Abyss-W4tcher
Abyss-W4tcher
Try ```sh pip2 install pycryptodome distorm3 ```
Hello, recent gcc and dwarfdump versions output symbols in a format not implemented by Volatility2. You can try to patch it yourself. Check valid "DW_AT_byte_size" format from another dump/profile and...
> > So how should I edit volatility/volatility/dwarf.py? > > I think at the bottom of the README there is a patch by him: [Abyss-W4tcher/volatility2-profiles#volatility-patches](https://github.com/Abyss-W4tcher/volatility2-profiles?tab=readme-ov-file#volatility-patches) Hi, this patch applies to...
Applying the following diff : ```diff diff --git a/main.go b/main.go index 6910a01..f88ee2c 100644 --- a/main.go +++ b/main.go @@ -206,8 +206,16 @@ func (doc *vtypeJson) addStruct(structType *dwarf.StructType, name, endian strin Kind:...
Hi, I also encountered really high RAM usage while using dwarf2json. I might be wrong, but it seems like everything is stored in memory, which eventually makes use of the...
> Hi, > > Yes, dwarf2json currently stores JSON in memory before writing it out. Given the current constraints, it is not feasible to incrementally write out the JSON for...
Hi @gregshot, Volatility2 doesn't support Python3, only Python2. I suggest you to try the supported and latest version, which is Volatility3, available here : https://github.com/volatilityfoundation/volatility3
Following the same procedure as the author, I can confirm that the import of a config doesn't skip the Linux automagic stacking (even with the same plugin used to generate...
Hi, the following worked for me (inverted lib order while linking) : ```sh sudo ldconfig # after installing xar gcc pbzx.c -o pbzx -llzma -lxar ```
Hi @atcuno, sure I can port these two plugins :) Would you like them to be put in a common `kernel_tracing` directory under `plugins`, so that users can easily understand...