[Vol-users] Help with ModDump

Sebastien R uyojimbo at gmail.com
Mon Jul 27 16:31:48 CDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

win32dd of course ! :D

http://win32dd.msuiche.net/

seriously, Win32dd is one among others, but it works like a charm.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.6)

iQEcBAEBCgAGBQJKbhzDAAoJEKIiDOJfGe5KkPgH/2VMlA6hJg8eh/FS49IuIsO2
+MfVWnHMmoxZEOmMznjY91pEcDErFfNVN2EjuBL8nSsXir6KeX6duCYy0434/xHh
VIbvGVQ+9qmQCOJuPHaDM7y77pST5VfAQkgzAHFG3pI56iY3El6DmOUEF/P1/9Zc
qKFGkdAp6w1SiNAie/A7e1ZtcSoNYJBeJL1t2CHfHu9C69JDR2CBNGJ0ax6kylF0
DLaZXpuDJYBYizbBy6dqLQr7vIu1aa4tI/jWJOXYEvHcFeuklBSOAYRPV0VCBZRv
8OSoQuYOnhSgPoHsHlB3MEoCdgwFUP5MlHNtdFw7/kvzbys3h059TKhusVNOYiE=
=3BRh
-----END PGP SIGNATURE-----

2009/7/27 Miguel Guirao <mguirao at gmail.com>:
> Hi!
>
> Does any body knows of good acquisition utilities so I can use??
>
> I'm starting in this field, so i don't know of any. Best regards.
>
> On Sun, Jul 26, 2009 at 9:57 PM, AAron Walters <awalters at 4tphi.net> wrote:
>>
>>
>> Hey Mark,
>>
>> Thanks for the email.  The Volatility team appreciates all feedback and we
>> welcome any questions you may have.
>>
>> What operating system are you using as your analysis platform?  Have you
>> tried specifying an output directory (-d)?
>>
>> Can you clarify what you mean "except those that require a dump"? What
>> commands are giving you trouble?
>>
>> Thanks,
>>
>> AW
>>
>> On Sun, 26 Jul 2009, Mark Morgan wrote:
>>
>>> I am using WIN XP SP 2, python 2.6.2 and the 1.3 beta of volatility.  I
>>> can
>>> get all the scripts to work just fine except those that require a dump.
>>>  I
>>> am trying to dump the mods out of memory using the following syntax:
>>> python volatility moddump -f /c/memory.img > /f/dumps
>>>
>>>
>>> I have also tried with the backslash and forward slash but I either get
>>> the
>>> error:
>>>
>>> "File exists" or "Access Denied"
>>>
>>>
>>> Any help would be appreciated.
>>>
>>> Mark Morgan
>>> DOE/CIRC
>>> Las Vegas, NV
>>>
>> _______________________________________________
>> Vol-users mailing list
>> Vol-users at volatilityfoundation.org
>> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
>
>
>
> --
>
>
> Miguel Guirao A
>
> _______________________________________________
> Vol-users mailing list
> Vol-users at volatilityfoundation.org
> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
>
>


More information about the Vol-users mailing list