vhd(x) examination - Githubissues

EricZimmerman / KapeFiles

This repository serves as a place for community created Targets and Modules for use with KAPE.

MIT License

640 stars 192 forks source link

Closed Banaanhangwagen closed 5 years ago

Banaanhangwagen commented 5 years ago

My forensic tools (X-Ways but also FTK) have problems parsing the created vhd(x) container (when clicking on the Partition)

Can you reproduce this? Is it kape-related or x-ways related?

Double-clicking on vhd(x) in Windows gives no issues.

EricZimmerman commented 5 years ago

use the 32 bit version of x-ways. 64 bit seemed to have had an issue. this was for vhdx files. havent tried the others.

its not a kape issue if windows mounts it =)

closing, but please let me know if 32 bit works for you

Banaanhangwagen commented 5 years ago

32bit XWF has no problem opening it hmmm

EricZimmerman commented 5 years ago

i would report the x64 bit issue to xways

Banaanhangwagen commented 5 years ago

Done!

Banaanhangwagen commented 5 years ago

Issue got fixed with v19.8 SR-5, released couple days ago.

EricZimmerman commented 5 years ago

Awesome! I emailed them a few times about it.