invalid profile names in kdbgscan output

ksanchezcld / volatility

Automatically exported from code.google.com/p/volatility

GNU General Public License v2.0

1 stars 0 forks source link

invalid profile names in kdbgscan output #185

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

We have two invalid profile names in kdbgscan:

http://code.google.com/p/volatility/source/browse/trunk/volatility/plugins/kdbgs
can.py#100
http://code.google.com/p/volatility/source/browse/trunk/volatility/plugins/kdbgs
can.py#101

I'm guessing Win2003SP0x64 should be Win2K3SP0x64, but we don't have a 
Win2K3SP0x64 profile either, its Win2K3SP1x64. So is that KDBG signature for 
Win2K3SP1x64?

Original issue reported on code.google.com by michael.hale@gmail.com on 22 Jan 2012 at 7:50

GoogleCodeExporter commented 9 years ago

This issue was closed by revision r1294.

Original comment by mike.auty@gmail.com on 22 Jan 2012 at 9:54

Changed state: Fixed

GoogleCodeExporter commented 9 years ago

Yep, I think this was done intentionally to so that we'd think it was unusual 
when there were duplicates.  It all went according to plan!  5:)  They were 
hard-coded additional suggestions, which we no longer need now that we have 
actual profiles for them all!

Original comment by mike.auty@gmail.com on 22 Jan 2012 at 9:56