Hello out there, I have a crash kernel dump of a crashed kernel and I try to dissect the content of the file system with the volatility framework. I installed volatility and dwarf2json. Then I started to analyse the dump file with
but got the errorCode:vol -vvvvv -f WV78J0~Z201220221336 linux.bash.BashSo I looked how to provide this plugin or profile? I have the kernel which crashed with the kernel dump image in vmlinux, with debugging symbols. So I triedHTML Code:Unsatisfied requirement plugins.Bash.kernel: Linux kernel
and copied this file to /usr/lib/python-3.10/site-packages/volatility3/symbols/linux.json.Code:dwarf2json linux --elf ~chris/vmlinux > linux.json
I also tried:
But the result remains the same, what can I do here?Code:dwarf2json linux --elf vmlinux --system-map System.map | xz -c > linux.json.xz
Thank you in advance
BR Chris
