[Vol-users] Linux profile

Andrew Case atcuno at gmail.com
Fri Mar 25 15:36:49 CDT 2016


Hey Carlos,

That is cool to see Volatility being used in your class!

A few things to help diagnose:

1) Can you paste the input/output of building the module both through
make and manually?

2)  what is the uname -a output from the live machine?


Thanks,
Andrew (@attrc)

On 03/24/2016 05:00 PM, Carlos Angeles wrote:
> Hello,
> 
> I am working on a homework assignment that involves IR on a Linux
> system.  We were only given some of the log files and a memory dump. 
> None of the profiles on Github work so I need to build a profile. 
> Unfortunately, the memory dump comes from a very old version of RedHat. 
> It's RedHat 7.2 (Enigma) not RHEL7. 
> 
> I found the Enigma ISOs, created a VM and downloaded the source,
> headers, libdwarf, dwarfdump, etc, installed but when I run make from
> the tools/linux folder, it doesn't create the module.ko file that
> dwarfdump uses. I ran the make manually and it finishes without any
> errors but no module.ko.
> 
> Any ideas what I might be doing wrong?
> 
> Thanks!
> Carlos
> 
> 
> 
> _______________________________________________
> Vol-users mailing list
> Vol-users at volatilityfoundation.org
> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
> 


More information about the Vol-users mailing list