We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug linux.vmayarascan --yara-string crashes
linux.vmayarascan --yara-string
Context Volatility Version: 2.12.0 Operating System: Linux Python Version: 3.8.20 Suspected Operating System: Linux Command: $ ./vol.py -f../linux-sample-1.bin linux.vmayarascan.VmaYaraScan --pid 1 --yara-string "ELF"
$ ./vol.py -f../linux-sample-1.bin linux.vmayarascan.VmaYaraScan --pid 1 --yara-string "ELF"
To Reproduce Steps to reproduce the behavior:
$ ./vol.py -f../linux-sample-1.bin linux.vmayarascan.VmaYaraScan --pid 1 --yara-string "ELF" Volatility 3 Framework 2.12.0 Progress: 100.00 Stacking attempts finished Offset PID Rule Component Value Traceback (most recent call last): File "./vol.py", line 11, in <module> volatility3.cli.main() File "/home/gmoreira/vol3/volatility3/cli/__init__.py", line 917, in main CommandLine().run() File "/home/gmoreira/vol3/volatility3/cli/__init__.py", line 505, in run renderer.render(grid) File "/home/gmoreira/vol3/volatility3/cli/text_renderer.py", line 230, in render grid.populate(visitor, outfd) File "/home/gmoreira/vol3/volatility3/framework/renderers/__init__.py", line 245, in populate for level, item in self._generator: File "/home/gmoreira/vol3/volatility3/framework/plugins/linux/vmayarascan.py", line 70, in _generator for match in rules.match( AttributeError: 'builtins.Rules' object has no attribute 'match'
Expected behavior
$ ./vol.py -f../linux-sample-1.bin linux.vmayarascan.VmaYaraScan --pid 1 --yara-string "ELF" Volatility 3 Framework 2.9.0 Progress: 100.00 Stacking attempts finished Offset PID Rule Component Value 0x7f489741c001 1 default.r1 $a 45 4c 46 0x7f4897620001 1 default.r1 $a 45 4c 46 0x7f48979ab001 1 default.r1 $a 45 4c 46 0x7f4897e0b001 1 default.r1 $a 45 4c 46 0x7f4897e108f4 1 default.r1 $a 45 4c 46 0x7f4897e24151 1 default.r1 $a 45 4c 46 0x7f4897e24161 1 default.r1 $a 45 4c 46 0x7f4897e24583 1 default.r1 $a 45 4c 46 0x7f4897e250e4 1 default.r1 $a 45 4c 46 0x7f4897e25109 1 default.r1 $a 45 4c 46 0x7f4897e25114 1 default.r1 $a 45 4c 46 0x7f4897e25243 1 default.r1 $a 45 4c 46 0x7f4897e2524e 1 default.r1 $a 45 4c 46 0x7fff14da9001 1 default.r1 $a 45 4c 46
Example output see above
Additional information
A git bisect identified that the issue was introduced by commit d4585be, which was integrated in PR #1198
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Describe the bug
linux.vmayarascan --yara-stringcrashesContext
Volatility Version: 2.12.0
Operating System: Linux
Python Version: 3.8.20
Suspected Operating System: Linux
Command:
$ ./vol.py -f../linux-sample-1.bin linux.vmayarascan.VmaYaraScan --pid 1 --yara-string "ELF"To Reproduce
Steps to reproduce the behavior:
$ ./vol.py -f../linux-sample-1.bin linux.vmayarascan.VmaYaraScan --pid 1 --yara-string "ELF"Expected behavior
Example output
see above
Additional information
A git bisect identified that the issue was introduced by commit d4585be, which was integrated in PR #1198
The text was updated successfully, but these errors were encountered: