[Vol-dev] A doubt about vista_sp0_x86_vtypes.py

AAron Walters awalters at 4tphi.net
Wed Jan 26 20:29:22 CST 2011



Please let us know if you experience any issues.

Thanks,

AW

On Wed, 26 Jan 2011, neofito wrote:

> The current Vista profile is working well, it was just a doubt
>
> Thanks
>
>
> El 20/01/2011 7:37, AAron Walters escribió:
>> 
>> 
>> neofito,
>> 
>> I would guess that is the file that Bradley was interested in when he 
>> generated the profile.  If you would prefer to use types from ntkrpamp.pdb, 
>> please feel free. With all the changes in the upcoming 1.4, adding new 
>> types and profiles has become a lot easier. Hopefully you will also decide 
>> to submit them back and assist with Vista testing.
>> 
>> Have you run into problems with the current profile?  Is it not working?
>> Thanks,
>> 
>> AW
>> 
>> 
>> 
>> 
>> On Wed, 19 Jan 2011, neofito wrote:
>> 
>>> Hello,
>>> 
>>> From "Windows Internals, Fifth Edition":
>>> 
>>> On 32-bit x86 systems, the flag in the page table entry to mark a page as 
>>> nonexecutable is available only when processor is running in Physical 
>>> Address Extension (PAE) mode. Thus, support for hardware DEP on 32-bit 
>>> systems requires loading the PAE kernel
>>> 
>>> Why the file used is ntkrnlmp.pdb instead of ntkrpamp.pdb?
>>> 
>>> Thanks,
>>> ---
>>> La verdad nos hara libres
>>> 
>>> http://neosysforensics.blogspot.com
>>> http://www.wadalbertia.org
>>> -<|:-P[G]
>>> _______________________________________________
>>> Vol-dev mailing list
>>> Vol-dev at volatilityfoundation.org
>>> http://lists.volatilityfoundation.org/mailman/listinfo/vol-dev
>>> 
>> 
>> 
>> -----
>> Se certifico que el correo no contiene virus.
>> Comprobada por AVG - www.avg.es
>> Version: 10.0.1191 / Base de datos de virus: 1435/3392 - Fecha de la 
>> version: 20/01/2011
>> 
>> 
>
> _______________________________________________
> Vol-dev mailing list
> Vol-dev at volatilityfoundation.org
> http://lists.volatilityfoundation.org/mailman/listinfo/vol-dev
>


More information about the Vol-dev mailing list