[SOLVED] Re: [Vol-users] Volatility-Linux TypeError

Hello, I found a solution to my problem as I tried to use volatility on a 32-Bit machine to check if my trouble is caused by my 64-Bit analysis system. On this different computer volatility just worked once, every other try leads to the Error [1] that i saw really often in the last days. After that, I looked for things that changed on the system after the first run and then deleted the .cache/volatility directory in my home directory. That's all, after each run of volatility I delete the cache and everything works fine. Thanks a lot for your time and the helpful Mails. Please ask if you need more information about my problem to debug this possible caching issue. Greetings Patrick [1] python vol.py -f /mnt/host/Desktop/LF32.ram --profile Linux32 --profile_file ../debian_squeeze.zip pslist Volatile Systems Volatility Framework 2.1_alpha WARNING : volatility.obj : comm has no offset in object task_struct. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : name has no offset in object net_device. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : s_id has no offset in object super_block. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : sun_path has no offset in object sockaddr_un. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : x86_model_id has no offset in object cpuinfo_x86. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : x86_vendor_id has no offset in object cpuinfo_x86. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : name has no offset in object module. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : comm has no offset in object task_struct. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : name has no offset in object net_device. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : s_id has no offset in object super_block. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : sun_path has no offset in object sockaddr_un. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : x86_model_id has no offset in object cpuinfo_x86. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : x86_vendor_id has no offset in object cpuinfo_x86. Check that vtypes has a concrete definition for it. WARNING : volatility.obj : name has no offset in object module. Check that vtypes has a concrete definition for it. Offset Name Pid Uid Traceback (most recent call last): File "vol.py", line 171, in <module> main() File "vol.py", line 161, in main command.execute() File "/home/dark-eye/Sources/volatility_lin64/volatility/commands.py", line 135, in execute func(outfd, data) File "/home/dark-eye/Sources/volatility_lin64/volatility/plugins/linux/linux_task_list_ps.py", line 62, in render_text for task in data: File "/home/dark-eye/Sources/volatility_lin64/volatility/plugins/linux/linux_task_list_ps.py", line 41, in calculate init_task_addr = self.smap["init_task"] TypeError: 'NoneType' object is unsubscriptable