def migrate(revision):
"""Perform database migrations."""
if not migrate_database(revision):
print red(">>> Error migrating your database..")
exit(1)
print yellow(">>> Your database migration was successful!")
def dist_migrate():
args = [
"alembic", "-x", "cwd=%s" % cwd(), "upgrade", "head",
]
try:
subprocess.check_call(
args, cwd=cwd("distributed", "migration", private=True)
)
except subprocess.CalledProcessError:
print red(">>> Error migrating your database..")
exit(1)
print yellow(">>> Your database migration was successful!")
def submit(ctx, target, url, options, package, custom, owner, timeout,
priority, machine, platform, memory, enforce_timeout, clock, tags,
baseline, remote, shuffle, pattern, max, unique):
"""Submit one or more files or URLs to Cuckoo."""
init_console_logging(level=ctx.parent.level)
Database().connect()
try:
l = submit_tasks(
target, options, package, custom, owner, timeout, priority,
machine, platform, memory, enforce_timeout, clock, tags, remote,
pattern, max, unique, url, baseline, shuffle
)
for category, target, task_id in l:
if task_id:
print "%s: %s \"%s\" added as task with ID #%s" % (
bold(green("Success")), category, target, task_id
)
else:
print "%s: %s \"%s\" as it has already been analyzed" % (
bold(yellow("Skipped")), category, target
)
except KeyboardInterrupt:
print(red("Aborting submission of samples.."))
def community(ctx, force, branch, filepath):
"""Fetch supplies from the Cuckoo Community."""
init_console_logging(level=ctx.parent.level)
try:
fetch_community(force=force, branch=branch, filepath=filepath)
log.info("Finished fetching & extracting the community files!")
except KeyboardInterrupt:
print(yellow("Aborting fetching of the Cuckoo Community resources.."))
def emit(self, record):
colored = copy.copy(record)
if record.levelname == "WARNING":
colored.msg = yellow(record.msg)
elif record.levelname == "ERROR" or record.levelname == "CRITICAL":
colored.msg = red(record.msg)
else:
if "analysis procedure completed" in record.msg:
colored.msg = cyan(record.msg)
else:
colored.msg = record.msg
logging.StreamHandler.emit(self, colored)
def check_version():
"""Checks version of Cuckoo."""
if not config("cuckoo:cuckoo:version_check"):
return
print(" Checking for updates...")
try:
r = requests.post(
"http://api.cuckoosandbox.org/checkversion.php",
data={"version": version}
)
r.raise_for_status()
r = r.json()
except (requests.RequestException, ValueError) as e:
print(red(" Error checking for the latest Cuckoo version: %s!" % e))
return
if not isinstance(r, dict) or r.get("error"):
print(red(" Error checking for the latest Cuckoo version:"))
print(yellow(" Response: %s" % r))
return
rc1_responses = "NEW_VERSION", "NO_UPDATES"
# Deprecated response.
if r.get("response") in rc1_responses and r.get("current") == "2.0-rc1":
print(green(" You're good to go!"))
return
try:
old = StrictVersion(version) < StrictVersion(r.get("current"))
except ValueError:
old = True
if old:
msg = "Cuckoo Sandbox version %s is available now." % r.get("current")
print(red(" Outdated! ") + msg),
else:
print(green(" You're good to go!"))
def check_version():
"""Checks version of Cuckoo."""
if not config("cuckoo:cuckoo:version_check"):
return
print(" Checking for updates...")
try:
r = requests.get(
"https://cuckoosandbox.org/updates.json",
params={"version": version}, timeout=6
)
r.raise_for_status()
r = r.json()
except (requests.RequestException, ValueError) as e:
print(red(" Error checking for the latest Cuckoo version: %s!" % e))
return
try:
old = StrictVersion(version) < StrictVersion(r["version"])
except ValueError:
old = True
if old:
msg = "Cuckoo Sandbox version %s is available now." % r["version"]
print(red(" Outdated! ") + msg)
else:
print(green(" You're good to go!"))
print("\n Our latest blogposts:")
for blogpost in r["blogposts"]:
print(" * %s, %s." % (yellow(blogpost["title"]), blogpost["date"]))
print(" %s" % red(blogpost["oneline"]))
print(" More at %s" % blogpost["url"])
print("")
return r
def submit_tasks(target, options, package, custom, owner, timeout, priority,
machine, platform, memory, enforce_timeout, clock, tags,
remote, pattern, maxcount, is_unique, is_url, is_baseline,
is_shuffle):
db = Database()
data = dict(
package=package or "",
timeout=timeout,
options=options,
priority=priority,
machine=machine,
platform=platform,
custom=custom,
owner=owner,
tags=tags,
memory="1" if memory else "0",
enforce_timeout="1" if enforce_timeout else "0",
clock=clock,
unique="1" if is_unique else "0",
)
if is_baseline:
if remote:
print "Remote baseline support has not yet been implemented."
return
task_id = db.add_baseline(timeout, owner, machine, memory)
yield "Baseline", machine, task_id
return
if is_url and is_unique:
print "URL doesn't have --unique support yet."
return
if is_url:
for url in target:
if not remote:
data.pop("unique", None)
task_id = db.add_url(to_unicode(url), **data)
yield "URL", url, task_id
continue
data["url"] = to_unicode(url)
try:
r = requests.post(
"http://%s/tasks/create/url" % remote, data=data
)
yield "URL", url, r.json()["task_id"]
except Exception as e:
print "%s: unable to submit URL: %s" % (
bold(red("Error")), e
)
else:
files = []
for path in target:
files.extend(enumerate_files(os.path.abspath(path), pattern))
if is_shuffle:
random.shuffle(files)
for filepath in files:
if not os.path.getsize(filepath):
print "%s: sample %s (skipping file)" % (
bold(yellow("Empty")), filepath
)
continue
if maxcount is not None:
if not maxcount:
break
maxcount -= 1
if not remote:
if is_unique:
sha256 = File(filepath).get_sha256()
if db.find_sample(sha256=sha256):
yield "File", filepath, None
continue
data.pop("unique", None)
task_id = db.add_path(file_path=filepath, **data)
yield "File", filepath, task_id
continue
files = {
"file": (os.path.basename(filepath), open(filepath, "rb")),
}
try:
r = requests.post(
"http://%s/tasks/create/file" % remote,
data=data, files=files
)
yield "File", filepath, r.json()["task_id"]
except Exception as e:
print "%s: unable to submit file: %s" % (
bold(red("Error")), e
)
continue
def import_cuckoo(username, mode, dirpath):
version = identify(dirpath)
if not version:
raise CuckooOperationalError(
"The path that you specified is not a proper Cuckoo setup. Please "
"point the path to the root of your older Cuckoo setup, i.e., to "
"the directory containing the cuckoo.py script!"
)
# TODO Copy over the configuration and ignore the database.
if version in ("0.4", "0.4.1", "0.4.2"):
raise CuckooOperationalError(
"Importing from version 0.4, 0.4.1, or 0.4.2 is not supported as "
"there are no database migrations for that version. Please start "
"from scratch, your configuration would have been obsolete anyway!"
)
print "We've identified a Cuckoo Sandbox %s installation!" % version
if os.path.isdir(cwd()) and os.listdir(cwd()):
raise CuckooOperationalError(
"This Cuckoo Working Directory already exists. Please import to "
"a new/clean Cuckoo Working Directory."
)
# Following are various recursive imports.
from cuckoo.apps import migrate_database
from cuckoo.main import cuckoo_create
print "Reading in the old configuration.."
# Port the older configuration.
cfg = Config.from_confdir(os.path.join(dirpath, "conf"), loose=True)
cfg = migrate_conf(cfg, version)
print " configuration has been migrated to the latest version!"
print
# Create a fresh Cuckoo Working Directory.
cuckoo_create(username, cfg, quiet=True)
dburi = cfg["cuckoo"]["database"]["connection"]
# Ask if the user would like to make a backup of the SQL database and in
# the case of sqlite3, copy/move/symlink cuckoo.db to the CWD.
sqldump(dburi, dirpath)
movesql(dburi, mode, dirpath)
# Run database migrations.
if not migrate_database():
raise CuckooOperationalError(
"Error migrating your old Cuckoo database!"
