[Vol-users] Recover password from memory dump
mex at di.unipmn.it
Fri Apr 29 10:53:19 CDT 2016
I'm new on volatility so sorry if this question does not fit the purpose
of this mailing list.
I was starting play with LiME (Linux Memory Extract) and I was able
to dump a memory image of an Android Emulator where ChatSecure was
ChatSecure asked a master password at the first run and this password is
stored by using a library called CacheWord .
Here the question: in order to find out if ChatSecure stores this
password in memory, how should I use volatility?
A doc/tutorial link or any suggestion are more than welcome.
More information about the Vol-users