def initialize(self):
"""Initialize machine manager."""
global mmanager
log.info("Using \"%s\" machine manager" %
self.cfg.cuckoo.machine_manager)
name = "modules.machinemanagers.%s" % self.cfg.cuckoo.machine_manager
try:
__import__(name, globals(), locals(), ["dummy"], -1)
except ImportError as e:
raise CuckooMachineError(
"Unable to import machine manager plugin: %s" % e)
MachineManager()
module = MachineManager.__subclasses__()[0]
mmanager = module()
mmanager_conf = os.path.join(
CUCKOO_ROOT, "conf", "%s.conf" % self.cfg.cuckoo.machine_manager)
if not os.path.exists(mmanager_conf):
raise CuckooMachineError(
"The configuration file for machine manager \"%s\" does not exist at path: %s"
% (self.cfg.cuckoo.machine_manager, mmanager_conf))
mmanager.set_options(Config(mmanager_conf))
mmanager.initialize(self.cfg.cuckoo.machine_manager)
if len(mmanager.machines) == 0:
raise CuckooMachineError("No machines available")
else:
log.info("Loaded %s machine/s" % len(mmanager.machines))
def initialize(self):
"""Initialize machine manager."""
global mmanager
log.info("Using \"%s\" machine manager" % self.cfg.cuckoo.machine_manager)
name = "modules.machinemanagers.%s" % self.cfg.cuckoo.machine_manager
try:
__import__(name, globals(), locals(), ["dummy"], -1)
except ImportError as e:
raise CuckooMachineError("Unable to import machine manager plugin: %s" % e)
MachineManager()
module = MachineManager.__subclasses__()[0]
mmanager = module()
mmanager_conf = os.path.join(CUCKOO_ROOT, "conf", "%s.conf" % self.cfg.cuckoo.machine_manager)
if not os.path.exists(mmanager_conf):
raise CuckooMachineError("The configuration file for machine manager \"%s\" does not exist at path: %s"
% (self.cfg.cuckoo.machine_manager, mmanager_conf))
mmanager.set_options(Config(mmanager_conf))
mmanager.initialize(self.cfg.cuckoo.machine_manager)
if len(mmanager.machines) == 0:
raise CuckooMachineError("No machines available")
else:
log.info("Loaded %s machine/s" % len(mmanager.machines))
def launch_analysis(self):
"""Start analysis.
@raise CuckooAnalysisError: if unable to start analysis.
"""
log.info("Starting analysis of file \"%s\" (task=%s)" %
(self.task.file_path, self.task.id))
if not os.path.exists(self.task.file_path):
raise CuckooAnalysisError(
"The file to analyze does not exist at path \"%s\", analysis aborted"
% self.task.file_path)
self.init_storage()
self.store_file()
options = self.build_options()
while True:
machine_lock.acquire()
vm = mmanager.acquire(machine_id=self.task.machine,
platform=self.task.platform)
machine_lock.release()
if not vm:
log.debug("Task #%s: no machine available" % self.task.id)
time.sleep(1)
else:
log.info("Task #%s: acquired machine %s (label=%s)" %
(self.task.id, vm.id, vm.label))
break
# Initialize sniffer
if self.cfg.cuckoo.use_sniffer:
sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
sniffer.start(interface=self.cfg.cuckoo.interface,
host=vm.ip,
file_path=os.path.join(self.analysis.results_folder,
"dump.pcap"))
else:
sniffer = False
# Initialize VMWare ScreenShot
MachineManager()
module = MachineManager.__subclasses__()[0]
mman = module()
mman_conf = os.path.join(CUCKOO_ROOT, "conf",
"%s.conf" % self.cfg.cuckoo.machine_manager)
if not os.path.exists(mman_conf):
raise CuckooMachineError(
"The configuration file for machine manager \"%s\" does not exist at path: %s"
% (self.cfg.cuckoo.machine_manager, mman_conf))
mman.set_options(Config(mman_conf))
mman.initialize(self.cfg.cuckoo.machine_manager)
screener = Screener(mman.options.vmware.path, vm.label, "avtest",
