pypykatz plugin for volatility3 framework
License: MIT License
Hello, i need help.
When i use plugin, i got strange error:
"KeyError: 'primary'"
Running command as
python3 vol.py -f ~/testy-tms/silver.raw windows.vol_pypykatz.pypykatz
Got error:
Volatility 3 Framework 2.7.0
Traceback (most recent call last):B scanning finished
File "/home/andy/2/volatility3/volatility3/framework/interfaces/configuration.py", line 163, in getitem
return self._data[key]
~~~~~~~~~~^^^^^
KeyError: 'primary'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/andy/2/volatility3/vol.py", line 10, in
volatility3.cli.main()
File "/home/andy/2/volatility3/volatility3/cli/init.py", line 871, in main
CommandLine().run()
File "/home/andy/2/volatility3/volatility3/cli/init.py", line 466, in run
grid = constructed.run()
^^^^^^^^^^^^^^^^^
File "/home/andy/2/volatility3/volatility3/plugins/windows/vol_pypykatz.py", line 54, in run
return pparser.go_volatility3(self, framework_version)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/andy/.local/lib/python3.11/site-packages/pypykatz/pypykatz.py", line 218, in go_volatility3
reader = Vol3Reader(vol3_obj)
^^^^^^^^^^^^^^^^^^^^
File "/home/andy/.local/lib/python3.11/site-packages/pypykatz/commons/readers/volatility3/volreader.py", line 66, in init
self.setup()
File "/home/andy/.local/lib/python3.11/site-packages/pypykatz/commons/readers/volatility3/volreader.py", line 69, in setup
self.find_lsass()
File "/home/andy/.local/lib/python3.11/site-packages/pypykatz/commons/readers/volatility3/volreader.py", line 88, in find_lsass
layer_name = self.vol_obj.config['primary'],
~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^
File "/home/andy/2/volatility3/volatility3/framework/interfaces/configuration.py", line 165, in getitem
raise KeyError(key)
KeyError: 'primary'
I dont have such error for other plugins. Seems like a bug in plugin (using 10.05.2024 version of volatility3)
my usage:
python3 vol.py target.vmem -p pypykatz-volatility3 pypykatz
modulenotfounderror:no module named 'volatility'
Framework version is 1. 2. 1
python3 vol.py -f OtterCTF.vmem -p ../pypykatz pypykatz
Volatility 3 Framework 2.4.2
Progress: 100.00 PDB scanning finished
Volatility was unable to read a requested page:
Page error 0x7f0 in layer primary_Process500 (Page Fault at entry 0x0 in page entry)
* Memory smear during acquisition (try re-acquiring if possible)
* An intentionally invalid page lookup (operating system protection)
* A bug in the plugin/volatility3 (re-run with -vvv and file a bug)
No further results will be produced
the latest volatility3 framework is 2.0.0, but this one only support framework 1.0.0. I think this tool needs to be updated :)
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.