Is it possible to add stock profiles for Ubuntu 14.04 (x86/x64) systems?

That would be great! Because I tried producing my own profile with my "System.map-3.13.0-39-generic" but volatility fails to do anything. I keep getting all these errors: https://bpaste.net/show/859ecb584380

What does python vol.py --info show? Does the Linux profile show up?

For example I get the following:

python vol.py --info | grep Lin
Volatility Foundation Volatility Framework 2.4
LinuxUbuntu1404x86 - A Profile for Linux Ubuntu1404 x86
linux_banner               - Prints the Linux banner information
linux_yarascan             - A shell in the Linux memory image

Yes, it shows the profile that I have created just fine. I am not sure what causes it :/

I thought that you had like the same issue thats why requesting stock profiles to be uploaded here!

@em0vskangoura: what format is your memory dump in (i.e. how did you acquire, tools and options used)?

Sorry I do not currently have access to the box I took the dump and tried to analyze it. I mainly want to focus on android forensics, so I may not need that at all. But as far as I remember I used volatility 2.3, took the dump with fmem and dd, then created an ubuntu profile following the official volatility guide and tried to just use a simple linux plugin on it.

The usage of fmem and dd is probably what caused the issues. I would recommend using LiME (https://github.com/504ensicsLabs/LiME) instead. LiME also works with android.

Thanks for the reply!

I am using LiME for android but I just wanted to test dd + fmem out for linux. So thanks again for your suggestion i'll use lime for the linux box too.

No worries...yeah LiME acquires memory in a special way that takes into account the proper memory segmentation.