Volatility: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 5: | Line 5: | ||
vol.exe -f chall1.raw --profile Win7SP1x86 hashdump | vol.exe -f chall1.raw --profile Win7SP1x86 hashdump | ||
keyword login windows | |||
ntlm login | ntlm login | ||
Revision as of 09:22, 24 July 2024
vol.exe -f chall1.raw imageinfo vol.exe -f chall1.raw --profile Win7SP1x86 pslist vol.exe -f chall1.raw --profile Win7SP1x86 cmdscan vol.exe -f chall1.raw --profile Win7SP1x86 consoles vol.exe -f chall1.raw --profile Win7SP1x86 hashdump
keyword login windows
ntlm login