Closed Arvandor closed 9 years ago
There seems to be conflicting options (in this case -W
, inherited from the HiveList
plugins) with some other plugin in your plugin folder. What happens if you run the plugin from its own directory?
Aha, that seemed to work. I'll have to keep that in mind with third party plugins, that I can't just dump them all in the same folder.
It does throw this error, though WARNING : volatility.obj : NoneObject as string: Value data is unreadable but it still seems to work
On Tue, Mar 17, 2015 at 9:06 AM, Thomas Chopitea notifications@github.com wrote:
There seems to be conflicting options (in this case -W, inherited from the HiveList plugins) with some other plugin in your plugin folder. What happens if you run the plugin from its own directory?
— Reply to this email directly or view it on GitHub https://github.com/tomchop/volatility-autoruns/issues/4#issuecomment-82397210 .
I think that's a common problem when trying to read keys that don't exist. I'll have to try/catch my way around it.
On Tue, Mar 17, 2015 at 6:43 PM, Arvandor notifications@github.com wrote:
Aha, that seemed to work. I'll have to keep that in mind with third party plugins, that I can't just dump them all in the same folder.
It does throw this error, though WARNING : volatility.obj : NoneObject as string: Value data is unreadable but it still seems to work
On Tue, Mar 17, 2015 at 9:06 AM, Thomas Chopitea <notifications@github.com
wrote:
There seems to be conflicting options (in this case -W, inherited from the HiveList plugins) with some other plugin in your plugin folder. What happens if you run the plugin from its own directory?
— Reply to this email directly or view it on GitHub < https://github.com/tomchop/volatility-autoruns/issues/4#issuecomment-82397210
.
— Reply to this email directly or view it on GitHub https://github.com/tomchop/volatility-autoruns/issues/4#issuecomment-82494693 .
Thomas Chopitea
Yes indeed!
Thank you for the prompt help! I've been meaning to write some kind of script to take care of this very thing... it somehow hadn't even occurred to me to make it a plugin, duh. Always happy not to reinvent the wheel though, glad I found this!
On Tue, Mar 17, 2015 at 11:49 AM, Thomas Chopitea notifications@github.com wrote:
I think that's a common problem when trying to read keys that don't exist. I'll have to try/catch my way around it.
On Tue, Mar 17, 2015 at 6:43 PM, Arvandor notifications@github.com wrote:
Aha, that seemed to work. I'll have to keep that in mind with third party plugins, that I can't just dump them all in the same folder.
It does throw this error, though WARNING : volatility.obj : NoneObject as string: Value data is unreadable but it still seems to work
On Tue, Mar 17, 2015 at 9:06 AM, Thomas Chopitea < notifications@github.com
wrote:
There seems to be conflicting options (in this case -W, inherited from the HiveList plugins) with some other plugin in your plugin folder. What happens if you run the plugin from its own directory?
— Reply to this email directly or view it on GitHub <
https://github.com/tomchop/volatility-autoruns/issues/4#issuecomment-82397210
.
— Reply to this email directly or view it on GitHub < https://github.com/tomchop/volatility-autoruns/issues/4#issuecomment-82494693
.
Thomas Chopitea
— Reply to this email directly or view it on GitHub https://github.com/tomchop/volatility-autoruns/issues/4#issuecomment-82496113 .
Glad it helped you!
I put autoruns in the contrib/plugins directory (where I have other working plugins, such as mimikatz,) but when I try to run autoruns, I get the following output
Volatility Foundation Volatility Framework 2.4 Traceback (most recent call last): File "/usr/share/volatility/vol.py", line 192, in
main()
File "/usr/share/volatility/vol.py", line 174, in main
command = cmdsmodule
File "/usr/share/volatility/contrib/plugins/autoruns.py", line 133, in init
hivelist.HiveList.init(self, config, _args, *_kwargs)
File "/usr/lib/python2.7/dist-packages/volatility/plugins/common.py", line 50, in init
help = "Skip unallocated objects (e.g. 0xbad0b0b0)")
File "/usr/lib/python2.7/dist-packages/volatility/conf.py", line 363, in add_option
self.optparser.add_option("-{0}".format(short_option), "--{0}".format(option), **args)
File "/usr/lib/python2.7/optparse.py", line 1020, in add_option
self._check_conflict(option)
File "/usr/lib/python2.7/optparse.py", line 995, in _check_conflict
option)
optparse.OptionConflictError: option -W/--show-unallocated: conflicting option string(s): -W