Lou Sierra

I pulled the latest version from this location: https://github.com/Velocidex/c-aff4/releases/download/v3.3.rc3/linpmem-v3.3-rc3.3-rc2 When I execute it on my system, I get the same following message: [lsierra@usdsglxp0066 v3.3-rc3]$ ./linpmem-v3.3-rc3.3-rc2 ./linpmem-v3.3-rc3.3-rc2: /lib64/libc.so.6: version `GLIBC_2.27' not...

I was able to run the above command against the collection. The command did not produce any output at all. I added the "-dd" command as suggested with the following...

I was able to obtain a different AFF4 file, just to make sure the collection I was working with didnt have an issue with it. I am getting similar results...

I ran the test of the AFF4 using the unzip command and there were no errors detected. Correction - This was taken with WinPmem 2.1-post4.exe and I am attempting to...

Quick Update - I was able to move the test_file.aff4 to a windows machine for clarification. winpmem.exe test_file.aff4 -e PhysicalMemory -o output.raw This command worked using winpmem-2.1-post4 This does **not**...

Just looking for an update if any........

We are in the process of updating our utilities to v3.3 already and will keep your update in mind. This particular collection was done some time ago that we use...

See the requested output below: $ ./vol.py -vvv -f /mnt/hgfs/Documents/servername-e52bf066.vmem windows.info Volatility 3 Framework 1.0.0 INFO root : Volatility plugins path: ['/cases/volatility3-1.0.0/volatility3/plugins', '/cases/volatility3-1.0.0/volatility3/framework/plugins'] INFO root : Volatility symbols path: ['/cases/volatility3-1.0.0/volatility3/symbols',...

I used the "git clone" command and re-ran the line. I copied over the 'windows.zip' file into the 'symbols' folder Here is the new output python3 vol.py -vvv -f /mnt/hgfs/Documents/servername-e52bf066.vmem...

You mentioned in an earlier comment the need for the VMSS file. I have that file, but I don't see a way to include it in the command.