Wenzel
commented
1 month ago Hi Tommy,
thanks for posting an issue. I'm trying to get a repro here first, so i can get a better understanding of the situatin. I'll keep you posted
Open dommi22m opened 1 month ago
Wenzel
commented
1 month ago Hi Tommy,
thanks for posting an issue. I'm trying to get a repro here first, so i can get a better understanding of the situatin. I'll keep you posted
Hi!
I hope it's okay that I'm asking a question here.
I would like to perform several Volatility3 queries in succession for a certain state of a VM. To do this, I pause the VM in advance. If I now execute Volatility with the following command, for example, it simply stops.
vol --plugin-dirs /home/user/libmicrovmi/python/microvmi/volatility/ --single-location "vmi:///?vm_name=windows10&kvm_unix_socket=/tmp/introspector" windows.pslist.PsListIf I now unpause the VM, Volatility continues to run and also outputs the required information.So the plugin does not seem to work when the VM is paused. What I don't quite understand is that I have already rewritten the plugin once so that the VM is automatically paused and it works. (See here #246) Is there a technical background that I don't understand or does anyone have a tip for me on how I could solve the problem?
Underlying hypervisor: KVM
Thank you already! Tommy