Comments (10)
ikelos
commented on August 21, 2024
1
Also, thank you for reporting this and having patience with me. I think I was running vol from the volatility directory when I did my tests, so it was picking up the local directory, rather than the installed package. Sorry for the inconvenience, I think I need some sleep... 5:S
from volatility3.
ShutdownRepo
commented on August 21, 2024
I think it was introduced in b4c6b66
This install would work
git -C /opt/tools/ clone https://github.com/volatilityfoundation/volatility3
git -C /opt/tools/volatility3 revert b4c6b661f01fc3dde54362a4f55be4d89e4cc6e5
python3 -m pipx install /opt/tools/volatility3
vol --helpfrom volatility3.
ikelos
commented on August 21, 2024
Thanks very much for letting us know. Could you please test the proposed fix in #1003 and let us know if it resolves the problem?
from volatility3.
QU35T-code
commented on August 21, 2024
Hey, fix on issues/issue1002 doesn't works
> git checkout issues/issue1002
Branch 'issues/issue1002' set up to track remote branch 'issues/issue1002' from 'origin'.
Switched to a new branch 'issues/issue1002'
> python3 -m pipx install .
installed package volatility3 2.5.0, installed using Python 3.9.2
These apps are now globally available
- vol
- volshell
done! ✨ 🌟 ✨
> vol --help
Traceback (most recent call last):
File "/root/.local/bin/vol", line 5, in <module>
from volatility3.cli import main
ModuleNotFoundError: No module named 'volatility3.cli'If we revert to this commit it works : b4c6b66
> git -C /opt/tools/volatility3 revert b4c6b661f01fc3dde54362a4f55be4d89e4cc6e5
[develop 5458cef0] Revert "Core: Include only volatility3 in distributions packages"
1 file changed, 1 insertion(+), 1 deletion(-)
> python3 -m pipx uninstall volatility3
Nothing to uninstall for volatility3 😴
> python3 -m pipx install .
installed package volatility3 2.5.0, installed using Python 3.9.2
These apps are now globally available
- vol
- volshell
done! ✨ 🌟 ✨
> vol --help
Volatility 3 Framework 2.5.0
usage: volatility [-h] [-c CONFIG] [--parallelism [{processes,threads,off}]] [-e EXTEND] [-p PLUGIN_DIRS] [-s SYMBOL_DIRS]
[-v] [-l LOG] [-o OUTPUT_DIR] [-q] [-r RENDERER] [-f FILE] [--write-config] [--save-config SAVE_CONFIG]
[--clear-cache] [--cache-path CACHE_PATH] [--offline] [--single-location SINGLE_LOCATION]
[--stackers [STACKERS ...]] [--single-swap-locations [SINGLE_SWAP_LOCATIONS ...]]
plugin ...from volatility3.
ikelos
commented on August 21, 2024
I'm afraid I can't recreate your situation. On the issues/issue1002 branch I get the following:
ikelos volatility3 # python -m pipx install .
installed package volatility3 2.5.0, installed using Python 3.11.5
These apps are now globally available
- vol
- volshell
⚠️ Note: '/root/.local/bin' is not on your PATH environment variable. These apps will not be globally accessible until your PATH is updated. Run `pipx ensurepath` to automatically add
it, or manually modify your PATH in your shell's config file (i.e. ~/.bashrc).
done! ✨ 🌟 ✨
ikelos volatility3 # /root/.local/bin/vol --help
Volatility 3 Framework 2.5.0
usage: volatility [-h] [-c CONFIG] [--parallelism [{processes,threads,off}]] [-e EXTEND] [-p PLUGIN_DIRS] [-s SYMBOL_DIRS] [-v] [-l LOG] [-o OUTPUT_DIR] [-q] [-r RENDERER] [-f FILE]
[--write-config] [--save-config SAVE_CONFIG] [--clear-cache] [--cache-path CACHE_PATH] [--offline] [--single-location SINGLE_LOCATION] [--stackers [STACKERS ...]]
[--single-swap-locations [SINGLE_SWAP_LOCATIONS ...]]
plugin ...
An open-source memory forensics framework
options:
-h, --help Show this help message and exit, for specific plugin options use 'volatility <pluginname> --help'
Are you sure it isn't using a cached copy in some way?
from volatility3.
ShutdownRepo
commented on August 21, 2024
Nope, you can test with the following dockerfile
FROM debian:11-slim
RUN apt-get update && apt-get install -y python3-pip git
RUN git clone https://github.com/volatilityfoundation/volatility3/ -b issues/issue1002
RUN cd volatility3 && pip3 install .docker build --no-cache -t voltest . && docker run --rm --tty --interactive voltest$ vol --help
root@d64b249b79f9:/# vol --help
Traceback (most recent call last):
File "/usr/local/bin/vol", line 5, in <module>
from volatility3.cli import main
ModuleNotFoundError: No module named 'volatility3'
from volatility3.
ikelos
commented on August 21, 2024
I have reverted the original commit. The changes I made installed the directories under volatility3 into dist-files, rather than under a volatility3 directory that was under dist-files. I haven't found a way to cleanly tell setup.py that I only want files under the volatility3 directory for the wheel/package, but that the source should still include doc and things like that. If anyone has more experience with setup.py do feel free to chime in...
from volatility3.
ShutdownRepo
commented on August 21, 2024
Thank you 🙏
from volatility3.
ikelos
commented on August 21, 2024
Ok, I've updated #1003 , if you'd be able to test it again, it seems to successfully work on your docker image and hopefully keeps all our other packages as intended. If it works I'll get it merged... 5:)
from volatility3.
ShutdownRepo
commented on August 21, 2024
I can confirm
from volatility3.
Related Issues (20)
- Symbols table requirement not being fulfilled HOT 3
- How to analyse individual dump files? HOT 4
- Games processes in Volatility HOT 1
- Volatility3 not work - symbol and pdb problem HOT 21
- Allow strings as arguments to subtype for array (and similar)?
- Votality Symbol Table Problems HOT 4
- PluginRequirements: Fix `optional` and no `default` value behaviour HOT 3
- Handles unable to process sample Volatility 2 reports correctly. UnionType error? HOT 10
- Missing stable branch? HOT 1
- Unable to validate the plugin requirements: ['plugins.PsList.kernel.layer_name', 'plugins.PsList.kernel.symbol_table_name'] HOT 1
- TypeError: unsupported operand type(s) for +: 'module' and 'str' HOT 1
- Windows YARA scan across page boundaries
- Windows.ldrmodules issue HOT 7
- TrueCrypt Windows - PE data section not DWORD-aligned! HOT 8
- Linux ISF Server Down HOT 6
- Page error in layer when dumping Windows 10 hashes HOT 9
- Linux Network Connection Analysis HOT 3
- windows.registry.certificates Bugs HOT 5
- Missing plugin -> unloadedmodules
- An invalid symbol table when using windows.virtmap HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from volatility3.