github.com wrote:
@RASHA909 https://github.com/RASHA909 Were you able to resolve this? Based on your previous post, it looks like you didn't use the sudo command before your curl -Lo /usr/local/bin/sift command. If this is resolved, please get back to us and let us know.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/teamdfir/sift/issues/505#issuecomment-771341614, or unsubscribe https://github.com/notifications/unsubscribe-auth/APXRSEGTE3NPATFLG2SGEKDS45267ANCNFSM4WB3EY5A .
digitalsleuth
commented
3 years ago Hi @RASHA909 , I can understand that you're likely frustrated with not being able to get your SIFT workstation set up. There are two ways to go about this:
1) sudo curl -Lo /usr/local/bin/sift https://github.com/sans-dfir/sift-cli/releases/download/v1.9.2/sift-cli-linux
sudo chmod +x /usr/local/bin/sift
sudo sift install --mode=desktop or sudo sift install --mode=server (depending on if you want a SIFT-configured desktop environment, or if you just want the tools installed without the configuration)
or
2) You can go to the SANS SIFT Download page and download the OVA from there
The steps from method 1) will give you the most up-to-date configuration of your system, however method 2) is the most point-and-click method to get you started with a VM, but it will need to be updated.
Cheers
RASHA909
commented
3 years ago No Sir, Am not frustrated.. Infact learned 3 to 4 methods how it will not work..
Yes.. downloaded ova only..but ur ova is without sift..and one needs to use curl to download it.. i used browser also..but couldnt..
See if u can help..and share link of ur ...ova with sift already installed...
Thanks..i started learning.. but the impression..that SANS tools work.. is getting weaker
Nothing else Regards
On Tue, Feb 2, 2021 at 8:49 PM Digital Sleuth notifications@github.com wrote:
Hi @RASHA909 https://github.com/RASHA909 , I can understand that you're likely frustrated with not being able to get your SIFT workstation set up. There are two ways to go about this:
- sudo curl -Lo /usr/local/bin/sift https://github.com/sans-dfir/sift-cli/releases/download/v1.9.2/sift-cli-linux sudo chmod +x /usr/local/bin/sift sudo sift install --mode=desktop or sudo sift install --mode=server (depending on if you want a SIFT-configured desktop environment, or if you just want the tools installed without the configuration)
or
- You can go to the SANS SIFT Download page https://digital-forensics.sans.org/community/downloads and download the OVA from there
The steps from method 1) will give you the most up-to-date configuration of your system, however method 2) is the most point-and-click method to get you started with a VM, but it will need to be updated.
Cheers
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/teamdfir/sift/issues/505#issuecomment-771709061, or unsubscribe https://github.com/notifications/unsubscribe-auth/APXRSECYFO6ID4XM3DYGYXLS5AJZBANCNFSM4WB3EY5A .
digitalsleuth
commented
3 years ago @RASHA909 The issue you're having is in downloading something from GitHub using curl, and downloading it to a protected directory /usr/local/bin; in this case it happens to be the installer for SIFT you're unable to download. This is not an issue with the SIFT Toolkit or the installer; it is an issue of user account privileges to run the required command.
In an attempt to assist, please copy and paste this command in your terminal to run and post back here with the output of that command:
sudo curl -Lo /usr/local/bin/sift https://github.com/sans-dfir/sift-cli/releases/download/v1.9.2/sift-cli-linux
Then run:
sudo chmod +x /usr/local/bin/sift
Then:
sudo sift install
ekristen
commented
3 years ago The OVA above has SIFT pre-installed on it. I'm going to close this.
RASHA909
commented
3 years ago Thanks, Erik Pleasure
On Thu, Feb 11, 2021 at 2:57 AM Erik Kristensen notifications@github.com wrote:
Closed #505 https://github.com/teamdfir/sift/issues/505.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/teamdfir/sift/issues/505#event-4317061394, or unsubscribe https://github.com/notifications/unsubscribe-auth/APXRSEFPU6PNUHRVUACZJ2LS6L225ANCNFSM4WB3EY5A .
facing curl(23) failed writing body error..checked that input stream is not closed by any other perocess.. but no luck,,any hints pls ..downloaded ova file from dfir and running in Vmware