Open ilaypilo opened 5 months ago
NoahTroy
commented
5 months ago I would be more than happy to tackle this. I'm currently looking for a project, and think this could make a good first contribution.
If any volatility devs are reading this, would this be a useful plugin to port to volatility3? Are there any warnings or recommendations you might have before I dive too deep into the documentation and start working on this? Thanks!
ikelos
commented
5 months ago We're keen to get as much volatility 2 functionality ported across to volatility 3 as possible, so from that perspective it would be useful. I'm not sure how popular or well-used a plugin it was in volatility 2.
Volatility 3 now has an interface to allow plugins to output files, you don't need to worry about the output directory or anything like that, you just construct a file-like object and tell it as preferred filename that would be useful to use. The rest of it looks pretty straightforward, hopefully we have most of the linux specific utilities in the LinuxUtilities class and you should depend on that with a requirement if you're going to use it (that just helps make sure everything hangs together properly as things get update).
Otherwise I think that's about it, submit a PR and feel free to ask us questions (ideally on slack) and we'll be happy to help get it into shape so it can be merged! 5:)
NoahTroy
commented
4 months ago @ikelos Great, thank you so much for the kind and helpful response! I'll start working on this today, and will be sure to reach out on Slack with any questions! :)
ilaypilo
commented
1 month ago Any progress?
ikelos
commented
1 month ago Not yet, but we are having a push to get that bulk of the functionality from volatility 2 transferred over to volatility 3, so hopefully you'll see something in place before October...
Reference from the old volatility project https://github.com/volatilityfoundation/volatility/blob/master/volatility/plugins/linux/tmpfs.py