Exception: Memory address is not in process memory space #26
Comments
|
Sorry, I had to change file storage servers. Can you pls upload the dmp file? |
|
also, can you try with the version that is on git? I lost track of the version that is on pip (planning a new version release soon-ish) |
|
Thx for upload! |
|
Hello! Using the GitHub repository version, I have the same error but with a different memory address. I tried on a lsass dump from a Windows Server 2012 (uploaded).
Mimikatz's works with the dump. |
|
Closing this now, @alexandreborgo pls see new issue |
root@kali:~/pypykatz# pip3 install pypykatzroot@kali:~/pypykatz# pypykatz minidump /root/go/src/github.com/Coalfire-Research/Slackor/loot/eofaf.dmpINFO:root:Parsing file /root/go/src/github.com/Coalfire-Research/Slackor/loot/eofaf.dmp ERROR:root:Error while parsing file /root/go/src/github.com/Coalfire-Research/Slackor/loot/eofaf.dmp Traceback (most recent call last): File "/usr/local/lib/python3.7/dist-packages/pypykatz/__main__.py", line 116, in main mimi = pypykatz.parse_minidump_file(args.minidumpfile) File "/usr/local/lib/python3.7/dist-packages/pypykatz/pypykatz.py", line 56, in parse_minidump_file mimi.start() File "/usr/local/lib/python3.7/dist-packages/pypykatz/pypykatz.py", line 168, in start self.lsa_decryptor = self.get_lsa() File "/usr/local/lib/python3.7/dist-packages/pypykatz/pypykatz.py", line 98, in get_lsa lsa_dec = LsaDecryptor(self.reader, lsa_dec_template, self.sysinfo) File "/usr/local/lib/python3.7/dist-packages/pypykatz/lsadecryptor/lsa_decryptor.py", line 21, in __init__ self.acquire_crypto_material() File "/usr/local/lib/python3.7/dist-packages/pypykatz/lsadecryptor/lsa_decryptor.py", line 29, in acquire_crypto_material self.iv = self.get_IV(sigpos) File "/usr/local/lib/python3.7/dist-packages/pypykatz/lsadecryptor/lsa_decryptor.py", line 57, in get_IV self.reader.move(ptr_iv) File "/usr/local/lib/python3.7/dist-packages/minidump/minidumpreader.py", line 84, in move self._select_segment(address) File "/usr/local/lib/python3.7/dist-packages/minidump/minidumpreader.py", line 55, in _select_segment raise Exception('Memory address 0x%08x is not in process memory space' % requested_position) Exception: Memory address 0x7ffcb7317dbb is not in process memory space Traceback (most recent call last): File "/usr/local/lib/python3.7/dist-packages/pypykatz/__main__.py", line 116, in main mimi = pypykatz.parse_minidump_file(args.minidumpfile) File "/usr/local/lib/python3.7/dist-packages/pypykatz/pypykatz.py", line 56, in parse_minidump_file mimi.start() File "/usr/local/lib/python3.7/dist-packages/pypykatz/pypykatz.py", line 168, in start self.lsa_decryptor = self.get_lsa() File "/usr/local/lib/python3.7/dist-packages/pypykatz/pypykatz.py", line 98, in get_lsa lsa_dec = LsaDecryptor(self.reader, lsa_dec_template, self.sysinfo) File "/usr/local/lib/python3.7/dist-packages/pypykatz/lsadecryptor/lsa_decryptor.py", line 21, in __init__ self.acquire_crypto_material() File "/usr/local/lib/python3.7/dist-packages/pypykatz/lsadecryptor/lsa_decryptor.py", line 29, in acquire_crypto_material self.iv = self.get_IV(sigpos) File "/usr/local/lib/python3.7/dist-packages/pypykatz/lsadecryptor/lsa_decryptor.py", line 57, in get_IV self.reader.move(ptr_iv) File "/usr/local/lib/python3.7/dist-packages/minidump/minidumpreader.py", line 84, in move self._select_segment(address) File "/usr/local/lib/python3.7/dist-packages/minidump/minidumpreader.py", line 55, in _select_segment raise Exception('Memory address 0x%08x is not in process memory space' % requested_position) Exception: Memory address 0x7ffcb7317dbb is not in process memory spaceThis is a fresh Windows 10 VM.
Uploading the lsass dump to you now.
The text was updated successfully, but these errors were encountered: