doomedraven
commented
3 years ago well if that say no valid profile that is invalid profile, you probably didn't place it in correct location about procmemory you should see your logs to see what is wrong
Closed javiviera8 closed 3 years ago
doomedraven
commented
3 years ago well if that say no valid profile that is invalid profile, you probably didn't place it in correct location about procmemory you should see your logs to see what is wrong
javiviera8
commented
3 years ago well if that say no valid profile that is invalid profile, you probably didn't place it in correct location about procmemory you should see your logs to see what is wrong
thanks for reply me very fast!! About profile of volatility, as i said before in link of description, i placed under /usr/lib/python2.7/dist-packages/volatility/volatility/plugins/overlays/linux/ubuntu1804-5.4.0-65-generic.zip, is this correct?
About procmemory you can see on log i have uploaded, so i don't see any error..
Thanks a lot:)
doomedraven
commented
3 years ago about location idk, never had a need to place custom profile. about other one idk but you need to debug, i not using cuckoo for years
Hello friends, i've been a couple of days facing this issue on my cuckoo software. The problem is i can't change profile inside the memory configuration of volatility, i mean, y can change on it, but there is no valid results. [SEE ON CUCKOO.LOG] I need to change the profile to Ubuntu-18.04 (is guest), but it only shows options for windows. I've tried to create a new profile as here: http://neosysforensics.blogspot.com/2012/08/linux-volatility-y-sus-perfiles.html , when i run vol.py it recognize image of Ubuntu 18.04, but when i run analysis, shows me the error that those image does not exist!! HELP PLZ!! Is there a way to change de profile to Ubuntu with success? @doomedraven @RicoVZ
memory.conf [basic]
Profile to avoid wasting time identifying it
guest_profile = Linuxubuntu1804-5_4_0-65-genericx64
Another problem is procmemory of results analysis, is empty and does not work. Why? [procmemory] enabled = yes
And yes, i read all the documentation.
**My Cuckoo version and operating system are: Cuckoo Version: 2.0.7 My OS: Ubuntu 16.04.7 LTS (xenial) Guest: I have two:
**Here is the log of cuckoo: cuckoo.log
I hope you can help me to resolve it, thanks a lot :)