Re: [Vol-users] Linux profile
25 Mar
2016
25 Mar
'16
8:51 p.m.
It's not a required part of the assignment but we can use any tools that we
would like to use.
The output of uname -a on my VM is:
Linux localhost.localdomain 2.4.7-10 #1 Thu Sep 6 17:27:27 EDT 2001 i686
unknown
The two attached files are the output of the manual make and make from the
tools/linux folder.
Thanks for any help!
On Fri, Mar 25, 2016 at 1:36 PM, Andrew Case <atcuno(a)gmail.com> wrote:
Hey Carlos,
That is cool to see Volatility being used in your class!
A few things to help diagnose:
1) Can you paste the input/output of building the module both through
make and manually?
2) what is the uname -a output from the live machine?
Thanks,
Andrew (@attrc)
On 03/24/2016 05:00 PM, Carlos Angeles wrote:
Hello,
I am working on a homework assignment that involves IR on a Linux
system. We were only given some of the log files and a memory dump.
None of the profiles on Github work so I need to build a profile.
Unfortunately, the memory dump comes from a very old version of RedHat.
It's RedHat 7.2 (Enigma) not RHEL7.
I found the Enigma ISOs, created a VM and downloaded the source,
headers, libdwarf, dwarfdump, etc, installed but when I run make from
the tools/linux folder, it doesn't create the module.ko file that
dwarfdump uses. I ran the make manually and it finishes without any
errors but no module.ko.
Any ideas what I might be doing wrong?
Thanks!
Carlos
_______________________________________________
Vol-users mailing list
Vol-users(a)volatilityfoundation.org
http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
Attachments:
- attachment.html (text/html — 2.8 KB)
- make_manual.txt (text/plain — 34.8 KB)
- tools_linux_make.txt (text/plain — 35.0 KB)