From 735f0f2e7cec90e267f358baefa059bbf5768f75 Mon Sep 17 00:00:00 2001
From: Ulf Frisk <github_ufrisk@frizk.net>
Date: Wed, 7 Feb 2024 00:02:41 +0100
Subject: [PATCH] Version 5.8.24

---
 README.md                            |   4 ++--
 includes/leechcore.h                 |   2 +-
 includes/lib32/leechcore.lib         | Bin 5360 -> 5360 bytes
 includes/lib32/vmm.lib               | Bin 29216 -> 29216 bytes
 includes/lib64/leechcore.lib         | Bin 5268 -> 5268 bytes
 includes/lib64/vmm.lib               | Bin 28644 -> 28644 bytes
 includes/libarm64/leechcore.lib      | Bin 5268 -> 5268 bytes
 includes/libarm64/vmm.lib            | Bin 28644 -> 28644 bytes
 m_vmemd/version.h                    |   4 ++--
 memprocfs/version.h                  |   4 ++--
 vmm/pdb.c                            |   7 +++++++
 vmm/version.h                        |   4 ++--
 vmmpyc/version.h                     |   4 ++--
 vmmrust/leechcore_example/Cargo.toml |   2 +-
 vmmrust/m_example_plugin/Cargo.toml  |   2 +-
 vmmrust/memprocfs/Cargo.toml         |   2 +-
 vmmrust/memprocfs_example/Cargo.toml |   2 +-
 17 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/README.md b/README.md
index 30b6054..4737a0e 100644
--- a/README.md
+++ b/README.md
@@ -197,10 +197,10 @@ v1.1-v4.9
 
 Latest:
 * Bug fixes.
-* ntfs module: improvements.
-* web module: improved support and move from misc/web -> forenic/web.
+* Module improvements: ntfs, procinfo, web.
 * C# API: improvements.
 * Java API: support for java.lang.foreign (JDK21+) for efficient memory accesses.
 * Linux PCIe FPGA performance improvements.
 * FindEvil: AV detections from Windows Defender residing on the analyzed system.
 * Python API: new functionality (multi-read, type-read) and improved scatter read performance.
+* Support for Proxmox memory dump files.
diff --git a/includes/leechcore.h b/includes/leechcore.h
index e52e571..a912835 100644
--- a/includes/leechcore.h
+++ b/includes/leechcore.h
@@ -11,7 +11,7 @@
 // - README: https://github.com/ufrisk/LeechCore
 // - GUIDE:  https://github.com/ufrisk/LeechCore/wiki
 //
-// (c) Ulf Frisk, 2020-2023
+// (c) Ulf Frisk, 2020-2024
 // Author: Ulf Frisk, pcileech@frizk.net
 //
 // Header Version: 2.16.1
diff --git a/includes/lib32/leechcore.lib b/includes/lib32/leechcore.lib
index 0fde1c6eaa3e28a6f52e760963ffce7d65099335..3971c8689ed8ee9135d2c3a2858a3b0f8b1f96ca 100644
GIT binary patch
delta 102
zcmeyM`9X7o69?z1zJ#;<j0_AMlWV!8Ctu)}p4`Y$&X_;>Cr1op{^l@FIYw6TS6p9r
zPu|EaKY0dM7FbGy(;+!Ow?Hp5C4aIBcLhsD)!NsSH*jwPOUg{H=ivbA?cmAa003dv
BB*g##

delta 102
zcmeyM`9X7o69?z}56^$_Gcqu6Os?gUo_v8@dU7L2Ib+`BpByoad7HyH<rrCO&z=6f
zd-6tZ`N=c5vcOUroDRwPxdnQeDS4AkxGPwqp8h&Gc?0(*u%yi7dL9m--VUA&4geSv
BCvgA(

diff --git a/includes/lib32/vmm.lib b/includes/lib32/vmm.lib
index f1b51164b43c325f6506b9e2bfa96c817e50b9f8..584040fbdd7ae53226e0eee49f4f26571fca93c4 100644
GIT binary patch
delta 108
zcmZ4RgmJ+W#tmXtEITbfo|!CVwT3Z&@=hC#$?vW781pyFSqm|8GCLgnyOn`~foZb5
ymGtBgn-s7T10X49Ej^jlHkQ-hboIxJP!(pA7uptrRme=%x8s1Q+8k_m)))Xxk0jv$

delta 108
zcmZ4RgmJ+W#tmXtEZ*k7eoU6KTEmz(d8duW<o8y3jCq^otc4gkSE#&tv6X>=foZb5
ymGtBgn-s7T10X49Ej^jlHkMQSZ2PT?P!(pA7uptrRme=%x8s1Q+8k_m)))Y2)g^WS

diff --git a/includes/lib64/leechcore.lib b/includes/lib64/leechcore.lib
index 35a48e551cbb9f468f269793419a02b3a0a2dfa0..cc6c29a07e11a746b0fe5eccf9ef304aaaf12f2d 100644
GIT binary patch
delta 106
zcmbQDIYo2BH+D{~usxso85tNjCL3}|PnP1C#F#&MEk_Jv{$?&tIYyS9TVDQ|ti#m>
w7S))1pNj*?;^LH^%*-9jTD>yt$^FT?T=GDD(v#<NmxEQQAXIIR=P~5~077~p=l}o!

delta 106
zcmbQDIYo2BH+D|#RkjEC85tNjCL3}|PnP1C#F#gEEk_Jv-exXNIYt({^IVT7>u_~}
vMKvbh=i&gexHzRJGjqqXn%S<rc7L)impo9P^yK;6<zQ7R2vwWoc}zI~w!k03

diff --git a/includes/lib64/vmm.lib b/includes/lib64/vmm.lib
index 97c465de4ab8e2514b15aa11d4fe588688b4baa2..91456a8feb3af1c16735abcc79eaa0b605c07fba 100644
GIT binary patch
delta 100
zcmaEIpYh3k#tn8BoOR_}?=mwoFmOyxw342@&RTkMtwkYY{^W;N8k5B>^%(OvyIBe`
xvd&FZIJR|izqS128mknrv;mM5vaVp+X>{|~<UZ>)U_q71@irVlJsCDN#sF+GC4~S0

delta 100
zcmaEIpYh3k#tn8BoQ;JW&NDMIFmOyxw342@&RTkMtwkYY-sFc?8k5B>^%(OuyIBe`
xvaSei__uX(zqS128mknrv;mM5vaVoJKI{8`a-a1Yu%OE1cpDC&o(!8BV*qqbC4K+^

diff --git a/includes/libarm64/leechcore.lib b/includes/libarm64/leechcore.lib
index 9b0f88408e41c10d8869058ab689f686d73a4ee2..9c3f7fc88b667578045fe4588e4afb336bad9563 100644
GIT binary patch
delta 106
zcmbQDIYo2BH+If1IqH}B85tNjCL3}|PnP1C#F#&MEk_Jv{$?&tIYt)wpSE`=>u_~}
vMKvbh=i&gexHzRJGjqqXR^N2`dVjJmmpo9P^yK;6<zQ7R2vwWoc}zI~5a%Hv

delta 106
zcmbQDIYo2BH+IekuiB3DGcqu6Og7|_o-D;Ni7{{TT8<dTyv<yka*QmuyF<QD*5T>`
wi)u{1&&2^`adApdX6BA%{hRyh|NY6jT=GDD(v#<NmxEQQAXIIR=P~5~0F>k-9smFU

diff --git a/includes/libarm64/vmm.lib b/includes/libarm64/vmm.lib
index 865767ff7ebfd4d721ea08cdc049c12626a09085..e77666dc6c1069423d3b6289539215e7ed096a4f 100644
GIT binary patch
delta 100
zcmaEIpYh3k#tn8BoT&^I2bdWd7&s;;T1ih{XDvOs)}oLxfAT{sjmhGcdW`v--7JL|
xStC0Y&TXCCZ!JH$#wrCYZ2%;NtSeZOWH)`A+-JQ8ET}R$-i8CHC&Q-37yt;WBk%wK

delta 100
zcmaEIpYh3k#tn8Bobk89A2BmBFmOyxw342@&RTkMtwkYY-sFc?8k5B>^%(OuyIBe`
xvTAfQKHfUH-&%fhja3R*+5kujSy!-FWE9??+-JQ8ET}R$-i8CHC&Q-37yv<aBu@YU

diff --git a/m_vmemd/version.h b/m_vmemd/version.h
index 9031334..d4844bb 100644
--- a/m_vmemd/version.h
+++ b/m_vmemd/version.h
@@ -3,8 +3,8 @@
 
 #define VERSION_MAJOR               5
 #define VERSION_MINOR               8
-#define VERSION_REVISION            23
-#define VERSION_BUILD               143
+#define VERSION_REVISION            24
+#define VERSION_BUILD               144
 
 #define VER_FILE_DESCRIPTION_STR    "MemProcFS : Plugin vmemd"
 #define VER_FILE_VERSION            VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD
diff --git a/memprocfs/version.h b/memprocfs/version.h
index b4526f9..2f74233 100644
--- a/memprocfs/version.h
+++ b/memprocfs/version.h
@@ -3,8 +3,8 @@
 
 #define VERSION_MAJOR               5
 #define VERSION_MINOR               8
-#define VERSION_REVISION            23
-#define VERSION_BUILD               143
+#define VERSION_REVISION            24
+#define VERSION_BUILD               144
 
 #define VER_FILE_DESCRIPTION_STR    "MemProcFS"
 #define VER_FILE_VERSION            VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD
diff --git a/vmm/pdb.c b/vmm/pdb.c
index 4f6a972..f9c358d 100644
--- a/vmm/pdb.c
+++ b/vmm/pdb.c
@@ -1328,6 +1328,13 @@ fail_mspdb:
         strncat_s(szPathLib, MAX_PATH, "libpdbcrust", _TRUNCATE);
         strncat_s(szPathLib, MAX_PATH, VMM_LIBRARY_FILETYPE, _TRUNCATE);
         ctx->crust.hModule = LoadLibraryA(szPathLib);
+#ifndef _WIN32
+        if(!ctx->crust.hModule) {
+            strncat_s(szPathLib, MAX_PATH, "libpdbcrust2", _TRUNCATE);
+            strncat_s(szPathLib, MAX_PATH, VMM_LIBRARY_FILETYPE, _TRUNCATE);
+            ctx->crust.hModule = LoadLibraryA(szPathLib);
+        }
+#endif /* _WIN32 */
         if(!ctx->crust.hModule) {
             PDB_PrintError(H, "Reason: Could not load PDB required file - libpdbcrust.dll/so.", szErrorMSPDB);
             goto fail;
diff --git a/vmm/version.h b/vmm/version.h
index f538241..cb22ddb 100644
--- a/vmm/version.h
+++ b/vmm/version.h
@@ -3,8 +3,8 @@
 
 #define VERSION_MAJOR               5
 #define VERSION_MINOR               8
-#define VERSION_REVISION            23
-#define VERSION_BUILD               143
+#define VERSION_REVISION            24
+#define VERSION_BUILD               144
 
 #define VER_FILE_DESCRIPTION_STR    "MemProcFS : Core"
 #define VER_FILE_VERSION            VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD
diff --git a/vmmpyc/version.h b/vmmpyc/version.h
index f520df8..78d59f8 100644
--- a/vmmpyc/version.h
+++ b/vmmpyc/version.h
@@ -3,8 +3,8 @@
 
 #define VERSION_MAJOR               5
 #define VERSION_MINOR               8
-#define VERSION_REVISION            23
-#define VERSION_BUILD               143
+#define VERSION_REVISION            24
+#define VERSION_BUILD               144
 
 #define VER_FILE_DESCRIPTION_STR    "MemProcFS : Python API"
 #define VER_FILE_VERSION            VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD
diff --git a/vmmrust/leechcore_example/Cargo.toml b/vmmrust/leechcore_example/Cargo.toml
index 93c88ee..65aa174 100644
--- a/vmmrust/leechcore_example/Cargo.toml
+++ b/vmmrust/leechcore_example/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "leechcore_example"
-version = "5.8.23"
+version = "5.8.24"
 edition = "2021"
 publish = false
 
diff --git a/vmmrust/m_example_plugin/Cargo.toml b/vmmrust/m_example_plugin/Cargo.toml
index 7322cb8..39e7ae1 100644
--- a/vmmrust/m_example_plugin/Cargo.toml
+++ b/vmmrust/m_example_plugin/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "m_example_plugin"
-version = "5.8.23"
+version = "5.8.24"
 edition = "2021"
 publish = false
 
diff --git a/vmmrust/memprocfs/Cargo.toml b/vmmrust/memprocfs/Cargo.toml
index 73576f2..5878634 100644
--- a/vmmrust/memprocfs/Cargo.toml
+++ b/vmmrust/memprocfs/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "memprocfs"
-version = "5.8.23"
+version = "5.8.24"
 edition = "2021"
 description = "MemProcFS - Physical Memory Analysis Framework"
 homepage = "https://github.com/ufrisk/MemProcFS"
diff --git a/vmmrust/memprocfs_example/Cargo.toml b/vmmrust/memprocfs_example/Cargo.toml
index 81869b0..52a024c 100644
--- a/vmmrust/memprocfs_example/Cargo.toml
+++ b/vmmrust/memprocfs_example/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "memprocfs_example"
-version = "5.8.23"
+version = "5.8.24"
 edition = "2021"
 publish = false