"avtest", self.analysis.results_folder)
try:
# Start machine
mmanager.start(vm.label)
# Initialize guest manager
guest = GuestManager(vm.id, vm.ip, vm.platform)
# Launch analysis
guest.start_analysis(options)
# Start Screenshots
screener.start()
# Wait for analysis to complete
success = guest.wait_for_completion()
# Stop sniffer
if sniffer:
sniffer.stop()
# Stop Screenshots
if screener:
screener.stop()
if not success:
raise CuckooAnalysisError(
"Task #%s: analysis failed, review previous errors" %
self.task.id)
# Save results
guest.save_results(self.analysis.results_folder)
except (CuckooMachineError, CuckooGuestError) as e:
raise CuckooAnalysisError(e)
#"""
finally:
# Stop machine
mmanager.stop(vm.label)
# Release the machine from lock
mmanager.release(vm.label)
#"""
# Launch reports generation
Reporter(self.analysis.results_folder).run(
Processor(self.analysis.results_folder).run())
log.info("Task #%s: reports generation completed (path=%s)" %
(self.task.id, self.analysis.results_folder))
def launch_analysis(self):
"""Start analysis.
@raise CuckooAnalysisError: if unable to start analysis.
"""
log.info("Starting analysis of file \"%s\" (task=%s)" % (self.task.file_path, self.task.id))
if not os.path.exists(self.task.file_path):
raise CuckooAnalysisError("The file to analyze does not exist at path \"%s\", analysis aborted" % self.task.file_path)
self.init_storage()
self.store_file()
options = self.build_options()
while True:
machine_lock.acquire()
vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
machine_lock.release()
if not vm:
log.debug("Task #%s: no machine available" % self.task.id)
time.sleep(1)
else:
log.info("Task #%s: acquired machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
break
# Initialize sniffer
if self.cfg.cuckoo.use_sniffer:
sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
sniffer.start(interface=self.cfg.cuckoo.interface, host=vm.ip, file_path=os.path.join(self.analysis.results_folder, "dump.pcap"))
else:
sniffer = False
# Initialize VMWare ScreenShot
MachineManager()
module = MachineManager.__subclasses__()[0]
mman = module()
mman_conf = os.path.join(CUCKOO_ROOT, "conf", "%s.conf" % self.cfg.cuckoo.machine_manager)
if not os.path.exists(mman_conf):
raise CuckooMachineError("The configuration file for machine manager \"%s\" does not exist at path: %s"
% (self.cfg.cuckoo.machine_manager, mman_conf))
mman.set_options(Config(mman_conf))
mman.initialize(self.cfg.cuckoo.machine_manager)
screener = Screener(mman.options.vmware.path, vm.label, "avtest", "avtest", self.analysis.results_folder)
try:
# Start machine
mmanager.start(vm.label)
# Initialize guest manager
guest = GuestManager(vm.id, vm.ip, vm.platform)
# Launch analysis
guest.start_analysis(options)
# Start Screenshots
screener.start()
# Wait for analysis to complete
success = guest.wait_for_completion()
# Stop sniffer
if sniffer:
sniffer.stop()
# Stop Screenshots
if screener:
screener.stop()
if not success:
raise CuckooAnalysisError("Task #%s: analysis failed, review previous errors" % self.task.id)
# Save results
guest.save_results(self.analysis.results_folder)
except (CuckooMachineError, CuckooGuestError) as e:
raise CuckooAnalysisError(e)
#"""
finally:
# Stop machine
mmanager.stop(vm.label)
# Release the machine from lock
mmanager.release(vm.label)
#"""
# Launch reports generation
Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())
log.info("Task #%s: reports generation completed (path=%s)" % (self.task.id, self.analysis.results_folder))
