search

Leor3961 / volatility

Automatically exported from code.google.com/p/volatility
0 stars 0 forks source link

dlldump for 1.4 #41

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
Hey guys, 

Since it was only a few lines modification from moddump, here is a dlldump 
plugin for 1.4. You can:

* dump all DLLs from all processes (by calling without any args)
* dump all DLLs from a specific process (by using -p PID)
* dump a specific DLL from all processes (by using -r DLLNAME)
* dump a specific DLL from a specific process (by using -r DLLNAME -p PID)

Tested on XP and Win7 only. If you decide to include it, It doesn't matter to 
me where it goes (contrib vs plugins) -- as long as the functionality is 
available somewhere. 

Thanks.

Original issue reported on code.google.com by michael.hale@gmail.com on 18 Oct 2010 at 1:36

Attachments:

GoogleCodeExporter commented 8 years ago 
This issue was closed by revision r513.

Original comment by mike.auty@gmail.com on 18 Oct 2010 at 10:24

GoogleCodeExporter commented 8 years ago 
Thanks, this has been committed with similar tweaks as mentioned in issue 42.  
Keep up the great work!  5:)

Original comment by mike.auty@gmail.com on 18 Oct 2010 at 10:25