Open in app

Sign in

Write

Sign in

Rust and Cross Platform Functionality

Matthew Seyer
3 min readDec 20, 2016

--

Today we continue my journey into learning Rust. Yesterday I showed you my project I am working on. Check the post out here. These are my thoughts so far from compiling and running a Rust application; It’s easy. Cargo, Rust’s package manager, takes care of pretty much everything for me so far. One of the things that has drawn me to this language is all the talk about how it is cross platform out of the box. I want to know how true this is.

Yesterday I showed how to compile and run my RustyUsn project, and, we did it in Windows (Windows 10 to be exact). Today I want to see if it is just as easy to do on a Ubuntu distro. I have not tried using Rust on linux yet, so let’s experience this together.

I’m using a fresh install of Ubuntu Desktop 16.04.1 LTS for this test. Rust can easily be installed with a:

curl https://sh.rustup.rs -sSf | sh

Success. So far so easy. Now to download the RustyUSN repo and install:

testsey@testsey-vb:~/Tools/RustyUsn-master$ cargo build --release
 Downloading chrono v0.2.25
 Downloading clap v2.16.3
 Downloading byteorder v0.5.3
 Downloading serde v0.8.17
 Downloading num v0.1.36
 Downloading time v0.1.35
 Downloading rustc-serialize v0.3.21
 Downloading num-iter v0.1.32
 Downloading num-traits v0.1.36
 Downloading num-integer v0.1.32
 Downloading winapi v0.2.8
 Downloading kernel32-sys v0.2.2
 Downloading libc v0.2.17
 Downloading winapi-build v0.1.1
 Downloading bitflags v0.7.0
 Downloading term_size v0.2.1
 Downloading vec_map v0.6.0
 Downloading strsim v0.5.1
 Downloading unicode-width v0.1.3
 Downloading ansi_term v0.9.0
 Downloading unicode-segmentation v0.1.2
   Compiling winapi-build v0.1.1
   Compiling strsim v0.5.1
   Compiling num-traits v0.1.36
   Compiling libc v0.2.17
   Compiling byteorder v0.5.3
   Compiling term_size v0.2.1
   Compiling vec_map v0.6.0
   Compiling unicode-segmentation v0.1.2
   Compiling kernel32-sys v0.2.2
   Compiling ansi_term v0.9.0
   Compiling winapi v0.2.8
   Compiling unicode-width v0.1.3
   Compiling serde v0.8.17
   Compiling bitflags v0.7.0
   Compiling rustc-serialize v0.3.21
   Compiling time v0.1.35
   Compiling clap v2.16.3
   Compiling num-integer v0.1.32
   Compiling num-iter v0.1.32
   Compiling num v0.1.36
   Compiling chrono v0.2.25
   Compiling usntest v0.1.0 (file:///home/testsey/Tools/RustyUsn-master)
    Finished release [optimized] target(s) in 28.78 secs

It seems to have compiled perfectly. I feel like some Python libraries aren’t even that easy to install cross platform… But, lets see if it works.

testsey@testsey-vb:~/Tools/RustyUsn-master/target/release$ ./usntest -h
MyUsnApp 1.0
Matthew Seyer <matthew.seyer@gmail.com>
Parse USN recordsUSAGE:
    usntest --journal <FILE>FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version informationOPTIONS:
    -j, --journal <FILE>    The USN journal file to parse

Running with the -h is good. Lets give it a journal. Here is the output:

Journal to parse: /home/testsey/TestFiles/$UsnJrnl.$J
function: get_next_record() at offset: 0
USN structure 1: UsnRecordV2 {
    record_length: 96,
    major_version: 2,
    minor_version: 0,
    file_reference_number: 10477624533077459059,
    parent_file_reference_number: 1970324837116475,
    usn: 20342374400,
    timestamp: 2013-10-19T12:16:53.276040,
    reason: 2,
    source_info: 0,
    security_id: 0,
    file_attributes: 8224,
    file_name_length: 32,
    file_name_offset: 60,
    file_name: "BTDevManager.log"
}
...
function: get_next_record() at offset: 37686992
USN structure 367260: UsnRecordV2 {
    record_length: 200,
    major_version: 2,
    minor_version: 0,
    file_reference_number: 2814749767128558,
    parent_file_reference_number: 281474976989994,
    usn: 20380061392,
    timestamp: 2013-10-23T11:34:39.839588,
    reason: 2147484160,
    source_info: 0,
    security_id: 0,
    file_attributes: 8228,
    file_name_length: 138,
    file_name_offset: 60,
    file_name: "1a60b305567c1cf7f77dad5be80a8169_5b6de537-8036-4906-9cf1-ecfc4eabd13c"
}

Wow… it ran just as well as it did in Windows. I don’t think I have ever had to put zero effort into code so that it could compile cross platform.

Lets time it:

testsey@testsey-vb:~/Tools/RustyUsn-master/target/release$ time ./usntest -j ~/TestFiles/\$UsnJrnl.\$J > ~/Desktop/output.txtreal 0m10.914s
user 0m3.152s
sys 0m7.236s

Umm… all I can say is bad ass. I love it.

We haven’t covered a whole lot today, just testing to see if I can compile and run with the same amount of ease as the OS I coded it on. AND IT DOES. So we know that now.

So far we haven’t dived into code. That is about to change. I just wanted you to see how easy it is to compile and use a Rust tool I guess.

Last thought: This project uses other people’s libraries [byteorder,chrono, and clap]. We just compiled and ran a DFIR tool that required no manual linkage or installing of dependencies, its cross platform… AND ITS FAST! Win.

Rust
Programming
Dfir

--

--

Matthew Seyer

Written by Matthew Seyer

133 Followers

Digital Forensics — Where every bit counts

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams