There are new versions of mdb_v8 and It'd be nice to have the new version (at this time of writing 1.3.0) included within autopsy.
I had to analyse the dump taken from node v6.0.0, and the mdb_v8 bundled with autopsy fails but the latest version of mdb_v8 from Github works without issues.
Currently I'm updating the version manually and loading it inside mdb after ssh'ing inside the vm.
If someone has the same requirement, here are some steps which might save 5 minutes of your google time.
Take Coredump from a running script (assuming script is called index.js)
Start autopsy so that the vm is active (or even just start the machine from the virtual box ui.)
scp the new mdb_v8_amd64.so file into the vm.
scp -P 2222 ./mdb_v8_amd64.so root@localhost:/mdb/
copy your coredump file and the node binary into the vm.
Use either scp or autopsy (autopsy node_binary coredump)
ssh into the machine (password is root) and load the mdb_v8 after opening the mdb shell with the node binary and coredump file.
::load /root/mdb/mdb_v8_amd64.so
There are new versions of
mdb_v8
and It'd be nice to have the new version (at this time of writing 1.3.0) included within autopsy.I had to analyse the dump taken from node v6.0.0, and the
mdb_v8
bundled with autopsy fails but the latest version ofmdb_v8
from Github works without issues.Currently I'm updating the version manually and loading it inside
mdb
after ssh'ing inside the vm.If someone has the same requirement, here are some steps which might save 5 minutes of your google time.
index.js
)mdb_v8
from official Github releasesvirtual box
ui.)mdb_v8_amd64.so
file into the vm.scp -P 2222 ./mdb_v8_amd64.so root@localhost:/mdb/
coredump
file and the node binary into the vm. Use eitherscp
orautopsy
(autopsy node_binary coredump
)root
) and load themdb_v8
after opening themdb
shell with the node binary and coredump file.::load /root/mdb/mdb_v8_amd64.so
You should be able to analyse the dump now.
Thank you for creating an easy to use tool. 👍