)
# Link or copy all of the older results to the new CWD.
import_legacy_analyses(mode, dirpath)
# Urge the user to run the community command.
print
print "You have successfully imported your old version of Cuckoo!"
print "However, in order to get up-to-date, you'll probably want to"
print yellow("run the community command"),
print "by running", red("'cuckoo community'"), "manually."
print "The community command will fetch the latest monitoring updates"
print "and Cuckoo Signatures."
def import_(ctx, mode, path):
"""Imports an older Cuckoo setup into a new CWD. The old setup should be
identified by PATH and the new CWD may be specified with the --cwd
parameter, e.g., "cuckoo --cwd /tmp/cwd import old-cuckoo"."""
if mode == "symlink" and is_windows():
sys.exit(red(
"You can only use the 'symlink' mode on non-Windows platforms."
))
print yellow("You are importing an existing Cuckoo setup. Please")
print yellow("understand that, depending on the mode taken, if ")
print yellow("you remove the old Cuckoo setup after this import ")
print yellow("you may still"), red("lose ALL of your data!")
print
print yellow("Additionally, database migrations will be performed ")
print yellow("in-place*. You won't be able to use your old Cuckoo ")
print yellow("setup anymore afterwards! However, we'll provide ")
print yellow("you with the option to create a SQL backup beforehand.")
print
print red("TL;DR Cleaning the old setup after the import may")
print red("corrupt your new setup: its SQL, MongoDB, and ")
print red("ElasticSearch database may be dropped and, in 'symlink'")
print red("mode, the analyses removed.")
print
print yellow("*: Except for sqlite3 databases in combination with")
print yellow(" the import 'copy' approach.")
print
value = click.confirm(
"... I've read the above and understand the consequences", False
)
if not value:
sys.exit(red("Aborting operation.. please try again!"))
try:
import_cuckoo(ctx.parent.user, mode, path)
except KeyboardInterrupt:
print(red("Aborting import of Cuckoo instance.."))
def logo():
"""Cuckoo asciiarts.
@return: asciiarts array.
"""
logos = []
logos.append("""
_|
_|_|_| _| _| _|_|_| _| _| _|_| _|_|
_| _| _| _| _|_| _| _| _| _|
_| _| _| _| _| _| _| _| _| _|
_|_|_| _|_|_| _|_|_| _| _| _|_| _|_|""")
logos.append("""
__
.----..--.--..----.| |--..-----..-----.
| __|| | || __|| < | _ || _ |
|____||_____||____||__|__||_____||_____|""")
logos.append("""
.:
::
.-. , : .-. ;;.-. .-. .-.
; ; ; ; ;; .' ; ;'; ;'
`;;;;'.'`..:;._`;;;;'_.'` `.`;;' `;;'""")
logos.append("""
eeee e e eeee e e eeeee eeeee
8 8 8 8 8 8 8 8 8 88 8 88
8e 8e 8 8e 8eee8e 8 8 8 8
88 88 8 88 88 8 8 8 8 8
88e8 88ee8 88e8 88 8 8eee8 8eee8""")
logos.append("""
_____________________________________/\/\_______________________________
___/\/\/\/\__/\/\__/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___
_/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_
_/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_
___/\/\/\/\____/\/\/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___
________________________________________________________________________""")
logos.append("""
_______ _ _ _______ _ _ _____ _____
| | | | |____/ | | | |
|_____ |_____| |_____ | \\_ |_____| |_____|""")
logos.append("""
_
____ _ _ ____| | _ ___ ___
/ ___) | | |/ ___) |_/ ) _ \ / _ \\
( (___| |_| ( (___| _ ( |_| | |_| |
\\____)____/ \\____)_| \\_)___/ \\___/""")
logos.append("""
______ __ __ ______ ___ ___ ______ ______
/_____/\\ /_/\\/_/\\ /_____/\\ /___/\\/__/\\ /_____/\\ /_____/\\
\\:::__\\/ \\:\\ \\:\\ \\\\:::__\\/ \\::.\\ \\\\ \\ \\\\:::_ \\ \\\\:::_ \\ \\
\\:\\ \\ __\\:\\ \\:\\ \\\\:\\ \\ __\\:: \\/_) \\ \\\\:\\ \\ \\ \\\\:\\ \\ \\ \\
\\:\\ \\/_/\\\\:\\ \\:\\ \\\\:\\ \\/_/\\\\:. __ ( ( \\:\\ \\ \\ \\\\:\\ \\ \\ \\
\\:\\_\\ \\ \\\\:\\_\\:\\ \\\\:\\_\\ \\ \\\\: \\ ) \\ \\ \\:\\_\\ \\ \\\\:\\_\\ \\ \\
\\_____\\/ \\_____\\/ \\_____\\/ \\__\\/\\__\\/ \\_____\\/ \\_____\\/"""
)
logos.append("""
sSSs .S S. sSSs .S S. sSSs_sSSs sSSs_sSSs
d%%SP .SS SS. d%%SP .SS SS. d%%SP~YS%%b d%%SP~YS%%b
d%S' S%S S%S d%S' S%S S&S d%S' `S%b d%S' `S%b
S%S S%S S%S S%S S%S d*S S%S S%S S%S S%S
S&S S&S S&S S&S S&S .S*S S&S S&S S&S S&S
S&S S&S S&S S&S S&S_sdSSS S&S S&S S&S S&S
S&S S&S S&S S&S S&S~YSSY%b S&S S&S S&S S&S
S&S S&S S&S S&S S&S `S% S&S S&S S&S S&S
S*b S*b d*S S*b S*S S% S*b d*S S*b d*S
S*S. S*S. .S*S S*S. S*S S& S*S. .S*S S*S. .S*S
SSSbs SSSbs_sdSSS SSSbs S*S S& SSSbs_sdSSS SSSbs_sdSSS
YSSP YSSP~YSSY YSSP S*S SS YSSP~YSSY YSSP~YSSY
SP
Y""")
logos.append("""
_______ _____ _____
/::\\ \\ /\\ \\ /\\ \\
/::::\\ \\ /::\\____\\ /::\\ \\
/::::::\\ \\ /::::| | /::::\\ \\
/::::::::\\ \\ /:::::| | /::::::\\ \\
/:::/~~\\:::\\ \\ /::::::| | /:::/\\:::\\ \\
/:::/ \\:::\\ \\ /:::/|::| | /:::/ \\:::\\ \\
/:::/ / \\:::\\ \\ /:::/ |::| | /:::/ \\:::\\ \\
/:::/____/ \\:::\\____\\ /:::/ |::|___|______ /:::/ / \\:::\\ \\
|:::| | |:::| | /:::/ |::::::::\\ \\ /:::/ / \\:::\\ ___\\
|:::|____| |:::| |/:::/ |:::::::::\\____\\/:::/____/ ___\\:::| |
\\:::\\ \\ /:::/ / \\::/ / ~~~~~/:::/ /\\:::\\ \\ /\\ /:::|____|
\\:::\\ \\ /:::/ / \\/____/ /:::/ / \\:::\\ /::\\ \\::/ /
\\:::\\ /:::/ / /:::/ / \\:::\\ \\:::\\ \\/____/
\\:::\\__/:::/ / /:::/ / \\:::\\ \\:::\\____\\
\\::::::::/ / /:::/ / \\:::\\ /:::/ /
\\::::::/ / /:::/ / \\:::\\/:::/ /
\\::::/ / /:::/ / \\::::::/ /
\\::/____/ /:::/ / \\::::/ /
~~ \\::/ / \\::/____/
\\/____/
it's Cuckoo!""")
logos.append("""
_ _ _ _ _ _
/\\ \\ /\\_\\ /\\ \\ /\\_\\ /\\ \\ /\\ \\
/ \\ \\ / / / _ / \\ \\ / / / _ / \\ \\ / \\ \\
/ /\\ \\ \\ \\ \\ \\__ /\\_\\ / /\\ \\ \\ / / / /\\_\\ / /\\ \\ \\ / /\\ \\ \\
/ / /\\ \\ \\ \\ \\___\\ / / // / /\\ \\ \\ / / /__/ / / / / /\\ \\ \\ / / /\\ \\ \\
/ / / \\ \\_\\ \\__ / / / // / / \\ \\_\\ / /\\_____/ / / / / \\ \\_\\ / / / \\ \\_\\
/ / / \\/_/ / / / / / // / / \\/_/ / /\\_______/ / / / / / // / / / / /
/ / / / / / / / // / / / / /\\ \\ \\ / / / / / // / / / / /
/ / /________ / / /___/ / // / /________ / / / \\ \\ \\ / / /___/ / // / /___/ / /
/ / /_________\\/ / /____\\/ // / /_________\\/ / / \\ \\ \\ / / /____\\/ // / /____\\/ /
\\/____________/\\/_________/ \\/____________/\\/_/ \\_\\_\\\\/_________/ \\/_________/"""
)
logos.append("""
),-. /
Cuckoo Sandbox <(a `---','
no chance for malwares! ( `-, ._> )
) _>.___/
_/""")
logos.append("""
.-----------------.
| Cuckoo Sandbox? |
| OH NOES! |\\ '-.__.-'
'-----------------' \\ /oo |--.--,--,--.
