Releases: 504ensicsLabs/LiME
v1.10.1
Fix compiling for modern kernels and compilers
What's Changed
- use kmap atomic for kernels past 2.6.37 by @tsahee in #80
- Fix endless loop on PAE kernels with ranges > 4GiB by @fabianfreyer in #88
- [x86] Fix kmap_atomic raises scheduling while atomic bug by @qodroi in #110
- Rename raw mode expert and provide more warnings around use of this format. Closes #111 by @eve-mem in #121
- Changed main.c to be compliant with new kernel versions by @ITRaab in #127
- Fix the build process on ARMs by @eribertomota in #125
New Contributors
- @tsahee made their first contribution in #80
- @fabianfreyer made their first contribution in #88
- @qodroi made their first contribution in #110
- @eve-mem made their first contribution in #121
- @ITRaab made their first contribution in #127
- @eribertomota made their first contribution in #125
Full Changelog: v1.9.1...v1.10.0
Bug Fix and new kernel options
Release V1.9.1 Memory imaging is no longer very very very slow in certain cases. Supports new TCP options in kernel 4.8 Other fixes
Kernel Compression Option
Thanks to the great hard work of @valldrac, an option to compress memory using the zlib library from the kernel has been added.
Compression can significantly reduce the time required to acquire a memory capture. It can achieve the speedup of 4x over uncompressed transfers with a few memory overhead (~ 24 KB).
To enable add "compress=1" to your insmod parameters.
To decompress it you can use pigz or any zlib-compatible library.
See the README for more details.
This release also includes refactoring and cleaning.
Fixes for digest transfer
This release fixes issues for transferring a calculated digest over a
TCP socket. The module will now retry 10x when it fails to bind a socket.
The Makefile also provides an option to build a module without stripping
symbols
Memory Hashing
LiME v1.8 contains a minor bug fix and the ability to calculate and generate a hash digest of acquired memory.
Thanks to Daryl Bennett (@kd8bny) for the hard work in this area!
Fixes for kernels >= 4.11
documentation of the timeout parameter (Fixes #27) * documentation of the timeout parameter * Update README