-
```
What steps will reproduce the problem?
1. svn update to latest trunk (latest malware.py, too)
2. run apihooks module
imageinfo:
Suggested Profile(s) : WinXPSP3x86, WinXPSP2x86 (Instanti…
-
```
I just let vadinfo run across all the processes and it blew up with this
backtrace:
Traceback (most recent call last):
File "vol.py", line 185, in
main()
File "vol.py", line 176, in mai…
-
```
I took a crack at fixing kpcrscan for x64. Here's a patch that solves some of
the potential issues, but it still doesn't work.
The patch is built on r1289 from trunk.
```
Original issue rep…
-
```
Reported by Sebastien Bourdon-Richard on Vol-dev:
I'm playing with a 5GB Windows 7 SP0 64bit memory dump and I have some
problems with processes mapped over 4GB.
Pslist only shows System proces…
-
```
Traceback (most recent call last):
File "vol.py", line 130, in
main()
File "vol.py", line 121, in main
command.execute()
File "/TESTING/Volatility-1.4_rc1/volatility/commands.p…
-
```
Hey guys,
I've been seeing this problem:
$ python volatility.py procexedump -f d0.vmem -p 1504 --dump-dir=out
Volatile Systems Volatility Framework 1.4_rc1
*************************************…
-
```
Reported by Sebastien Bourdon-Richard on Vol-dev:
I'm playing with a 5GB Windows 7 SP0 64bit memory dump and I have some
problems with processes mapped over 4GB.
Pslist only shows System proces…
-
```
What steps will reproduce the problem?
1.vol.py --plugins=/usr/local/src/volatility-2.0/volatility/plugins -f
memory_dump.raw --profile=WinXPSP3x86 malfind -D malfind/ > malfind.out
2.
3.
What i…
-
```
Hey guys,
This issue was reported to me today...wanted to get your opinion. Here's what I
know:
XP SP3
2GB memory image
Copy of the stack dump: http://pastie.org/private/yv4jobxnqopfqllogh0e…
-
```
It's a Windows 7 image where I forgot to put the profile:
$ python vol.py -f win7vss.vmem hivelist
Volatile Systems Volatility Framework 1.4_rc1
Virtual Physical Name
Traceback (most recen…