Re: [Vol-users] Using Windows XP VMs for testing and windows activation
12 Apr
2012
12 Apr
'12
8:12 p.m.
Mike,
I generally build a fresh copy of the Windows VM, set it up the way I
want, then activate it. At that point, I make a snapshot and call it
"Initial Install". I infect that VM with whatever I'm studying and
snapshot it if needed. When I'm complete with that RAM dump or other
analysis, I revert to "Initial Install".
If I make a clone, I just clone "Initial Image" which has already been
activated.
I use VMWare, BTW.
HTH,
Andre'
Andre' M. DiMino
Deep End Research
http://deependresearch.org
http://sempersecurus.org
"Make sure that nobody pays back wrong for wrong, but always try to be
kind to each other and to everyone else" - 1 Thess 5:15 (NIV)
On 04/12/2012 07:05 PM, Mike Lambert wrote:
I have not used VMs in the past to do malware testing because of the windows activation
problems I run into. Clone, you have to activate; copy, you have to activate; move, you
have to activate. I'm surprised that it still activates!
I would like to talk to someone who knows the best way to deal with this. (or not)
I'd like to have a clone that is infected that I can go back to later. (I do that now
with hard disk images - I can put back a disk image to disk and plug it into the computer
and bring it right back up.)
I can continue to use my test system, which I do not have any problem with. I blow a copy
of a clean system to disk and then go on testing without any activation problems.
Let me know if you have a solution.
Thanks,
Mike
_______________________________________________
Vol-users mailing list
Vol-users(a)volatilityfoundation.org
http://lists.volatilityfoundation.org/mailman/listinfo/vol-users