Override the base with vtypes for x86 Vista, 2008, and 7.
More...
|
def | modification (self, profile) |
|
def | check (self, profile) |
| Returns True or False as to whether the Modification should be applied.
|
|
def | dependencies (self, profile) |
| Returns a list of modifications that should go before this, and modifications that need to be after this.
|
|
def | modification (self, profile) |
| Abstract function for modifying the profile.
|
|
|
list | before = ['WindowsOverlay', 'WindowsObjectClasses', 'ServiceBase'] |
|
dictionary | conditions |
|
list | before = [] |
|
list | after = [] |
|
dictionary | conditions = {} |
|
Override the base with vtypes for x86 Vista, 2008, and 7.
dictionary volatility.plugins.malware.svcscan.ServiceVistax86.conditions |
|
static |
Initial value: 1 = {
'os':
lambda x: x ==
'windows',
2 'major':
lambda x: x == 6,
3 'minor':
lambda x: x < 2,
4 'memory_model':
lambda x: x ==
'32bit'}
The documentation for this class was generated from the following file:
- volatility/plugins/malware/svcscan.py