-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error for profile 19041 #30
Comments
Are you seeing any hives resident in memory via hivelist?
…On Wed, May 12, 2021 at 10:49 AM Peter ***@***.***> wrote:
Hi,
I get an error when running this plugin with profile 19041 (Volatility
2.6.1).
Nothing more is shown when adding -v
ERROR : volatility.debug : Unable to find registry hives.
It works for older profiles.
Any ideas?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#30>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAZGFLTVYZY4Y4UKIGKWRJDTNKIP7ANCNFSM44YYNDUA>
.
|
No, both hivelist and hivescan are empty... |
starting from the correct profile is critical. Is everything else normal
(pslist, pscan, etc.)?
…On Wed, May 12, 2021 at 12:57 PM Peter ***@***.***> wrote:
No, both hivelist and hivescan are empty...
Maybe something wrong in the profile from the Volatility project, because
when using Volatility3 and windows.registry.hivelist.HiveList on the same
memory dump it works fine.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#30 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAZGFLVN2DQE3SYBFFWXV7TTNKXRHANCNFSM44YYNDUA>
.
|
Yes. All the other plugins work with the same profile. Since hivelist and hivescan do not work either I suppose it might be some problems inside the 19041 profile definition. |
It could be, especially in vol3 is detecting registry data.
…On Thu, May 13, 2021 at 1:52 PM Peter ***@***.***> wrote:
Yes. All the other plugins work with the same profile. Since hivelist and
hivescan do not work either I suppose it might be some problems inside the
19041 profile definition.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#30 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAZGFLSWACMBBIWINZ2F6PTTNQGXLANCNFSM44YYNDUA>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I get an error when running this plugin with profile 19041 (Volatility 2.6.1).
Nothing more is shown when adding
-v
ERROR : volatility.debug : Unable to find registry hives.
It works for older profiles.
Any ideas?
The text was updated successfully, but these errors were encountered: