[Forensics-changes] [volatility] branch upstream updated (c39b324 -> 9dce184)

Thu Oct 27 12:11:34 UTC 2016

This is an automated email from the git hooks/post-receive script.

eriberto pushed a change to branch upstream
in repository volatility.

      from  c39b324   Imported Upstream version 2.5
       new  9dce184   Imported Upstream version 2.5+git20161021.19d1211

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.

Summary of changes:
 README.txt                                         |   107 +-
 contrib/plugins/malware/psempire.py                |    97 +
 contrib/plugins/saveconfig.py                      |   163 +
 pyinstaller.spec                                   |     2 +
 tools/doxygen/config                               |  2310 +++
 tools/doxygen/d3/createtree.py                     |    32 +
 tools/doxygen/d3/d3.js                             |     5 +
 tools/doxygen/d3/tree.html                         |   176 +
 tools/doxygen/vol.png                              |   Bin 0 -> 25074 bytes
 tools/linux/module.c                               |     5 +-
 tools/mac/convert.py                               |     9 +-
 tools/mac/mac_create_all_profiles.py               |     5 +-
 tools/mac/parse_pbzx2.py                           |    87 +
 volatility/addrspace.py                            |     2 +
 volatility/commands.py                             |    10 +-
 volatility/obj.py                                  |     5 +-
 volatility/plugins/addrspaces/amd64.py             |   186 +-
 volatility/plugins/addrspaces/elfcoredump.py       |     2 +-
 volatility/plugins/addrspaces/hibernate.py         |     4 +-
 volatility/plugins/addrspaces/intel.py             |    48 +-
 volatility/plugins/addrspaces/paged.py             |    32 +
 volatility/plugins/bigpagepools.py                 |    30 +-
 volatility/plugins/cmdline.py                      |    22 +-
 volatility/plugins/drivermodule.py                 |    22 +-
 volatility/plugins/evtlogs.py                      |     1 +
 volatility/plugins/getsids.py                      |    24 +-
 volatility/plugins/gui/editbox.py                  |   725 +-
 volatility/plugins/iehistory.py                    |   117 +-
 volatility/plugins/linux/arp.py                    |    21 +-
 .../{mac/version.py => linux/aslr_shift.py}        |    22 +-
 volatility/plugins/linux/check_modules.py          |     4 +-
 volatility/plugins/linux/check_syscall.py          |     7 +-
 volatility/plugins/linux/common.py                 |     9 +-
 volatility/plugins/linux/dmesg.py                  |     4 +-
 volatility/plugins/linux/find_file.py              |    22 +-
 volatility/plugins/linux/hidden_modules.py         |     4 +-
 volatility/plugins/linux/malfind.py                |    11 +-
 volatility/plugins/linux/mount.py                  |    46 +-
 volatility/plugins/linux/netscan.py                |     3 +
 volatility/plugins/linux/netstat.py                |     2 +-
 volatility/plugins/linux/pkt_queues.py             |    39 +-
 volatility/plugins/linux/pslist.py                 |    63 +-
 volatility/plugins/linux/psscan.py                 |    92 +
 volatility/plugins/linux/psxview.py                |    31 +-
 volatility/plugins/mac/apihooks.py                 |    10 +-
 volatility/plugins/mac/bash_env.py                 |    28 +-
 volatility/plugins/mac/bash_hash.py                |    11 +-
 volatility/plugins/mac/check_fop.py                |   131 +
 volatility/plugins/mac/classes.py                  |   108 +
 volatility/plugins/mac/devfs.py                    |    88 +
 volatility/plugins/mac/get_profile.py              |    88 +-
 volatility/plugins/mac/interest_handlers.py        |   188 +
 volatility/plugins/mac/kevents.py                  |   131 +
 volatility/plugins/mac/list_files.py               |   197 +-
 volatility/plugins/mac/lsmod_iokit.py              |     2 +-
 volatility/plugins/mac/netconns.py                 |     2 +-
 volatility/plugins/mac/pslist.py                   |    40 +-
 volatility/plugins/mac/pstasks.py                  |    20 -
 volatility/plugins/mac/recover_filesystem.py       |     3 +-
 volatility/plugins/mac/timers.py                   |    99 +
 volatility/plugins/mac/vfsevents.py                |    76 +
 volatility/plugins/malware/malfind.py              |    15 +-
 volatility/plugins/malware/servicediff.py          |    16 +-
 volatility/plugins/malware/svcscan.py              |    16 +-
 volatility/plugins/malware/threads.py              |   190 +-
 volatility/plugins/mbrparser.py                    |     6 +-
 volatility/plugins/overlays/linux/elf.py           |    24 +-
 volatility/plugins/overlays/linux/linux.py         |   274 +-
 volatility/plugins/overlays/mac/mac.py             |   472 +-
 volatility/plugins/overlays/windows/pe_vtypes.py   |    56 +-
 volatility/plugins/overlays/windows/vad_vtypes.py  |    25 +-
 volatility/plugins/overlays/windows/vista.py       |    10 +
 volatility/plugins/overlays/windows/win10.py       |   256 +-
 ..._x64_vtypes.py => win10_x64_1AC738FB_vtypes.py} |  2510 +--
 ..._x64_vtypes.py => win10_x64_DD08DD42_vtypes.py} | 16815 ++++++++++---------
 ..._x86_vtypes.py => win10_x86_44B89EEA_vtypes.py} |  2236 +--
 ..._x86_vtypes.py => win10_x86_9619274A_vtypes.py} | 16181 +++++++++---------
 volatility/plugins/overlays/windows/win2003.py     |     7 +
 volatility/plugins/overlays/windows/win7.py        |    30 +
 ...4_vtypes.py => win7_sp1_x64_632B36E0_vtypes.py} |  1483 +-
 ...6_vtypes.py => win7_sp1_x86_BBA98F40_vtypes.py} |  1730 +-
 volatility/plugins/overlays/windows/win8.py        |    23 +
 volatility/plugins/overlays/windows/win8_kdbg.py   |    60 +-
 ...4_vtypes.py => win8_sp1_x64_54B5A1C6_vtypes.py} |   893 +-
 volatility/plugins/overlays/windows/xp.py          |     2 +
 volatility/plugins/registry/auditpol.py            |    61 +-
 volatility/plugins/registry/shellbags.py           |     2 +-
 volatility/plugins/registry/shutdown.py            |    12 +-
 volatility/plugins/strings.py                      |    20 +-
 volatility/plugins/tcaudit.py                      |     2 +
 volatility/plugins/timeliner.py                    |     2 +-
 volatility/plugins/vadinfo.py                      |     7 +-
 volatility/plugins/volshell.py                     |    37 +-
 volatility/renderers/sqlite.py                     |    12 +-
 volatility/win32/hashdump.py                       |     2 +
 volatility/win32/tasks.py                          |     8 +-
 96 files changed, 28139 insertions(+), 21186 deletions(-)
 create mode 100644 contrib/plugins/malware/psempire.py
 create mode 100644 contrib/plugins/saveconfig.py
 create mode 100644 tools/doxygen/config
 create mode 100644 tools/doxygen/d3/createtree.py
 create mode 100644 tools/doxygen/d3/d3.js
 create mode 100644 tools/doxygen/d3/tree.html
 create mode 100644 tools/doxygen/vol.png
 mode change 100644 => 100755 tools/mac/convert.py
 create mode 100644 tools/mac/parse_pbzx2.py
 copy volatility/plugins/{mac/version.py => linux/aslr_shift.py} (66%)
 create mode 100644 volatility/plugins/linux/psscan.py
 create mode 100644 volatility/plugins/mac/check_fop.py
 create mode 100644 volatility/plugins/mac/classes.py
 create mode 100644 volatility/plugins/mac/devfs.py
 create mode 100644 volatility/plugins/mac/interest_handlers.py
 create mode 100644 volatility/plugins/mac/kevents.py
 create mode 100644 volatility/plugins/mac/timers.py
 create mode 100644 volatility/plugins/mac/vfsevents.py
 copy volatility/plugins/overlays/windows/{win10_x64_vtypes.py => win10_x64_1AC738FB_vtypes.py} (93%)
 copy volatility/plugins/overlays/windows/{win10_x64_vtypes.py => win10_x64_DD08DD42_vtypes.py} (84%)
 copy volatility/plugins/overlays/windows/{win10_x86_vtypes.py => win10_x86_44B89EEA_vtypes.py} (93%)
 copy volatility/plugins/overlays/windows/{win10_x86_vtypes.py => win10_x86_9619274A_vtypes.py} (83%)
 copy volatility/plugins/overlays/windows/{win7_sp1_x64_vtypes.py => win7_sp1_x64_632B36E0_vtypes.py} (95%)
 mode change 100644 => 100755
 copy volatility/plugins/overlays/windows/{win7_sp1_x86_vtypes.py => win7_sp1_x86_BBA98F40_vtypes.py} (95%)
 mode change 100644 => 100755
 copy volatility/plugins/overlays/windows/{win81_u1_x64_vtypes.py => win8_sp1_x64_54B5A1C6_vtypes.py} (96%)

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/volatility.git