On Mar 2, 2012 3:31 PM, "Jamie Levy" <jamie.levy@gmail.com> wrote:

OK, it's now fixed.  Everyone `svn update` ;-)



On Fri, Mar 2, 2012 at 4:07 PM, Michael Hale Ligh
<michael.hale@gmail.com> wrote:
> Yeah I think this was introduced in r1483-1485. Some files named
> win2k3 need to be renamed win2003. We'll fix it up shortly. Thanks for
> catching it!
>
> MHL
>
> On Fri, Mar 2, 2012 at 3:52 PM, Michael Cohen <scudette@gmail.com> wrote:
>> Hi Tom,
>>  It looks from this backtrace like you are trying to run a subversion
>> checkout. If you are looking for stability, please check out the 2.0
>> branch or download the tarball. Clearly the current subversion head is
>> a little broken :-)
>>
>> Michael.
>>
>> On 2 March 2012 18:05, Tom Yarrish <tom@yarrish.com> wrote:
>>> Hey all,
>>> So I went through the install docs for Linux on the wiki to install
>>> Volatility on my MacBook Pro running OS X Lion.  I'm testing it using
>>> the samples from the Malware Cookbook (stuxnet.vmem in this case), and
>>> just doing:
>>>
>>> python ~/volatility-read-only/vol.py -f stuxnet.vmem imageinfo
>>>
>>> I'm getting the following output:
>>>
>>>
>>> Volatile Systems Volatility Framework 2.1_alpha
>>> Determining profile based on KDBG search...
>>>
>>> Traceback (most recent call last):
>>>  File "/Users/e18529/volatility-read-only/vol.py", line 135, in <module>
>>>    main()
>>>  File "/Users/e18529/volatility-read-only/vol.py", line 126, in main
>>>    command.execute()
>>>  File "/Users/e18529/volatility-read-only/volatility/commands.py",
>>> line 101, in execute
>>>    func(outfd, data)
>>>  File "/Users/e18529/volatility-read-only/volatility/plugins/imageinfo.py",
>>> line 37, in render_text
>>>    for k, v in data:
>>>  File "/Users/e18529/volatility-read-only/volatility/plugins/imageinfo.py",
>>> line 47, in calculate
>>>    suglist = [ s for s, _, _ in kdbg.KDBGScan.calculate(self)]
>>>  File "/Users/e18529/volatility-read-only/volatility/plugins/kdbgscan.py",
>>> line 95, in calculate
>>>    buf = addrspace.BufferAddressSpace(self._config)
>>>  File "/Users/e18529/volatility-read-only/volatility/addrspace.py",
>>> line 161, in __init__
>>>    BaseAddressSpace.__init__(self, None, config, **kwargs)
>>>  File "/Users/e18529/volatility-read-only/volatility/addrspace.py",
>>> line 68, in __init__
>>>    self.profile = self._set_profile(config.PROFILE)
>>>  File "/Users/e18529/volatility-read-only/volatility/addrspace.py",
>>> line 90, in _set_profile
>>>    ret = registry.PROFILES[profile_name]()
>>>  File "/Users/e18529/volatility-read-only/volatility/obj.py", line
>>> 879, in __init__
>>>    self.reset()
>>>  File "/Users/e18529/volatility-read-only/volatility/obj.py", line
>>> 906, in reset
>>>    self.load_modifications()
>>>  File "/Users/e18529/volatility-read-only/volatility/obj.py", line
>>> 960, in load_modifications
>>>    mod.modification(self)
>>>  File "/Users/e18529/volatility-read-only/volatility/plugins/overlays/windows/ssdt_vtypes.py",
>>> line 57, in modification
>>>    profile.additional['syscalls'] = module.syscalls
>>> AttributeError: 'NoneType' object has no attribute 'syscalls'
>>>
>>>
>>> So I'm guessing I still don't have something configured correctly.
>>>
>>> Thanks ahead of time,
>>> Tom
>>> _______________________________________________
>>> Vol-users mailing list
>>> Vol-users@volatilesystems.com
>>> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
>> _______________________________________________
>> Vol-users mailing list
>> Vol-users@volatilesystems.com
>> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
> _______________________________________________
> Vol-users mailing list
> Vol-users@volatilesystems.com
> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users



--
PGP Fingerprint: 2E87 17A1 EC10 1E3E 11D3  64C2 196B 2AB5 27A4 AC92
_______________________________________________
Vol-users mailing list
Vol-users@volatilesystems.com
http://lists.volatilityfoundation.org/mailman/listinfo/vol-users