Andrew Case
Andrew Case
@eightymg Did you mean to close this?
@ipptac Can you please test using the bitmap_crashdumps branch? I don't see the branch switch in your commands.
Can you please try with the latest version of Volatility by using a checkout from here (GitHub)? I see that you are running what appears to be the standalone executable,...
These plugins need updating for Windows 8 and Windows 10. We plan to address this when the related research is completed.
Could you please repeat the acquisition process with the following added before running Lime: 1) copy /proc/iomem to a file 2) copy /proc/kallsyms to a file Then run lime and...
Is this for 32 or 64 bit ARM?
@ikelos the latest work from Gus looks good to me. Can you do a (final?) review on it? I don't see any comments left for me.
Can you please paste the full backtrace? That way I can see the lines of code that caused the fault.
Ok thanks, I see its at: https://github.com/volatilityfoundation/volatility3/blob/master/volatility/framework/symbols/linux/extensions/__init__.py#L293 I will get a patch in for that today. If you are comfortable coding, you can patch yourself in the meantime by putting...
It seems like there are a couple things here. 1) @olifre - would be up for testing this sample with Volatility 2 and see if linux_pslist produces a process list?...