def submit(ctx, target, url, options, package, custom, owner, timeout,
priority, machine, platform, memory, enforce_timeout, clock, tags,
baseline, remote, shuffle, pattern, max, unique):
"""Submit one or more files or URLs to Cuckoo."""
init_console_logging(level=ctx.parent.level)
Database().connect()
try:
l = submit_tasks(
target, options, package, custom, owner, timeout, priority,
machine, platform, memory, enforce_timeout, clock, tags, remote,
pattern, max, unique, url, baseline, shuffle
)
for category, target, task_id in l:
if task_id:
print "%s: %s \"%s\" added as task with ID #%s" % (
bold(green("Success")), category, target, task_id
)
else:
print "%s: %s \"%s\" as it has already been analyzed" % (
bold(yellow("Skipped")), category, target
)
except KeyboardInterrupt:
print(red("Aborting submission of samples.."))
def submit(ctx, target, url, options, package, custom, owner, timeout,
priority, machine, platform, memory, enforce_timeout, clock, tags,
baseline, remote, shuffle, pattern, max, unique):
"""Submit one or more files or URLs to Cuckoo."""
init_console_logging(level=ctx.parent.level)
Database().connect()
try:
l = submit_tasks(
target, options, package, custom, owner, timeout, priority,
machine, platform, memory, enforce_timeout, clock, tags, remote,
pattern, max, unique, url, baseline, shuffle
)
for category, target, task_id in l:
if task_id:
print "%s: %s \"%s\" added as task with ID #%s" % (
bold(green("Success")), category, target, task_id
)
else:
print "%s: %s \"%s\" as it has already been analyzed" % (
bold(yellow("Skipped")), category, target
)
except KeyboardInterrupt:
print(red("Aborting submission of samples.."))
def check_version():
"""Checks version of Cuckoo."""
if not config("cuckoo:cuckoo:version_check"):
return
print(" Checking for updates...")
try:
r = requests.get("https://cuckoosandbox.org/updates.json",
params={"version": version},
timeout=6)
r.raise_for_status()
r = r.json()
except (requests.RequestException, ValueError) as e:
print(red(" Error checking for the latest Cuckoo version: %s!" % e))
return
try:
old = StrictVersion(version) < StrictVersion(r["version"])
except ValueError:
old = True
if old:
msg = "Cuckoo Sandbox version %s is available now." % r["version"]
print(red(" Outdated! ") + msg)
else:
print(green(" You're good to go!"))
print("\n Our latest blogposts:")
for blogpost in r["blogposts"]:
print(" * %s, %s." % (yellow(blogpost["title"]), blogpost["date"]))
print(" %s" % red(blogpost["oneline"]))
print(" More at %s" % blogpost["url"])
print("")
return r
def check_version():
"""Checks version of Cuckoo."""
if not config("cuckoo:cuckoo:version_check"):
return
print(" Checking for updates...")
try:
r = requests.post(
"http://api.cuckoosandbox.org/checkversion.php",
data={"version": version}
)
r.raise_for_status()
r = r.json()
except (requests.RequestException, ValueError) as e:
print(red(" Error checking for the latest Cuckoo version: %s!" % e))
return
if not isinstance(r, dict) or r.get("error"):
print(red(" Error checking for the latest Cuckoo version:"))
print(yellow(" Response: %s" % r))
return
rc1_responses = "NEW_VERSION", "NO_UPDATES"
# Deprecated response.
if r.get("response") in rc1_responses and r.get("current") == "2.0-rc1":
print(green(" You're good to go!"))
return
try:
old = StrictVersion(version) < StrictVersion(r.get("current"))
except ValueError:
old = True
if old:
msg = "Cuckoo Sandbox version %s is available now." % r.get("current")
print(red(" Outdated! ") + msg),
else:
print(green(" You're good to go!"))
def check_version():
"""Checks version of Cuckoo."""
if not config("cuckoo:cuckoo:version_check"):
return
print(" Checking for updates...")
try:
r = requests.post(
"http://api.cuckoosandbox.org/checkversion.php",
data={"version": version}
)
r.raise_for_status()
r = r.json()
except (requests.RequestException, ValueError) as e:
print(red(" Error checking for the latest Cuckoo version: %s!" % e))
return
if not isinstance(r, dict) or r.get("error"):
print(red(" Error checking for the latest Cuckoo version:"))
print(yellow(" Response: %s" % r))
return
rc1_responses = "NEW_VERSION", "NO_UPDATES"
# Deprecated response.
if r.get("response") in rc1_responses and r.get("current") == "2.0-rc1":
print(green(" You're good to go!"))
return
try:
old = StrictVersion(version) < StrictVersion(r.get("current"))
except ValueError:
old = True
if old:
msg = "Cuckoo Sandbox version %s is available now." % r.get("current")
print(red(" Outdated! ") + msg),
else:
print(green(" You're good to go!"))
def check_version():
"""Checks version of Cuckoo."""
if not config("cuckoo:cuckoo:version_check"):
return
print(" Checking for updates...")
try:
r = requests.get(
"https://cuckoosandbox.org/updates.json",
params={"version": version}, timeout=6
)
r.raise_for_status()
r = r.json()
except (requests.RequestException, ValueError) as e:
print(red(" Error checking for the latest Cuckoo version: %s!" % e))
return
try:
old = StrictVersion(version) < StrictVersion(r["version"])
except ValueError:
old = True
if old:
msg = "Cuckoo Sandbox version %s is available now." % r["version"]
print(red(" Outdated! ") + msg)
else:
print(green(" You're good to go!"))
