Re: [Vol-users] Plugin errors in scudette-branch

Hi Stefan, Thanks for helping to test the linux support. I am currently traveling and will not be able to fix these issue for another week. I will try to help here, but suggest you open an issue with these bug reports. At the moment the linux plugins have not all been converted to the new framework which supports multiple operating systems, so many do not work completely yet. On 28 April 2012 13:27, Stefan Steizer <vitax.set(a)googlemail.com> wrote: You must realise that this is an interactive python shell, so a global name of pslist is not already defined. You can either use "pslist" as a string, or better use plugins.pslist. The plugins global provides access to all plugins which are able to run within the current session (i.e. the ones that support the current profile etc). As usual with ipython you can type tab twice to see the command completion. For example plugins.[tab][tab] will offer all the currently available plugins for the current profile. It is possible that this constant was renamed with later kernel versions. This looks to me like the ip address (which is normally an address object) should not be an integer - try replacing line 98 with ip = "0.0.0.0" As you can see from this tracking page https://sites.google.com/site/volatilityng/todo The netstat module is not yet converted to the new framework. I guess we need to improve the error message here through - as "no such plugin" or something. If you used the plugins global as mentioned above you would see that it does not have a netstat plugin. I wonder if this is due to the dmesg data actually being utf8 encoded unicode data. Can you try replacing: http://code.google.com/p/volatility/source/browse/branches/scudette/volatil… return log_buf_addr.dereference_as("String", length=log_buf_len) with return log_buf_addr.dereference_as("UnicodeString", length=log_buf_len) Thanks, Michael.