github-actions[bot]
commented
1 year ago This issue is stale because it has been open for 200 days with no activity.
Closed schoeringhumer closed 1 year ago
github-actions[bot]
commented
1 year ago This issue is stale because it has been open for 200 days with no activity.
github-actions[bot]
commented
1 year ago This issue was closed because it has been inactive for 60 days since being marked as stale.
Describe the bug
Hi,
I am trying to analyze the R2D2-Image from your samples page (https://github.com/volatilityfoundation/volatility/wiki/Memory-Samples) and it works just fine for Volatility2, but not with 3.
Error Line after executing python3 vol.py -vvvv -f ./0zapftis.vmem windows.info.Info:
Volatility 3 Framework 2.4.1 WARNING volatility3.framework.plugins: Automagic exception occurred: ValueError: Symbol type not in symbol_table_name1 SymbolTable: _ETHREAD
Unsatisfied requirement plugins.Info.kernel.symbol_table_name:
A symbol table requirement was not fulfilled. Please verify that: The associated translation layer requirement was fulfilled You have the correct symbol file for the requirement The symbol file is under the correct directory or zip file The symbol file is named appropriately or contains the correct banner
Unable to validate the plugin requirements: ['plugins.Info.kernel.symbol_table_name']
Context Volatility Version: 3 Framework 2.4.1 Operating System: Ubuntu Python Version: 3.10.6 Suspected Operating System: Windows XP SP2 x86 Command: python3 vol.py -vvvv -f ./0zapftis.vmem windows.info.Info
To Reproduce Steps to reproduce the behavior:
Expected behavior
More or less just imageinfo of the provided sample OS
Example output
Additional information
Problem seems to be the same like #631