Thank you very much. :-)
--
Jim Clausing
GIAC GSE #26, CISSP
GPG Fingerprint = A507 774A 39D6 A702 9F7C 8808 3D13 77B8 AACD 848D
On or about Thu, 7 Apr 2016, Andrew Case pontificated thusly:
https://github.com/volatilityfoundation/volatility/commit/429a160925b216f04147bbdbac7ff867947da4d0
:)
Thanks,
Andrew (@attrc)
On 04/07/2016 03:13 PM, Jim Clausing wrote:
Now my feature request, can we get PPID added to the linux_pslist
output? :-)
--
Jim Clausing
GIAC GSE #26, CISSP
GPG Fingerprint = A507 774A 39D6 A702 9F7C 8808 3D13 77B8 AACD 848D
On or about Thu, 7 Apr 2016, Jim Clausing pontificated thusly:
I guess it really has been a long week. It turns out that --info will
show the profiles if I use --plugins=~user/dir but the profile only
actually works if I use --plugins=/home/user/dir So, I guess problem
mostly solved. User error on my part. Return to your regularly
scheduled programming. (As I slink away in shame)
--
Jim Clausing
GIAC GSE #26, CISSP
GPG Fingerprint = A507 774A 39D6 A702 9F7C 8808 3D13 77B8 AACD 848D
On or about Thu, 7 Apr 2016, Jim Clausing pontificated thusly:
Sigh... Ignore that last e-mail (although that is all the debug info
I get when it fails and, yes, I know I gave an invalid switch -m
should have been -f). I redid it copying and pasting the profile
name from the --info listing on the virgin system and it actually
does work, so my next move is to install (from github) the current
version on my actual production system and see if that fixes the
issues. Maybe the version from the SIFT repos is broken (that is
what was running on the system where I originally had the problem).
It has been a long week. :-/.
--
Jim Clausing
GIAC GSE #26, CISSP
GPG Fingerprint = A507 774A 39D6 A702 9F7C 8808 3D13 77B8 AACD 848D
On or about Thu, 7 Apr 2016, Andrew Case pontificated thusly:
Hey,
Can you run volatility with -dd set and send the output? If I can't
figure out it from there I will take the memory sample and profile.
Feel
free to send debug output offline.
Thanks,
Andrew (@attrc)
On 04/07/2016 12:27 PM, Jim Clausing wrote:
Gang,
I've googled it and saw some other discussion of the dreaded
ERROR : volatility.debug : Invalid profile <blah> selected
error. I'm trying to figure out what changed recently so that
profiles
that used to work for me, no longer work. I just did a fresh Ubuntu
14.04.4 install and then installed volatility (and distorm3 via pip)
from github and I'm getting the error above. Note, this is the
current
release version, though I also have the problem with the version from
whatever repo SIFT uses. The profile actually came from SecondLook
and
worked just fine on a different Ubuntu system about 4 weeks ago, but
today it fails (on the system where it used to run), so I decided
to try
on this virgin system and get the same error. I'm at a loss, since
there are no other debugging messages to help me out with what
might be
the problem. I can provide the profile to anyone who needs it (and
probably a memory image, too, but that needs to be a little more
tightly
controlled) if that would help.
--
Jim Clausing
GIAC GSE #26, CISSP
GPG Fingerprint = A507 774A 39D6 A702 9F7C 8808 3D13 77B8 AACD 848D
_______________________________________________
Vol-users mailing list
[email protected]
http://lists.volatilesystems.com/mailman/listinfo/vol-users
_______________________________________________
Vol-users mailing list
[email protected]
http://lists.volatilesystems.com/mailman/listinfo/vol-users
