FRED README FILE                                                      REVISION 1

Table of contents
  0.0 Author and license stuff
  1.0 What is fred? - A short description
  2.0 Installation instructions
    2.1 Prerequisits
      2.1.1 Linux
      2.1.2 Mac OSX
      2.1.3 Windows
    2.2 Installing a prebuild binary package
    2.3 Installing from source
      2.3.1 Shared vs static libhivex
      2.3.2 Linux
        2.3.2.1 Prerequisites
        2.3.2.2 Compiling
        2.3.2.3 Packaging
      2.3.3 Mac OSX
        2.3.3.1 Prerequisites
        2.3.3.2 Compiling
        2.3.3.3 Packaging
      2.3.4 Windows
      2.3.5 Crosscompiling for Windows
        2.3.5.1 Prerequisites
          2.3.5.1.1 Compiler
          2.3.5.1.2 Qt
        2.3.5.2 Compiling
        2.3.5.3 Packaging

0.0 Author and license stuff
  fred Copyright (c) 2011-2020 by Gillen Daniel <gillen.dan@pinguin.lu>

  This program is free software: you can redistribute it and/or modify it under
  the terms of the GNU General Public License as published by the Free Software
  Foundation, either version 3 of the License, or (at your option) any later
  version.

  This program is distributed in the hope that it will be useful, but WITHOUT
  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

  You should have received a copy of the GNU General Public License along with
  this program. If not, see <http://www.gnu.org/licenses/>.

1.0 What is fred? - A short description
  Forensic Registry EDitor (fred) is a cross-platform M$ registry hive editor.
  This project was born out of the need for a reasonably good registry hive
  viewer for Linux to conduct forensic analysis. Therefore it includes some
  functions not found in normal "free" registry editors like a hex viewer with
  data interpreter and a reporting function that can easily be extended with
  custom ECMAScript report templates.

2.0 Installation instructions
  2.1 Prerequisits
    If you are not going to use my prebuild packages, in addition to the
    prerequisits below you probably will also need Richard W.M. Jones's libhivex
    available from https://github.com/libguestfs/hivex.

    2.1.1 Linux
      Any Linux with Qt v4.x libraries.

    2.1.2 Mac OSX
      OSX v10.5 or above with Qt v4.x libraries.

    2.1.3 Windows
      Windows XP or newer with Qt v4.x libraries.

  2.2 Installing a prebuild binary package
    Chances are I provide prebuild binary packages for your OS (generally
    Debian/Ubuntu, Mac OSX and Windows). If so, you can simply download them
    from https://www.pinguin.lu.

    ForDebian/Ubuntu, add my repository and execute the following command:

    $ sudo apt-get install fred fred-reports

    For Mac OSX and Windows, execute the installer and follow the on-screen
    instructions.

    If I have no prebuild binary packages for your OS, you will have to compile
    fred by yourself. In this case, read the instructions under "Installing from
    source".

  2.3 Installing from source
    Start by getting the source code from https://www.pinguin.lu and unpacking
    it to some temporary directory. Under Linux and Mac OSX, use:

    $ cd /some/temp/dir/
    $ tar xfvz fred-x.x.x.tar.gz

    Under Windows, use 7zip or alike to decompress the tar.gz file.

    2.3.1 Shared vs static libhivex
      When compiling fred from source, you have two possibilities how to include
      libhivex. When using Linux, chances are your distribution has a package
      for it available. In this case, you may install the binary and developper
      version of it and go ahead to build fred. If your distribution has no
      libhivex package available (Mac OSX and Windows definitely haven't), or
      you want to use the latest version of it available that might fix some
      bugs, make sure you use the "--static-hivex" command line option when
      running my bootstrap.sh script. This will checkout, compile and statically
      link the latest libhivex compatible with fred while building.

    2.3.2 Linux
      2.3.2.1 Prerequisites
        TODO

      2.3.2.2 Compiling
        Compiling under Linux for Linux should be very simple. Just execute the
        following commands:

        $ cd /path/to/fred/source/
        $ ./autogen.sh --platform=linux

        Or, if you want to use the static libhivex:

        $ cd /path/to/fred/source/
        $ ./autogen.sh --static-hivex --platform=linux

      2.3.2.3 Packaging
        TODO

    2.3.3 Mac OSX
      2.3.3.1 Prerequisites
        In order to compile fred under Mac OSX, you need to install the
        following software:

        - XCode from Apple
        - Git from http://code.google.com/p/git-osx-installer/
        - MacPorts from http://www.macports.org
        - Qt 4.8.x library from http://qt-project.org

        Aditionally, after installing MacPorts, install the following packages:

        $ sudo port install ocaml libxml2 pkgconfig autoconf gettext

      2.3.3.2 Compiling
        Compilation should be straight forward executing the following command:

        $ cd /path/to/fred/source/
        $ ./autogen.sh --static-hivex --platform=mac

      2.3.3.3 Packaging
        TODO

    2.3.4 Windows
      Until beta5, fred for Windows was build under Windows. But it was a pain
      in the bud to do so. Therefore I switched to crosscompiling under Linux
      which works very well. If you want to build fred under Windows, good luck
      and please, don't contact me if you have any problems! My only answer will
      be:

      Crosscompile under Linux!

    2.3.5 Crosscompiling for Windows
      2.3.5.1 Prerequisites
        The following instructions are for Debian / Ubuntu like distros. If you
        are using another distro, you will need to get the compiler and Qt on
        your own.

        2.3.5.1.1 Compiler
          You need the mingw-w64 gcc and g++ compiler. When using Debian/Ubuntu
          install the following packages:

          $ sudo apt-get install mingw-w64 mingw-w64-tools g++-mingw-w64 \
            gcc-mingw-w64 mingw-ocaml autopoint

        2.3.5.1.2 Qt
          After you have a compiler, you will need to crosscompile Qt as it is
          currently not available as package. Start by getting the source:

          $ cd /some/temp/dir/
          $ QTU="http://download.qt-project.org/archive/qt/4.8/4.8.4"
          $ QTP="qt-everywhere-opensource-src-4.8.4"
          $ wget $QTU/$QTP.tar.gz
          $ tar xfvz $QTP.tar.gz
          $ cd $QTP

          Unfortunately, Qt won't build until you apply three small patches:

          $ SRC="/path/to/fred/source/qt_patches"
          $ patch -p1 <"$SRC/mingw32-qt-4.8.0-no-webkit-tests.patch"
          $ patch -p1 <"$SRC/qt-4.8.4-fix-sse-suppport-build-regression.patch"
          $ patch -p1 <"$SRC/qt-4.8.0-fix-include-windows-h.patch"

          Now configure, compile and install Qt (I compiled it on my dual Xeon
          machine with 40 cores (using make -j40) in 09:27 minutes. It might
          take a bit longer on your machine :-p):

          $ sudo ./configure -prefix /opt/qt-4.8.4-mingw -opensource \
                             -no-qt3support -no-multimedia -no-audio-backend \
                             -no-phonon -no-phonon-backend -no-javascript-jit \
                             -nomake examples -nomake demos -nomake docs \
                             -xplatform win32-g++-4.6 \
                             -device-option CROSS_COMPILE=i686-w64-mingw32-
          $ sudo make
          $ sudo make install

          If you are asking you why the heck I used sudo to run configure, well,
          Qt likes to copy some files to the prefix dir in that step which will
          fail if you aren't root.

      2.3.5.3 LIBXML2
        $ wget ftp://xmlsoft.org/libxml2/libxml2-2.9.1.tar.gz
        $ tar xfvz libxml2-2.9.1.tar.gz
        $ cd libxml2-2.9.1/
        $ ./configure --prefix /opt/libxml2-2.9.1-mingw --host i686-w64-mingw32 --without-python
        $ make
        $ sudo make install

        TODO

      2.3.5.3 Compiling
        If all the above worked, you are ready to crosscompile fred:

        $ cd /path/to/fred/source/
        $ cd hivex/gnulib; patch -p1 <../../hivex_patches/gnulib.patch; cd -
        $ ./autogen.sh --static-hivex --platform=win32

        The build process of hivex will probably complain and might even fail
        with an error but normally the lib gets build before that without errors,
        so just ignore it.
  
      2.3.5.4 Packaging
        TODO

