Re: [Vol-users] files-command missed
11 Aug
2011
11 Aug
'11
7:17 a.m.
Michael,
The files command only showed info on files, but there are 20+ other types
of objects. The handles command shows you all objects, including mutexes,
events, desktops, registry keys, etc. If you only want to see files, without
using grep, try "handles -p 816 -t File"
Also see:
http://code.google.com/p/volatility/wiki/CommandReference#handles
MHL
On Thu, Aug 11, 2011 at 5:12 AM, Michael Felber <MichaelFelber(a)gmx.net>wrote:
Hi all,****
In v2.0 I miss the files-command.****
As a workaround I use****
C:\Python27\Scripts>python vol.py handles -p 816 -f … | grep -i "File"****
„files“ was easier to use. Why it has gone?****
** **
Cu****
** **
Michael****
** **
_______________________________________________
Vol-users mailing list
Vol-users(a)volatilityfoundation.org
http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
Attachments:
- attachment.html (text/html — 2.1 KB)