You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Running Volatility over a LiME dump of ARM64 kali/Debian raises the following error:
python2 vol.py -f C:\Users\22826\Desktop\out.lime --profile=LinuxKali_6_6_9-amd64_profilex64 linux_bash
Volatility Foundation Volatility Framework 2.6.1
Traceback (most recent call last):
File "vol.py", line 192, in
main()
File "vol.py", line 183, in main
command.execute()
File "E:\取证\工具\volatility2\volatility\plugins\linux\common.py", line 67, in execute
commands.Command.execute(self, *args, **kwargs)
File "E:\取证\工具\volatility2\volatility\commands.py", line 116, in execute
if not self.is_valid_profile(profsself._config.PROFILE):
File "E:\取证\工具\volatility2\volatility\plugins\overlays\linux\linux.py", line 218, in init
obj.Profile.init(self, *args, **kwargs)
File "E:\取证\工具\volatility2\volatility\obj.py", line 862, in init
self.reset()
File "E:\取证\工具\volatility2\volatility\plugins\overlays\linux\linux.py", line 232, in reset
self.load_vtypes()
File "E:\取证\工具\volatility2\volatility\plugins\overlays\linux\linux.py", line 269, in load_vtypes
vtypesvar = dwarf.DWARFParser(dwarfdata).finalize()
File "E:\取证\工具\volatility2\volatility\dwarf.py", line 74, in init
self.feed_line(line)
File "E:\取证\工具\volatility2\volatility\dwarf.py", line 165, in feed_line
self.process_statement(**parsed) # pylint: disable-msg=W0142
File "E:\取证\工具\volatility2\volatility\dwarf.py", line 239, in process_statement
self.id_to_name[statement_id] = [self.base_type_name(data)]
File "E:\取证\工具\volatility2\volatility\dwarf.py", line 128, in base_type_name
return self.tp2vol[data['DW_AT_name'].strip('"')]
KeyError: '__int128'
Running Volatility over a LiME dump of ARM64 kali/Debian raises the following error:
The method referred to #478 can be easily solved.
Adding that type in volatility/dwarf.py
The text was updated successfully, but these errors were encountered: