Error adding new plugin in 2.3.1
Closed this issue · 2 comments
GoogleCodeExporter commented
What steps will reproduce the problem?
1. add new plugin file myplugin.py
2. copy the content of the tutorial :Plugin example
https://code.google.com/p/volatility/wiki/PluginInterface22
3. run command
vol.py --profile=Win7SP0x64 myplugin -f /root/Desktop/memdump.mem
What is the expected output? What do you see instead?
=========================================
Expecting : something similar to the tutorial in
https://code.google.com/p/volatility/wiki/PluginInterface22
=========================================
Process: System, Pid: 4
Process: smss.exe, Pid: 368
Process: csrss.exe, Pid: 584
Process: winlogon.exe, Pid: 608
Process: services.exe, Pid: 652
Process: lsass.exe, Pid: 664
Process: svchost.exe, Pid: 824
==============================================
Getting
==============================================
*** Failed to import volatility.plugins.myPlugin (SyntaxError: invalid syntax
(myPlugin.py, line 14))
ERROR : __main__ : You must specify something to do (try -h)
What version of the product are you using? On what operating system?
2.3.1 on Kali GNU/Linux 1.0.9
Please provide any additional information below.
Plugin class gets created, but when I try to copy the rest of the tutorial and
run the command it gives a syntax error.
Original issue reported on code.google.com by milindaw...@gmail.com on 5 Apr 2015 at 4:08
- Merged into: #521
GoogleCodeExporter commented
Firstly, this issue is not a bug in volatility. If you need user support,
please email the volatility user mailing list, do not file a bug about it.
Secondly, this issue track is no longer used, the project has migrated to
GitHub. If you have an actual error in the way that volatility works, please
use the following github tracker:
https://github.com/volatilityfoundation/volatility/issues
Marking as invalid.
Original comment by mike.auty@gmail.com on 18 Apr 2015 at 10:44
- Changed state: Invalid
GoogleCodeExporter commented
Original comment by mike.auty@gmail.com on 18 Apr 2015 at 10:45
- Changed state: Duplicate