commandlinefu.com is the place to record those command-line gems that you return to again and again.
You can sign-in using OpenID credentials, or register a traditional username and password.
Subscribe to the feed for:
wmr - | pv -s $SIZEOFMEM | ssh -p 40004 -c arcfour,blowfish-cbc -C email@example.com "cat - > /forensics/T430-8gb-RAM1.dd"
Run above command from Windows Cygwin:
On Windows: Install Cygwin, and copy WMR (windows memory reader 1.0) memory diagnostic into cygwin\bin folder, also install cygwins netcat and ssh (openssh). I recommend installing apt-cyg and running "
On Linux: Have an SSH Server
WINDOWS: # wmr - | ssh firstname.lastname@example.org "cat - > /tmp/FileToSave.dd"
For more details on how to extract information from memory dump:
apt-get install foremost
foremost -t all -T -i /forensics/T430-8gb-RAM1.dd
For more information:
There are 3 alternatives - vote for the best!
If you can do better, submit your command here.
You must be signed in to comment.