Closed GoogleCodeExporter closed 8 years ago
This issue was closed by revision r458.
Original comment by mike.auty@gmail.com
on 25 Sep 2010 at 8:05
I have a few issues with Volatility. I get this error message. What can i do?
root@bt:/pentest/forensics/volatility# ./vol.py pslist -l /root/memdump.img
Volatile Systems Volatility Framework 2.0
No suitable address space mapping found
Tried to open image as:
WindowsHiberFileSpace32: No base Address Space
EWFAddressSpace: Location is not of file scheme
WindowsCrashDumpSpace32: No base Address Space
JKIA32PagedMemory: No base Address Space
IA32PagedMemoryPae: Module disabled
JKIA32PagedMemoryPae: No base Address Space
IA32PagedMemory: Module disabled
FirewireAddressSpace: Not a firewire URN
FileAddressSpace: Location is not of file scheme
Original comment by pious...@gmail.com
on 9 Feb 2012 at 6:28
Hiya, you're using the -l command line option, which stands for location and
accepts a standard URN. As you can see, the FileAddressSpace cannot load it
because "Location is not of file scheme". You should be using the -f command
line parameter, or providing a valid file:// URN...
For questions like that, it's probably best to ask on the volatility IRC
channel, or the mailing list. If you're then told you should be filing an
issue, please file a new one, since comments on old bugs aren't always seen...
Original comment by mike.auty@gmail.com
on 9 Feb 2012 at 7:57
Original issue reported on code.google.com by
atc...@gmail.com
on 25 Sep 2010 at 7:25