Re: [Vol-users] Help with ModDump
27 Jul
2009
27 Jul
'09
4:39 p.m.
Hi,
Based on a quick look, I think your problem is that you are trying to
redirect the output of the command into a directory. Moddump dumps kernel
modules to the current directory. Give the command a try without the ">
/f/dumps"; it should produce files named driver.[address].sys in the
current directory.
-Brendan
Hey Mark,
Thanks for the email. The Volatility team appreciates all feedback and we
welcome any questions you may have.
What operating system are you using as your analysis platform? Have you
tried specifying an output directory (-d)?
Can you clarify what you mean "except those that require a dump"? What
commands are giving you trouble?
Thanks,
AW
On Sun, 26 Jul 2009, Mark Morgan wrote:
I am using WIN XP SP 2, python 2.6.2 and the 1.3
beta of volatility. I
can
get all the scripts to work just fine except those that require a dump.
I
am trying to dump the mods out of memory using the following syntax:
python volatility moddump -f /c/memory.img > /f/dumps
I have also tried with the backslash and forward slash but I either get
the
error:
"File exists" or "Access Denied"
Any help would be appreciated.
Mark Morgan
DOE/CIRC
Las Vegas, NV
_______________________________________________
Vol-users mailing list
Vol-users(a)volatilityfoundation.org
http://lists.volatilityfoundation.org/mailman/listinfo/vol-users