Failed to import volatility.plugins.registry.shutdown (ImportError: No module named Crypto.Hash)

Windows 10 üzerinde Volatility aracı ile memory dump analizi yapmak istediğinizde aşağıdaki hatayı alıyorsanız yapmanız gereken, pycrypto ve distorm3’ü kurmaktır. Windows için kurulum bağlantılarına aşağıdan ulaşabilirsiniz.

http://www.voidspace.org.uk/python/modules.shtml#pycrypto
https://github.com/gdabah/distorm/releases/tag/v3.3.3

GNU/Linux tabanlı bir dağıtım kullanıyorsanız aşağıdaki komut işinizi görecektir.

[email protected]# pip install pycrypto && pip install distorm3

C:\Users\0x000c\volatility>C:\Python27\python.exe vol.py imageinfo -f WHOAMI-20200704-123629.raw

Volatility Foundation Volatility Framework 2.6.1

*** Failed to import volatility.plugins.registry.shutdown (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.getservicesids (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.timeliner (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.malware.apihooks (NameError: name ‘distorm3’ is not defined)

*** Failed to import volatility.plugins.malware.servicediff (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.registry.userassist (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.getsids (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.registry.shellbags (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.evtlogs (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.tcaudit (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.registry.dumpregistry (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.registry.lsadump (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.malware.threads (NameError: name ‘distorm3’ is not defined)

*** Failed to import volatility.plugins.mac.apihooks_kernel (ImportError: No module named distorm3)

*** Failed to import volatility.plugins.registry.amcache (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.mac.check_syscall_shadow (ImportError: No module named distorm3)

*** Failed to import volatility.plugins.malware.svcscan (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.registry.auditpol (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.ssdt (NameError: name ‘distorm3’ is not defined)

*** Failed to import volatility.plugins.registry.registryapi (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.mac.apihooks (ImportError: No module named distorm3)

*** Failed to import volatility.plugins.envars (ImportError: No module named Crypto.Hash)

*** Failed to import volatility.plugins.registry.shimcache (ImportError: No module named Crypto.Hash)

INFO : volatility.debug : Determining profile based on KDBG search…

COMMANDO Sat 07/04/2020 11:23:33.45