\\_.-'._i__i__i_.'
\"\"\"\"\"\"\"\"\"""")
print(color(random.choice(logos), random.randrange(31, 37)))
print
print(" Cuckoo Sandbox %s" % yellow(version))
print(" www.cuckoosandbox.org")
print(" Copyright (c) 2010-2018")
print
sys.stdout.flush()
def import_(ctx, mode, path):
"""Imports an older Cuckoo setup into a new CWD. The old setup should be
identified by PATH and the new CWD may be specified with the --cwd
parameter, e.g., "cuckoo --cwd /tmp/cwd import old-cuckoo"."""
if os.path.exists(os.path.join(path, ".cwd")):
print(
yellow(
"The 'cuckoo import' feature is meant to import a legacy Cuckoo, "
"i.e., Cuckoo 1.2, 2.0-dev, 2.0-rc1, or 2.0-rc2 into a new Cuckoo "
"CWD."))
print(
red("You're attempting to import an existing Cuckoo CWD. To upgrade "
"Cuckoo / your CWD, simply run 'pip install -U cuckoo' and re-run "
"the cuckoo commands!"))
sys.exit(1)
if mode == "symlink" and is_windows():
sys.exit(
red("You can only use the 'symlink' mode on non-Windows platforms."
))
print yellow("You are importing an existing Cuckoo setup. Please")
print yellow("understand that, depending on the mode taken, if ")
print yellow("you remove the old Cuckoo setup after this import ")
print yellow("you may still"), red("lose ALL of your data!")
print
print yellow("Additionally, database migrations will be performed ")
print yellow("in-place*. You won't be able to use your old Cuckoo ")
print yellow("setup anymore afterwards! However, we'll provide ")
print yellow("you with the option to create a SQL backup beforehand.")
print
print red("TL;DR Cleaning the old setup after the import may")
print red("corrupt your new setup: its SQL, MongoDB, and ")
print red("ElasticSearch database may be dropped and, in 'symlink'")
print red("mode, the analyses removed.")
print
print yellow("*: Except for sqlite3 databases in combination with")
print yellow(" the import 'copy' approach.")
print
value = click.confirm(
"... I've read the above and understand the consequences", False)
if not value:
sys.exit(red("Aborting operation.. please try again!"))
try:
import_cuckoo(ctx.parent.user, mode, path)
except KeyboardInterrupt:
print(red("Aborting import of Cuckoo instance.."))
def clean():
"""Clean the CWD and associated databases."""
try:
cuckoo_clean()
except KeyboardInterrupt:
print(yellow("Aborting cleaning up of your CWD.."))
def import_cuckoo(username, mode, dirpath):
version = identify(dirpath)
if not version:
raise CuckooOperationalError(
"The path that you specified is not a proper Cuckoo setup. Please "
"point the path to the root of your legacy Cuckoo setup, i.e., to "
"the directory containing the cuckoo.py script!")
# TODO Copy over the configuration and ignore the database.
if version in ("0.4", "0.4.1", "0.4.2"):
raise CuckooOperationalError(
"Importing from version 0.4, 0.4.1, or 0.4.2 is not supported as "
"there are no database migrations for that version. Please start "
"from scratch, your configuration would have been obsolete anyway!"
)
print "We've identified a Cuckoo Sandbox %s installation!" % version
if os.path.isdir(cwd()) and os.listdir(cwd()):
raise CuckooOperationalError(
"This Cuckoo Working Directory already exists. Please import to "
"a new/clean Cuckoo Working Directory.")
# Following are various recursive imports.
from cuckoo.apps import migrate_database
from cuckoo.main import cuckoo_create
print "Reading in the old configuration.."
# Port the older configuration.
cfg = Config.from_confdir(os.path.join(dirpath, "conf"), loose=True)
cfg = migrate_conf(cfg, version)
print " configuration has been migrated to the latest version!"
print
# Create a fresh Cuckoo Working Directory.
cuckoo_create(username, cfg, quiet=True)
dburi = cfg["cuckoo"]["database"]["connection"]
# Ask if the user would like to make a backup of the SQL database and in
# the case of sqlite3, copy/move/symlink cuckoo.db to the CWD.
sqldump(dburi, dirpath)
movesql(dburi, mode, dirpath)
# Run database migrations.
if not migrate_database():
raise CuckooOperationalError(
"Error migrating your old Cuckoo database!")
# Link or copy all of the older results to the new CWD.
import_legacy_analyses(mode, dirpath)
# Urge the user to run the community command.
print
print "You have successfully imported your old version of Cuckoo!"
print "However, in order to get up-to-date, you'll probably want to"
print yellow("run the community command"),
print "by running", red("'cuckoo community'"), "manually."
print "The community command will fetch the latest monitoring updates"
print "and Cuckoo Signatures."
def logo():
"""Cuckoo asciiarts.
@return: asciiarts array.
"""
logos = []
logos.append("""
_|
_|_|_| _| _| _|_|_| _| _| _|_| _|_|
_| _| _| _| _|_| _| _| _| _|
_| _| _| _| _| _| _| _| _| _|
_|_|_| _|_|_| _|_|_| _| _| _|_| _|_|""")
logos.append("""
__
.----..--.--..----.| |--..-----..-----.
| __|| | || __|| < | _ || _ |
|____||_____||____||__|__||_____||_____|""")
logos.append("""
.:
::
.-. , : .-. ;;.-. .-. .-.
; ; ; ; ;; .' ; ;'; ;'
`;;;;'.'`..:;._`;;;;'_.'` `.`;;' `;;'""")
logos.append("""
eeee e e eeee e e eeeee eeeee
8 8 8 8 8 8 8 8 8 88 8 88
8e 8e 8 8e 8eee8e 8 8 8 8
88 88 8 88 88 8 8 8 8 8
88e8 88ee8 88e8 88 8 8eee8 8eee8""")
logos.append("""
_____________________________________/\/\_______________________________
___/\/\/\/\__/\/\__/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___
_/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_
_/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_
___/\/\/\/\____/\/\/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___
________________________________________________________________________""")
logos.append("""
_______ _ _ _______ _ _ _____ _____
| | | | |____/ | | | |
|_____ |_____| |_____ | \\_ |_____| |_____|""")
logos.append("""
_
____ _ _ ____| | _ ___ ___
/ ___) | | |/ ___) |_/ ) _ \ / _ \\
( (___| |_| ( (___| _ ( |_| | |_| |
\\____)____/ \\____)_| \\_)___/ \\___/""")
logos.append("""
______ __ __ ______ ___ ___ ______ ______
/_____/\\ /_/\\/_/\\ /_____/\\ /___/\\/__/\\ /_____/\\ /_____/\\
\\:::__\\/ \\:\\ \\:\\ \\\\:::__\\/ \\::.\\ \\\\ \\ \\\\:::_ \\ \\\\:::_ \\ \\
\\:\\ \\ __\\:\\ \\:\\ \\\\:\\ \\ __\\:: \\/_) \\ \\\\:\\ \\ \\ \\\\:\\ \\ \\ \\
\\:\\ \\/_/\\\\:\\ \\:\\ \\\\:\\ \\/_/\\\\:. __ ( ( \\:\\ \\ \\ \\\\:\\ \\ \\ \\
\\:\\_\\ \\ \\\\:\\_\\:\\ \\\\:\\_\\ \\ \\\\: \\ ) \\ \\ \\:\\_\\ \\ \\\\:\\_\\ \\ \\
\\_____\\/ \\_____\\/ \\_____\\/ \\__\\/\\__\\/ \\_____\\/ \\_____\\/""")
logos.append("""
sSSs .S S. sSSs .S S. sSSs_sSSs sSSs_sSSs
d%%SP .SS SS. d%%SP .SS SS. d%%SP~YS%%b d%%SP~YS%%b
d%S' S%S S%S d%S' S%S S&S d%S' `S%b d%S' `S%b
S%S S%S S%S S%S S%S d*S S%S S%S S%S S%S
S&S S&S S&S S&S S&S .S*S S&S S&S S&S S&S
S&S S&S S&S S&S S&S_sdSSS S&S S&S S&S S&S
S&S S&S S&S S&S S&S~YSSY%b S&S S&S S&S S&S
S&S S&S S&S S&S S&S `S% S&S S&S S&S S&S
S*b S*b d*S S*b S*S S% S*b d*S S*b d*S
S*S. S*S. .S*S S*S. S*S S& S*S. .S*S S*S. .S*S
SSSbs SSSbs_sdSSS SSSbs S*S S& SSSbs_sdSSS SSSbs_sdSSS
YSSP YSSP~YSSY YSSP S*S SS YSSP~YSSY YSSP~YSSY
SP
Y""")
logos.append("""
_______ _____ _____
/::\\ \\ /\\ \\ /\\ \\
/::::\\ \\ /::\\____\\ /::\\ \\
/::::::\\ \\ /::::| | /::::\\ \\
/::::::::\\ \\ /:::::| | /::::::\\ \\
/:::/~~\\:::\\ \\ /::::::| | /:::/\\:::\\ \\
/:::/ \\:::\\ \\ /:::/|::| | /:::/ \\:::\\ \\
/:::/ / \\:::\\ \\ /:::/ |::| | /:::/ \\:::\\ \\
/:::/____/ \\:::\\____\\ /:::/ |::|___|______ /:::/ / \\:::\\ \\
|:::| | |:::| | /:::/ |::::::::\\ \\ /:::/ / \\:::\\ ___\\
|:::|____| |:::| |/:::/ |:::::::::\\____\\/:::/____/ ___\\:::| |
\\:::\\ \\ /:::/ / \\::/ / ~~~~~/:::/ /\\:::\\ \\ /\\ /:::|____|
\\:::\\ \\ /:::/ / \\/____/ /:::/ / \\:::\\ /::\\ \\::/ /
\\:::\\ /:::/ / /:::/ / \\:::\\ \\:::\\ \\/____/
\\:::\\__/:::/ / /:::/ / \\:::\\ \\:::\\____\\
\\::::::::/ / /:::/ / \\:::\\ /:::/ /
\\::::::/ / /:::/ / \\:::\\/:::/ /
\\::::/ / /:::/ / \\::::::/ /
\\::/____/ /:::/ / \\::::/ /
~~ \\::/ / \\::/____/
\\/____/
it's Cuckoo!""")
logos.append("""
_ _ _ _ _ _
/\\ \\ /\\_\\ /\\ \\ /\\_\\ /\\ \\ /\\ \\
/ \\ \\ / / / _ / \\ \\ / / / _ / \\ \\ / \\ \\
/ /\\ \\ \\ \\ \\ \\__ /\\_\\ / /\\ \\ \\ / / / /\\_\\ / /\\ \\ \\ / /\\ \\ \\
/ / /\\ \\ \\ \\ \\___\\ / / // / /\\ \\ \\ / / /__/ / / / / /\\ \\ \\ / / /\\ \\ \\
/ / / \\ \\_\\ \\__ / / / // / / \\ \\_\\ / /\\_____/ / / / / \\ \\_\\ / / / \\ \\_\\
/ / / \\/_/ / / / / / // / / \\/_/ / /\\_______/ / / / / / // / / / / /
/ / / / / / / / // / / / / /\\ \\ \\ / / / / / // / / / / /
/ / /________ / / /___/ / // / /________ / / / \\ \\ \\ / / /___/ / // / /___/ / /
/ / /_________\\/ / /____\\/ // / /_________\\/ / / \\ \\ \\ / / /____\\/ // / /____\\/ /
\\/____________/\\/_________/ \\/____________/\\/_/ \\_\\_\\\\/_________/ \\/_________/""")
logos.append("""
),-. /
Cuckoo Sandbox <(a `---','
no chance for malwares! ( `-, ._> )
) _>.___/
_/""")
logos.append("""
.-----------------.
| Cuckoo Sandbox? |
| OH NOES! |\\ '-.__.-'
'-----------------' \\ /oo |--.--,--,--.
\\_.-'._i__i__i_.'
\"\"\"\"\"\"\"\"\"""")
print(color(random.choice(logos), random.randrange(31, 37)))
print
print(" Cuckoo Sandbox %s" % yellow(version))
print(" www.cuckoosandbox.org")
print(" Copyright (c) 2010-2017")
print
sys.stdout.flush()
def submit_tasks(target, options, package, custom, owner, timeout, priority,
machine, platform, memory, enforce_timeout, clock, tags,
remote, pattern, maxcount, is_unique, is_url, is_baseline,
is_shuffle):
db = Database()
data = dict(
package=package or "",
timeout=timeout,
options=options,
priority=priority,
machine=machine,
platform=platform,
custom=custom,
owner=owner,
tags=tags,
memory="1" if memory else "0",
enforce_timeout="1" if enforce_timeout else "0",
clock=clock,
unique="1" if is_unique else "0",
)
if is_baseline:
if remote:
print "Remote baseline support has not yet been implemented."
return
task_id = db.add_baseline(timeout, owner, machine, memory)
yield "Baseline", machine, task_id
return
if is_url and is_unique:
print "URL doesn't have --unique support yet."
return
if is_url:
for url in target:
if not remote:
data.pop("unique", None)
task_id = db.add_url(to_unicode(url), **data)
yield "URL", url, task_id
continue
data["url"] = to_unicode(url)
try:
r = requests.post("http://%s/tasks/create/url" % remote,
data=data)
yield "URL", url, r.json()["task_id"]
except Exception as e:
print "%s: unable to submit URL: %s" % (bold(red("Error")), e)
else:
files = []
for path in target:
files.extend(enumerate_files(os.path.abspath(path), pattern))
if is_shuffle:
random.shuffle(files)
for filepath in files:
if not os.path.getsize(filepath):
print "%s: sample %s (skipping file)" % (bold(
yellow("Empty")), filepath)
continue
if maxcount is not None:
if not maxcount:
break
maxcount -= 1
if not remote:
if is_unique:
sha256 = File(filepath).get_sha256()
if db.find_sample(sha256=sha256):
yield "File", filepath, None
continue
data.pop("unique", None)
task_id = db.add_path(file_path=filepath, **data)
yield "File", filepath, task_id
continue
files = {
"file": (os.path.basename(filepath), open(filepath, "rb")),
}
try:
r = requests.post("http://%s/tasks/create/file" % remote,
data=data,
files=files)
yield "File", filepath, r.json()["task_id"]
except Exception as e:
print "%s: unable to submit file: %s" % (bold(red("Error")), e)
continue
def import_(ctx, mode, path):
"""Imports an older Cuckoo setup into a new CWD. The old setup should be
identified by PATH and the new CWD may be specified with the --cwd
parameter, e.g., "cuckoo --cwd /tmp/cwd import old-cuckoo"."""
if mode == "symlink" and is_windows():
sys.exit(red(
"You can only use the 'symlink' mode on non-Windows platforms."
))
print yellow("You are importing an existing Cuckoo setup. Please")
print yellow("understand that, depending on the mode taken, if ")
print yellow("you remove the old Cuckoo setup after this import ")
print yellow("you may still"), red("loose ALL of your data!")
print
print yellow("Additionally, database migrations will be performed ")
print yellow("in-place. You won't be able to use your old Cuckoo ")
print yellow("setup anymore afterwards! However, we'll provide ")
print yellow("you with the option to create a SQL backup beforehand.")
print
print red("TL;DR Cleaning the old setup after the import may")
print red("corrupt your new setup: its SQL, MongoDB, and ")
print red("ElasticSearch database may be dropped and, in 'symlink'")
print red("mode, the analyses removed.")
print
value = click.confirm(
"... I've read the above and understand the consequences", False
)
if not value:
sys.exit(red("Aborting operation.. please try again!"))
try:
import_cuckoo(ctx.parent.user, mode, path)
except KeyboardInterrupt:
print(red("Aborting import of Cuckoo instance.."))
def clean():
"""Clean the CWD and associated databases."""
try:
cuckoo_clean()
except KeyboardInterrupt:
print(yellow("Aborting cleaning up of your CWD.."))
def community(force, branch, filepath):
"""Fetch supplies from the Cuckoo Community."""
try:
fetch_community(force=force, branch=branch, filepath=filepath)
except KeyboardInterrupt:
print(yellow("Aborting fetching of the Cuckoo Community resources.."))
