[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-discuss] How to read memory dump?

From: Binh Q. Pham
Subject: Re: [Qemu-discuss] How to read memory dump?
Date: Mon, 09 Mar 2015 14:34:48 -0400
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0

Right, I also found volatility and played with that for a while, but I got problems getting that running. I already reported the problems to volatility, but I will also mention here in case someone has gone through the same problem and knows how to fix:


On 03/09/2015 02:24 PM, Jakob Bohm wrote:
On 09/03/2015 17:21, Binh Q Pham wrote:
Hi folks,

Could you suggest me a way to extract information from Virtual Machine's memory dump (I used 'pmemsave' to get this memory dump)?

Thanks for your help.

I read somewhere offline that there is a project called
"volatility", which provides tools and scripts to examine
machine states found in such memory dumps.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]