There are new versions of mdb_v8 and It'd be nice to have the new version (at this time of writing 1.3.0) included within autopsy.
I had to analyse the dump taken from node v6.0.0, and the mdb_v8 bundled with autopsy fails but the latest version of mdb_v8 from Github works without issues.
Currently I'm updating the version manually and loading it inside mdb after ssh'ing inside the vm.
If someone has the same requirement, here are some steps which might save 5 minutes of your google time.
Take Coredump from a running script (assuming script is called index.js)
Start autopsy so that the vm is active (or even just start the machine from the virtual box ui.)
scp the new mdb_v8_amd64.so file into the vm.
scp -P 2222 ./mdb_v8_amd64.so root@localhost:/mdb/
copy your coredump file and the node binary into the vm.
Use either scp or autopsy (autopsy node_binary coredump)
ssh into the machine (password is root) and load the mdb_v8 after opening the mdb shell with the node binary and coredump file.
::load /root/mdb/mdb_v8_amd64.so
There are new versions of
mdb_v8and It'd be nice to have the new version (at this time of writing 1.3.0) included within autopsy.I had to analyse the dump taken from node v6.0.0, and the
mdb_v8bundled with autopsy fails but the latest version ofmdb_v8from Github works without issues.Currently I'm updating the version manually and loading it inside
mdbafter ssh'ing inside the vm.If someone has the same requirement, here are some steps which might save 5 minutes of your google time.
index.js)mdb_v8from official Github releasesvirtual boxui.)mdb_v8_amd64.sofile into the vm.scp -P 2222 ./mdb_v8_amd64.so root@localhost:/mdb/coredumpfile and the node binary into the vm. Use eitherscporautopsy(autopsy node_binary coredump)root) and load themdb_v8after opening themdbshell with the node binary and coredump file.::load /root/mdb/mdb_v8_amd64.soYou should be able to analyse the dump now.
Thank you for creating an easy to use tool. 👍