You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have this error when I perform a filescan or a psscan:
python vol.py -f Desktop_cs3.raw --profile=Win10x64_17763 filescan
Volatility Foundation Volatility Framework 2.6.1
Offset(P) #Ptr #Hnd Access Name
WARNING : volatility.debug : Cannot find nt!ObGetObjectType
WARNING : volatility.debug : Cannot find nt!ObGetObjectType
Traceback (most recent call last):
File "vol.py", line 192, in
main()
File "vol.py", line 183, in main
command.execute()
File "/root/volatility/volatility/commands.py", line 147, in execute
func(outfd, data)
File "/root/volatility/volatility/plugins/filescan.py", line 75, in render_text
for file in data:
File "/root/volatility/volatility/poolscan.py", line 252, in scan
skip_type_check = skip_type_check)
File "/root/volatility/volatility/plugins/overlays/windows/windows.py", line 1258, in get_object
return self.get_object_top_down(struct_name, object_type, skip_type_check)
File "/root/volatility/volatility/plugins/overlays/windows/windows.py", line 1231, in get_object_top_down
header.get_object_type() == object_type):
File "/root/volatility/volatility/plugins/overlays/windows/win7.py", line 155, in get_object_type
return self.type_map.get(int(self.TypeIndex), '')
File "/root/volatility/volatility/plugins/overlays/windows/win10.py", line 330, in TypeIndex
return ((addr >> 8) ^ cook ^ indx) & 0xFF
TypeError: unsupported operand type(s) for ^: 'int' and 'NoneType'
I don't know if it's because the Windows 10 version or why. Can you help me?
The text was updated successfully, but these errors were encountered:
I have this error when I perform a filescan or a psscan:
python vol.py -f Desktop_cs3.raw --profile=Win10x64_17763 filescan
Volatility Foundation Volatility Framework 2.6.1
Offset(P) #Ptr #Hnd Access Name
WARNING : volatility.debug : Cannot find nt!ObGetObjectType
WARNING : volatility.debug : Cannot find nt!ObGetObjectType
Traceback (most recent call last):
File "vol.py", line 192, in
main()
File "vol.py", line 183, in main
command.execute()
File "/root/volatility/volatility/commands.py", line 147, in execute
func(outfd, data)
File "/root/volatility/volatility/plugins/filescan.py", line 75, in render_text
for file in data:
File "/root/volatility/volatility/poolscan.py", line 252, in scan
skip_type_check = skip_type_check)
File "/root/volatility/volatility/plugins/overlays/windows/windows.py", line 1258, in get_object
return self.get_object_top_down(struct_name, object_type, skip_type_check)
File "/root/volatility/volatility/plugins/overlays/windows/windows.py", line 1231, in get_object_top_down
header.get_object_type() == object_type):
File "/root/volatility/volatility/plugins/overlays/windows/win7.py", line 155, in get_object_type
return self.type_map.get(int(self.TypeIndex), '')
File "/root/volatility/volatility/plugins/overlays/windows/win10.py", line 330, in TypeIndex
return ((addr >> 8) ^ cook ^ indx) & 0xFF
TypeError: unsupported operand type(s) for ^: 'int' and 'NoneType'
I don't know if it's because the Windows 10 version or why. Can you help me?
The text was updated successfully, but these errors were encountered: