Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

Imaging memory on Win7 64bit
From: Josh Little <josh () zombietango com>
Date: Fri, 17 Sep 2010 14:05:14 -0400


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
So it's only the second week of our first production trial of Win7 and
it seems as if someone has already gone and f'ed up their machine. So
I go to grab the memory to see what is really going on an low and
behold neither MDD or Memoryze can dump the memory contents. MDD is
falling foul of the signed driver only protections in Win7. Memoryze
completes, but with a 0byte img file. Probably for similar reasons as
MDD. Anyone know of a non-commercial tool that is working in Win7 64bit?

ZT
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
iF4EAREIAAYFAkyTrdMACgkQMRelb3QdcMe35AD9G1UBz8emwvUrNxJIMobbfD15
ng6Fe2iVJSLYI/mf2OQA/0CAxUJJ6gTwiAVCOow9You9c9VPyxVfu9VfigVXwK0j
=eeZm
-----END PGP SIGNATURE-----

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault