class TestReporter:
CONFIG = """
[reporter_tests]
enabled = on
"""
def setUp(self):
self.tmp = tempfile.mkdtemp()
self.cfg = tempfile.mkstemp()[1]
f = open(self.cfg, "w")
f.write(self.CONFIG)
f.close()
self.r = Reporter(self.tmp)
self.r.cfg = Config(self.cfg)
def test_run_report(self):
results = {}
self.r._run_report(ReportMock, results)
def test_run_report_alter_results(self):
"""@note: Regression test."""
results = {"foo": "bar"}
self.r._run_report(ReportMock, results)
assert_equals(results, {"foo": "bar"})
def tearDown(self):
os.rmdir(os.path.join(self.tmp, "reports"))
os.rmdir(self.tmp)
os.remove(self.cfg)
class TestReporter:
CONFIG = """
[reporter_tests]
enabled = on
"""
def setUp(self):
self.tmp = tempfile.mkdtemp()
self.cfg = tempfile.mkstemp()[1]
f = open(self.cfg, "w")
f.write(self.CONFIG)
f.close()
self.r = Reporter(self.tmp)
self.r.cfg = Config(self.cfg)
def test_run_report(self):
results = {}
self.r._run_report(ReportMock, results)
def test_run_report_alter_results(self):
"""@note: Regression test."""
results = {"foo": "bar"}
self.r._run_report(ReportAlterMock, results)
assert_equals(results, {"foo": "bar"})
def tearDown(self):
os.rmdir(os.path.join(self.tmp, "reports"))
os.rmdir(self.tmp)
os.remove(self.cfg)
def setUp(self):
self.tmp = tempfile.mkdtemp()
self.cfg = tempfile.mkstemp()[1]
f = open(self.cfg, "w")
f.write(self.CONFIG)
f.close()
self.r = Reporter(self.tmp)
self.r.cfg = Config(self.cfg)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("id", type=str, help="ID of the analysis to process")
parser.add_argument("-r",
"--report",
help="Re-generate report",
action="store_true",
required=False)
parser.add_argument("-f",
"--failed",
help="Mark the analysis as failed",
action="store_true",
required=False)
args = parser.parse_args()
init_modules()
if args.failed:
results = {"success": False}
else:
results = Processor(args.id).run()
results["success"] = True
if args.report:
Reporter(args.id).run(results)
def setUp(self):
self.tmp = tempfile.mkdtemp()
self.cfg = tempfile.mkstemp()[1]
f = open(self.cfg, "w")
f.write(self.CONFIG)
f.close()
self.r = Reporter(self.tmp)
self.r.cfg = Config(self.cfg)
def process_results(self):
"""Process the analysis results and generate the enabled reports."""
try:
logs_path = os.path.join(self.storage, "logs")
for csv in os.listdir(logs_path):
if not csv.endswith(".raw"):
continue
csv = os.path.join(logs_path, csv)
if os.stat(
csv).st_size > self.cfg.processing.analysis_size_limit:
log.error(
"Analysis file %s is too big to be processed, "
"analysis aborted. Process it manually with the "
"provided utilities", csv)
return False
except OSError as e:
log.warning("Error accessing analysis logs (task=%d): %s",
self.task.id, e)
results = Processor(self.task.id).run()
Reporter(self.task.id).run(results)
# If the target is a file and the user enabled the option,
# delete the original copy.
if self.task.category == "file" and self.cfg.cuckoo.delete_original:
try:
os.remove(self.task.target)
except OSError as e:
log.error(
"Unable to delete original file at path \"%s\": "
"%s", self.task.target, e)
log.info("Task #%d: reports generation completed (path=%s)",
self.task.id, self.storage)
return True
def launch_analysis(self):
"""Start analysis.
@raise CuckooAnalysisError: if unable to start analysis.
"""
log.info("Starting analysis of file \"%s\" (task=%s)" %
(self.task.file_path, self.task.id))
if not os.path.exists(self.task.file_path):
raise CuckooAnalysisError(
"The file to analyze does not exist at path \"%s\", analysis aborted"
% self.task.file_path)
self.init_storage()
self.store_file()
options = self.build_options()
while True:
machine_lock.acquire()
vm = mmanager.acquire(machine_id=self.task.machine,
platform=self.task.platform)
machine_lock.release()
if not vm:
log.debug("Task #%s: no machine available" % self.task.id)
time.sleep(1)
else:
log.info("Task #%s: acquired machine %s (label=%s)" %
(self.task.id, vm.id, vm.label))
break
# Initialize sniffer
if self.cfg.cuckoo.use_sniffer:
sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
sniffer.start(interface=self.cfg.cuckoo.interface,
host=vm.ip,
file_path=os.path.join(self.analysis.results_folder,
"dump.pcap"))
else:
sniffer = False
try:
# Start machine
mmanager.start(vm.label)
# Initialize guest manager
guest = GuestManager(vm.id, vm.ip, vm.platform)
# Launch analysis
guest.start_analysis(options)
# Wait for analysis to complete
success = guest.wait_for_completion()
# Stop sniffer
if sniffer:
sniffer.stop()
if not success:
raise CuckooAnalysisError(
"Task #%s: analysis failed, review previous errors" %
self.task.id)
# Save results
guest.save_results(self.analysis.results_folder)
except (CuckooMachineError, CuckooGuestError) as e:
raise CuckooAnalysisError(e)
finally:
# Stop machine
mmanager.stop(vm.label)
# Release the machine from lock
mmanager.release(vm.label)
# Launch reports generation
Reporter(self.analysis.results_folder).run(
Processor(self.analysis.results_folder).run())
log.info("Task #%s: reports generation completed (path=%s)" %
(self.task.id, self.analysis.results_folder))
#!/usr/bin/env python # Copyright (C) 2010-2012 Cuckoo Sandbox Developers. # This file is part of Cuckoo Sandbox - http://www.cuckoosandbox.org # See the file 'docs/LICENSE' for copying permission. import os import sys import logging logging.basicConfig(level=logging.DEBUG) sys.path.append(os.path.join(os.path.abspath(os.path.dirname(__file__)), "..")) from lib.cuckoo.core.processor import Processor from lib.cuckoo.core.reporter import Reporter results = Processor(sys.argv[1]).run() Reporter(sys.argv[1]).run(results)
