Someone wrote in ![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small} jessekornblum, |
Re: nvalid module [cryptoscan.py]
Hi,
I have been evaluating Volatility Framework and the cryptoscan plugin is a great development considering that it reveals the truecrypt passphrase.
Just would like to find out under what conditions would the cryptoscan plugin works? I have tested on a target system with a hidden volume created by truecrypt v6.2a. The acquired memory image is then loaded in Volatility with the cryptoscan plugin but there are no passphrases detected.
Hi,
I have been evaluating Volatility Framework and the cryptoscan plugin is a great development considering that it reveals the truecrypt passphrase.
Just would like to find out under what conditions would the cryptoscan plugin works? I have tested on a target system with a hidden volume created by truecrypt v6.2a. The acquired memory image is then loaded in Volatility with the cryptoscan plugin but there are no passphrases detected.
