sync with r3514

AUTHORS.txt

@@ -18,7 +18,7 @@ AAron Walters
 Volatility 1.3:
 ------------
 
-AAron Walters <awalters@volatilesystems.com>
+AAron Walters <awalters@4tphi.net>
 Volatile Systems LLC
 
 Brendan Dolan-Gavitt <bdolangavitt@wesleyan.edu>

LEGAL.txt

@@ -4,20 +4,18 @@ Volatility
 License
 -------
 
-Copyright (C) 2007-2011 Volatile Systems
+Copyright (C) 2007-2013 Volatility Foundation
 
-Volatility is free software; you can redistribute it and/or
-modify it under the terms of the GNU General Public License
-as published by the Free Software Foundation; either version 2
-of the License, or (at your option) any later version.
+Volatility is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License Version 2 as
+published by the Free Software Foundation.  You may not use, modify or
+distribute this program under any other version of the GNU General
+Public License.
 
 Volatility is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 
 You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301,
-USA.
-
+along with Volatility.  If not, see <http://www.gnu.org/licenses/>.

LICENSE.txt

@@ -2,7 +2,7 @@
 		       Version 2, June 1991
 
  Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.
 
@@ -278,3 +278,14 @@ PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGES.
 
 		     END OF TERMS AND CONDITIONS
+
+Notwithstanding any rights to use the Software granted by the foregoing, 
+if entities or individuals have received a Cease & Desist letter from 
+the Volatility Project, the Volatility Foundation, or its copyright holders 
+for violating the terms of the GPL version 2, those entities (their employees,
+subcontractors, independent contractors, and affiliates) and / or persons 
+are granted no such rights and any use by any one or more of them is 
+expressly prohibited, in accordance with Section 4 of the GPL version 2. 
+Any rights granted to such entities and / or persons by earlier license
+agreements have been previously terminated as to them. 
+

PKG-INFO

@@ -2,9 +2,9 @@ Metadata-Version: 1.0
 Name: Volatility
 Version: GC1
 Summary: Volatility -- Volatile memory framwork
-Home-page: http://www.volatilesystems.com
+Home-page: http://www.volatilityfoundation.org
 Author: AAron Walters
-Author-email: awalters@volatilesystems.com
+Author-email: awalters@4tphi.net
 License: GPL
 Description: UNKNOWN
 Platform: UNKNOWN

README.txt

@@ -13,7 +13,6 @@ from volatile memory samples and provide a platform for further work into
 this exciting area of research.
 
 The Volatility distribution is available from: 
-https://www.volatilesystems.com/default/volatility or 
 http://code.google.com/p/volatility/downloads/list
 
 Volatility should run on any platform that supports 
@@ -52,7 +51,7 @@ capabilities. For acquisition, there are both free and commercial
 solutions available. If you would like suggestions about suitable 
 acquisition solutions, please contact us at:
 
-volatility (at) volatilesystems (dot) com
+volatility (at) volatilityfoundation (dot) org
 
 Volatility supports a variety of sample file formats and the
 ability to convert between these formats:
@@ -101,12 +100,12 @@ Contact
 =======
 For information or requests, contact:
 
-Volatile Systems
+Volatility Foundation
 
-Web: http://www.volatilesystems.com/
+Web: http://www.volatilityfoundation.org/
      http://volatility.tumblr.com/
 
-Email: volatility (at) volatilesystems (dot) com
+Email: volatility (at) volatilityfoundation (dot) org
 
 IRC: #volatility on freenode
 
@@ -122,15 +121,14 @@ Some plugins may have other requirements which can be found at:
 Quick Start
 ===========
 1. Unpack the latest version of Volatility from
-   https://www.volatilesystems.com/default/volatility or 
    http://code.google.com/p/volatility/downloads/list
 
 2. To see available options, run "python vol.py -h"  
 
    Example:
 
 $ python vol.py -h
-Volatile Systems Volatility Framework 2.3
+Volatility Foundation Volatility Framework 2.3
 Usage: Volatility - A memory forensics analysis platform.
 
 Options:
@@ -165,7 +163,7 @@ Options:
   -k KPCR, --kpcr=KPCR  Specify a specific KPCR address
 
 $ python vol.py --info
-Volatile Systems Volatility Framework 2.3
+Volatility Foundation Volatility Framework 2.3
 
 Profiles
 --------
@@ -402,7 +400,7 @@ PoolTagCheck           - This scanner checks for the occurance of a pool tag
    Example:
 
     > python vol.py imageinfo -f WIN-II7VOJTUNGL-20120324-193051.raw 
-    Volatile Systems Volatility Framework 2.3
+    Volatility Foundation Volatility Framework 2.3
     Determining profile based on KDBG search...
 
               Suggested Profile(s) : Win2008R2SP0x64, Win7SP1x64, Win7SP0x64, Win2008R2SP1x64 (Instantiated with Win7SP0x64)
@@ -432,24 +430,23 @@ PoolTagCheck           - This scanner checks for the occurance of a pool tag
 Licensing and Copyright
 =======================
 
-Copyright (C) 2007-2011 Volatile Systems
+Copyright (C) 2007-2013 Volatility Foundation
 
 All Rights Reserved
 
-This program is free software; you can redistribute it and/or
-modify it under the terms of the GNU General Public License
-as published by the Free Software Foundation; either version 2
-of the License, or (at your option) any later version.
+Volatility is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License Version 2 as
+published by the Free Software Foundation.  You may not use, modify or
+distribute this program under any other version of the GNU General
+Public License.
 
-This program is distributed in the hope that it will be useful,
+Volatility is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 
 You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  
-02111-1307, USA.
+along with Volatility.  If not, see <http://www.gnu.org/licenses/>.
 
 Bugs and Support
 ================
@@ -484,7 +481,7 @@ Other options for communicaton can be found at:
 
 Missing or Truncated Information
 ================================
-Volatile Systems makes no claims about the validity or correctness of the
+Volatility Foundation makes no claims about the validity or correctness of the
 output of Volatility. Many factors may contribute to the
 incorrectness of output from Volatility including, but not
 limited to, malicious modifications to the operating system,

contrib/plugins/disablewarnings.py

@@ -3,19 +3,21 @@
 # Authors:
 # Mike Auty <mike.auty@gmail.com>
 #
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or (at
-# your option) any later version.
+# This file is part of Volatility.
 #
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details. 
+# Volatility is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License Version 2 as
+# published by the Free Software Foundation.  You may not use, modify or
+# distribute this program under any other version of the GNU General
+# Public License.
+#
+# Volatility is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+# along with Volatility.  If not, see <http://www.gnu.org/licenses/>.
 #
 
 import volatility.conf as conf

contrib/plugins/enumfunc.py

@@ -1,19 +1,21 @@
 # Volatility
 # Copyright (c) 2012 Michael Ligh (michael.ligh@mnin.org)
 #
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or (at
-# your option) any later version.
+# This file is part of Volatility.
 #
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details. 
+# Volatility is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License Version 2 as
+# published by the Free Software Foundation.  You may not use, modify or
+# distribute this program under any other version of the GNU General
+# Public License.
+#
+# Volatility is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+# along with Volatility.  If not, see <http://www.gnu.org/licenses/>.
 #
 
 import volatility.plugins.taskmods as taskmods

contrib/plugins/example.py

@@ -3,19 +3,21 @@
 # Authors:
 # Mike Auty <mike.auty@gmail.com>
 #
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or (at
-# your option) any later version.
+# This file is part of Volatility.
 #
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details. 
+# Volatility is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License Version 2 as
+# published by the Free Software Foundation.  You may not use, modify or
+# distribute this program under any other version of the GNU General
+# Public License.
+#
+# Volatility is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+# along with Volatility.  If not, see <http://www.gnu.org/licenses/>.
 #
 
 import volatility.timefmt as timefmt

contrib/plugins/malware/poisonivy.py

@@ -8,19 +8,22 @@
 #
 # This plugin is based on zeusscan2.py by Michael Hale Ligh.
 #
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or (at
-# your option) any later version.
+# This file is part of Volatility.
 #
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details. 
+# Volatility is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License Version 2 as
+# published by the Free Software Foundation.  You may not use, modify or
+# distribute this program under any other version of the GNU General
+# Public License.
+#
+# Volatility is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+# along with Volatility.  If not, see <http://www.gnu.org/licenses/>.
+#
 
 import volatility.plugins.taskmods as taskmods
 import volatility.obj as obj
@@ -391,4 +394,4 @@ def render_text(self, outfd, data):
                 for i, proxy in enumerate(config.get_proxies()):
                     outfd.write('\tHost {0}: {1}:{2} ({3})\n'.format(i, proxy.hostname, proxy.port, proxy.proto))
 
-            outfd.write("\nDecrypt: {0:#x}\n".format(config.func_Decrypt))
+            outfd.write("\nDecrypt: {0:#x}\n".format(config.func_Decrypt))

contrib/plugins/malware/zeusscan.py

@@ -6,19 +6,21 @@
 # Citadel support:
 # Santiago Vicente <smvicente@invisson.com>
 #
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or (at
-# your option) any later version.
+# This file is part of Volatility.
 #
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details. 
+# Volatility is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License Version 2 as
+# published by the Free Software Foundation.  You may not use, modify or
+# distribute this program under any other version of the GNU General
+# Public License.
+#
+# Volatility is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+# along with Volatility.  If not, see <http://www.gnu.org/licenses/>.
 #
 
 import struct, hashlib
@@ -592,4 +594,4 @@ def render_extra(self, outfd, task, vad, params):
                            params['login_key'])
 
         outfd.write("{0:<30} : {1}\n".format("Login key", params['login_key'].upper()))
-        outfd.write("{0:<30} : {1}\n".format("AES key", str(aes_key).encode('hex').upper()))
+        outfd.write("{0:<30} : {1}\n".format("AES key", str(aes_key).encode('hex').upper()))

contrib/plugins/pagecheck.py

@@ -1,18 +1,21 @@
 # Volatility
 #
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or (at
-# your option) any later version.
+# This file is part of Volatility.
 #
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details. 
+# Volatility is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License Version 2 as
+# published by the Free Software Foundation.  You may not use, modify or
+# distribute this program under any other version of the GNU General
+# Public License.
+#
+# Volatility is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+# along with Volatility.  If not, see <http://www.gnu.org/licenses/>.
+#
 
 import volatility.commands as commands
 import volatility.utils as utils