[Vol-users] Help to add new plugin

Jamie Levy jamie.levy at gmail.com
Thu Nov 14 07:04:20 CST 2013


Type at the prompt:

sudo make clean

and try again


-----Original Message-----
From: David <eterno.comandante at gmail.com>
Date: Thu, 14 Nov 2013 13:53:05 
To: Jamie Levy<jamie.levy at gmail.com>
Cc: Volatility List<vol-users at volatilityfoundation.org>
Subject: Re: [Vol-users] Help to add new plugin

Hi Jamie

Thanks again...

I executed   "sudo python vol.py --plugins=../jamaal-re-tools-f427978461d4/volplugins -f /mnt/hgfs/E/ENSE/F/M/Audits/7523/200309/memory.img --profile=Win7SP1x64 ethscan” 

And i have new errors, (i use vol.py 2.3.1 non instalable version volatility 2.3.1)

Do you know if has anybody a similar problem with ethscan plugin?


Traceback (most recent call last):
  File "/usr/local/bin/vol.py", line 186, in <module>
    main()
  File "/usr/local/bin/vol.py", line 143, in main
    registry.register_global_options(config, commands.Command)
  File "/usr/local/lib/python2.7/dist-packages/volatility/registry.py", line 157, in register_global_options
    for m in get_plugin_classes(cls, True).values():
  File "/usr/local/lib/python2.7/dist-packages/volatility/registry.py", line 152, in get_plugin_classes
    raise Exception("Object {0} has already been defined by {1}".format(name, plugin))
Exception: Object EthScan has already been defined by <class 'volatility.plugins.ethscan_rc1.EthScan'>


Best regards

El 14/11/2013, a las 12:45, Jamie Levy <jamie.levy at gmail.com> escribió:

> Try:
> 
> sudo python vol.py --plugins=../jamaal-re-tools-f427978461d4/volplugins -f /mnt/hgfs/E/ENSE/F/M/Audits/7523/200309/memory.img --profile=Win7SP1x64 ethscan
> 
> First: --plugins takes in either a directory or a zipfile, not a plugin
> 
> Second: You didn't specify which plugin to run (ethscan)
> From: David <eterno.comandante at gmail.com>
> Date: Thu, 14 Nov 2013 10:41:47 +0100
> To: Jamie Levy<jamie.levy at gmail.com>
> Cc: Volatility List<vol-users at volatilityfoundation.org>
> Subject: Re: [Vol-users] Help to add new plugin
> 
> 
> Sorry I had a typo i didn´t write --profile=Win7SP1x64
> 
> 
>> sudo python vol.py --plugins=../jamaal-re-tools-f427978461d4/volplugins/ethscan.py -f /mnt/hgfs/E/ENSE/F/M/Audits/7523/200309/memory.img --profile=Win7SP1x64 
> 
> 
> 
> I have the same error of ever :( 
> 
>> Volatility Foundation Volatility Framework 2.3.1
>> ERROR   : __main__            : You must specify something to do (try -h)
> 
> 
> Thanks!!
> 
> El 14/11/2013, a las 09:36, David <eterno.comandante at gmail.com> escribió:
> 
>> Hi @Jamie and list
>> 
>> Thanks very much for your support ;) 
>> 
>> I’ve same errors when i’m executing: :( 
>> 
>>  sudo python vol.py --plugins=../jamaal-re-tools-f427978461d4/volplugins/ethscan.py -f /mnt/hgfs/E/ENSE/F/M/Audits/7523/200309/memory.img 
>> 
>> The error:
>> 
>> Volatility Foundation Volatility Framework 2.3.1
>> ERROR   : __main__            : You must specify something to do (try -h)
>> 
>> Maybe the cause of this error can be that the new plugin “ethscan" isn't compatible with non instalable version of volatility 2.3.1, what do you think about? 
>> 
>> On the other hand, i found a brief tutorial about ethscan:
>> 
>> https://code.google.com/p/jamaal-re-tools/source/browse/volplugins/README.txt 
>> 
>> vol.py ethscan -f be2.vmem -R --dump-dir outputfiles -C out.pcap -P -S
>> 
>> The execution of the vol.py command is different……. :( 
>> 
>> He does not the flag —-plugin= 
>> 
>> Thanks for all!!
>> 
>> Ps: My apologies for my level of english 
>> 
>> 
>> El 13/11/2013, a las 16:43, Jamie Levy <jamie.levy at gmail.com> escribió:
>> 
>>> Hi David,
>>> 
>>> I think you might have also asked this on the channel.  So yes, you should use the `--plugins=/path/to/folder/with/ethscan` option, obviously changing the path to a folder that has that plugin.  If you were the person on the channel, the issue that you were having is because you must specify `--plugins` first, BEFORE any other options to vol.py:
>>> 
>>> http://code.google.com/p/volatility/wiki/VolatilityUsage23#Specifying_Additional_Plugin_Directories
>>> 
>>> Let me know if you have any other questions.
>>> 
>>> All the best,
>>> 
>>> -gleeda
>>> 
>>> 
>>> 
>>> 
>>> On Tue, Nov 12, 2013 at 6:42 AM, David Martin <eterno.comandante at gmail.com> wrote:
>>> Hello list,
>>> 
>>> Please, I need some help about for add/use new plugins in volatility 2.3.1.
>>> 
>>> Can I use the flag "--plugins=contrib/plugins"? o is there any method?
>>> 
>>> The plugin that I want for add/use is:
>>> 
>>> https://code.google.com/p/jamaal-re-tools/source/checkout 
>>> 
>>> Thanks for your support!!
>>> 
>>> 
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> Vol-users mailing list
>>> Vol-users at volatilityfoundation.org
>>> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
>>> 
>>> 
>>> 
>>> 
>>> -- 
>>> PGP Fingerprint: 2E87 17A1 EC10 1E3E 11D3  64C2 196B 2AB5 27A4 AC92
>> 
> 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.volatilityfoundation.org/pipermail/vol-users/attachments/20131114/9f0bd50d/attachment-0001.html


More information about the Vol-users mailing list