Volatility

From Server STB
Revision as of 09:24, 24 July 2024 by Admin (talk | contribs)
Jump to navigation Jump to search 
 vol.exe -f chall1.raw imageinfo
 vol.exe -f chall1.raw --profile Win7SP1x86 pslist
 vol.exe -f chall1.raw --profile Win7SP1x86 cmdscan
 vol.exe -f chall1.raw --profile Win7SP1x86 consoles
 vol.exe -f chall1.raw --profile Win7SP1x86 hashdump

keyword login windows 

 ntlm login

 vol.exe -f chall2.raw --profile Win7SP1x64 memdump -p 2424 -D .
Retrieved from "http://wiki.serverstb.com/index.php?title=Volatility&oldid=822"