Displaying 1 result from an estimated 1 matches for "sapheads".
Did you mean:
aheads
2014 May 04
1
Memory Forensics of OpenSSH
Hello List,
One of my project needs memory forensics of OpenSSH. Here is a brief description of the problem:
I have a raw memory dump, and all of the kernel data structures (e.g., task_struct, mm_struct) have been figured out. Now, I want to retrieve the data structures (e.g., struct session_state) of an SSH process instance. Finding a session key (active_state->newkeys) could be an example.