As we have discussed before if you are interested in the area of mobile forensics I suggest you download Santoku-Linux. Now this must be run in a Linux environment so in case you do not have access to that and are running your system on another platform have no fear. All you have to do is set up a Virtual Machine via VirtualBox which is absolutely free, download Santoku and then begin to examine the inner workings of a variety of mobile devices of your choosing.
Please read the easy guide provided below and you will be on your way
HOWTO install Santoku in a virtual machine
This HOWTO will guide you through the process of installing Santoku on a Virtual Machine.
Contents
What you will need
Download Santoku
Set up your virtual machine
Install Santoku
Install guest additions (Virtual Box)
Getting started with Santoku
Revision History
What you will need:
Santoku – Alpha 0.1 (or later)
Virtual Box or VMWare Player
A host machine with a minimum dual-core processor, 2GB RAM, and 40 GB free hard drive space or larger recommended
Download Santoku
Santoku is distributed as a .iso file. If you would like to install Santoku as the primary OS on your host machine, you will need to create a bootable DVD or USB using the .iso file.
The recommended method of running Santoku is by installing it as a virtual machine (VM) inside VirtualBox, which is an application that allows you to create and run VMs inside your native OS. VirtualBox supports all major operating systems, including Microsoft Windows, Apple OS X and Linux. We will demonstrate how to do this below.
To acquire Santoku, you must first download the .iso file at https://www.santoku-linux.com/download
Top
Set up your Virtual Machine
To run Santoku, you must install virtual machine software. For this section we will use the most recent version of VirtualBox, version 4.1.18. It can be downloaded at: http://www.virtualbox.org/wiki/Downloads
After downloading, install the virtual machine software on your forensic work station, then follow the next steps to start the virtual machine (VM):
Locate your VirtualBox installation. Select “New” to create a new VM.
Going through the wizard, create a name for your VM and select the Linux/Debian Operating System and Version.
Select an appropriate amount of memory for the VM. 512MB is standard, however increasing the memory size will typically make your VM run faster (but your host machine slower). If you’re going to use the Android Virtual Device Manager (AVD) and Android device Emulator frequently, we recommend selecting at least 4 GB of memory.
At the “Virtual Hard Disk” screen, make sure “Start-up Disk” is checked and then select “Create new hard disk”.
To create a new hard disk, select the “VDI (VirtualBox Disk Image)” option.
On the next screen, select “Dynamically allocated” and click ‘Next’.
Choose the Virtual disk location to store the virtual hard disk by clicking the folder icon underneath the ‘Location’ header, then click the “Save” button.
Adjust the ‘Size’ slider to allocate however much space you would like for your Santoku hard drive. Depending on your use, you may want to set this to a smaller or a larger value. The default in VirtualBox is 8 GB, we recommend increasing this to 40GB, as show below. When finished, click “Next”.
Complete the process by clicking “Create”. This will bring you back to the main VirtualBox menu.
To get your Santoku-Linux to run on the VirtualBox, you need to have it attached it to your newly created Virtual Machine. This is the same as putting in a CD or DVD to boot from the first time you are installing a new OS. To do this, select the Santoku-Linux VM that you just created and click the “Settings” button at the top of the screen. Select the “Storage” option on the left of the Settings screen, and then click the cd icon next to the “IDE Controller” as shown below.
A warning will pop up asking you to choose a virtual DVD. Select “Choose disk” and navigate to your recently downloaded Santoku .iso file (in this case, it’s in the home user’s /Downloads/Santoku file). Click “Open”, then “OK”.
Top
Install Santoku
You can now click “Start” on the main VirtualBox screen to load the VM. Select to either boot from the live DVD or install. If you have created this in a Virtual Machine, choose “install – start the installer directly”.
Choose your language, time zone, and clock settings, then select “Erase disk and install Santoku” on the ‘Installation type’ screen. WARNING: If you choose this option and you are not installing Santoku in a Virtual Machine (i.e., you are not using VirtualBox and instead are installing it directly to your hard drive) this will ERASE YOUR HARD DRIVE. You have been warned. From there, add your user name and password and click ‘Install’.
After the installation is complete, reboot when prompted, then login using the username and password you created during the install process.
Install guest additions (Virtual Box):
Once logged in, initiate the process to install VirtualBox Guest Additions by going to Devices -> Install Guest Additions. This is a one-time setup, and will allow for improved graphic performance, shared folders, and other features within the VM. You will see the Guest Additions icon appear on the Desktop. Right click it and select “Mount Volume”.
Next, open a Terminal window located under Applications > Accessories > Terminal (we have also created a shortcut to the Terminal window on the top status bar of the VM). Once open, navigate to the VBOSADDITIONS directory which was mounted in the previous step, and execute the install script by running the following commands (do NOT type the “$”. This is intended to signify the beginning of a command prompt. Also, in this case it is VBOXADDITIONS_4.1.8_75467. The numbers following VBOXADDITIONS may vary):
$ cd /media/VBOXADDITIONS_4.1.8_75467/
$ sudo sh VBoxLinuxAdditions.run
You may need to enter the administrator password, which you set up during install. Finally, the VM may need to be restarted for the changes to take effect.
Update your local package index with the latest changes made in repositories by typing the following: sudo apt-get update. After that completes, upgrade the packages by typing the following: sudo apt-get upgrade. These might ask if you want to continue (giving a Y/n option), type “Y” and hit enter.
Getting started with Santoku:
Now that your VM is up and running, you’ll want to connect a mobile device to it and start having some fun. To connect a mobile device to your VM, go to the VirtualBox menu, click Devices –> USB Devices –>
. Make sure the checkmark is checked next to your device and it will be passed through to your Santoku VM.
Now that you’re up and running, head over to the Santoku HOWTO’s section to read up on your favourite tools and learn about some new ones.
Also, head over to the Forums, check out the threads and, if you feel so inspired, say hi. There are alot of categories and a variety of interests in the Community, so check out what interests you and get active.
Enjoy. Thank you for being a part of the Santoku Community.