print("\n Our latest blogposts:")
for blogpost in r["blogposts"]:
print(" * %s, %s." % (yellow(blogpost["title"]), blogpost["date"]))
print(" %s" % red(blogpost["oneline"]))
print(" More at %s" % blogpost["url"])
print("")
return r
def check_version(ignore_vuln=False):
"""Check version of Cuckoo."""
if not config("cuckoo:cuckoo:version_check"):
return
ignore_vuln = ignore_vuln or config("cuckoo:cuckoo:ignore_vulnerabilities")
import pkg_resources
print(" Checking for updates...")
try:
r = requests.get("https://cuckoosandbox.org/updates.json",
params={"version": version},
timeout=6)
r.raise_for_status()
r = r.json()
except (requests.RequestException, ValueError) as e:
print(red(" Error checking for the latest Cuckoo version: %s!" % e))
return
try:
old = StrictVersion(version) < StrictVersion(r["version"])
except ValueError:
old = True
warnings = []
for deptype, vulns in r.get("vulnerable", {}).iteritems():
for dep in vulns:
compare = dep.get("highest") or dep.get("lowest")
# Check if any of the mentioned Python dependencies are installed
if deptype == "pydep":
try:
v = pkg_resources.get_distribution(
dep["name"]).parsed_version
except (pkg_resources.DistributionNotFound, ValueError):
continue
# See if the mentioned virtualization software is used
elif deptype == "machinery":
if config("cuckoo:cuckoo:machinery") != dep["name"]:
continue
# If the version number cannot be determined, raise a warning
# to be sure. Virtualization vulnerabilities can potentially
# cause a lot of damage
v = cuckoo.machinery.plugins[dep["name"]].version()
if not v:
warnings.append(
bold(
red("Potentially vulnerable %s version installed. "
"Failed to retrieve its version. Update if version"
" is: %s" % (dep["name"], compare))))
continue
else:
continue
warn = False
# If a range is specified, check if the current version falls
# within the range.
if dep.get("highest") and dep.get("lowest"):
lv = LooseVersion(str(v))
if (lv >= LooseVersion(dep["lowest"])
and lv <= LooseVersion(dep["highest"])):
warn = True
# If no range is specified, use the specified operator to see if
# the installed version is
# 'if <operator> highest/lowest specified'
elif cmp_version(str(v), compare, dep["op"]):
warn = True
# Warn the user the dependency must be updated/
if warn:
info = dep.get("info")
message = "Vulnerable version of %s installed (%s). It is " \
"highly recommended to update. Please update and " \
"restart Cuckoo." % (dep["name"], v)
if deptype == "pydep":
message += " 'pip install %s%s'" % (dep["name"],
dep["recommended"])
else:
message += " Recommended version: %s" % dep["recommended"]
message = bold(red(message))
if info:
message += yellow("\nAdditional information: %s" % info)
warnings.append(message)
if warnings:
print(color(bold(red("Vulnerable dependencies found\n")), 5))
for warning in warnings:
print("--> %s\n" % color(warning, 4))
if warnings and not ignore_vuln:
print(
"This check can be disabled by enabling "
"'ignore_vulnerabilities' in cuckoo.conf under the "
"[cuckoo] section")
sys.exit(1)
if old:
msg = "Cuckoo Sandbox version %s is available now." % r["version"]
print(red(" Outdated! ") + msg)
else:
print(green(" You're good to go!"))
print("\n Our latest blogposts:")
for blogpost in r["blogposts"]:
print(" * %s, %s." % (yellow(blogpost["title"]), blogpost["date"]))
print(" %s" % red(blogpost["oneline"]))
print(" More at %s" % blogpost["url"])
print("")
return r
def cuckoo_init(level, ctx, cfg=None):
"""Initialize Cuckoo configuration.
@param quiet: enable quiet mode.
"""
logo()
# It would appear this is the first time Cuckoo is being run (on this
# Cuckoo Working Directory anyway).
if not os.path.isdir(cwd()) or not os.listdir(cwd()):
cuckoo_create(ctx.user, cfg)
sys.exit(0)
# Determine if this is a proper CWD.
if not os.path.exists(cwd(".cwd")):
sys.exit(
"No proper Cuckoo Working Directory was identified, did you pass "
"along the correct directory? For new installations please use a "
"non-existant directory to build up the CWD! You can craft a CWD "
"manually, but keep in mind that the CWD layout may change along "
"with Cuckoo releases (and don't forget to fill out '$CWD/.cwd')!"
)
init_console_logging(level)
check_configs()
check_version()
ctx.log and init_logging(level)
# Determine if any CWD updates are required and if so, do them.
current = open(cwd(".cwd"), "rb").read().strip()
latest = open(cwd(".cwd", private=True), "rb").read().strip()
if current != latest:
migrate_cwd()
open(cwd(".cwd"), "wb").write(latest)
Database().connect()
# Load additional Signatures.
load_signatures()
init_modules()
init_tasks()
init_yara()
init_binaries()
init_rooter()
init_routing()
signatures = 0
for sig in cuckoo.signatures:
if not sig.enabled:
continue
signatures += 1
if not signatures:
log.warning(
"It appears that you haven't loaded any Cuckoo Signatures. "
"Signatures are highly recommended and improve & enrich the "
"information extracted during an analysis. They also make up "
"for the analysis score that you see in the Web Interface - so, "
"pretty important!"
)
log.warning(
"You'll be able to fetch all the latest Cuckoo Signaturs, Yara "
"rules, and more goodies by running the following command:"
)
raw = cwd(raw=True)
if raw == "." or raw == "~/.cuckoo":
command = "cuckoo community"
elif " " in raw or "'" in raw:
command = 'cuckoo --cwd "%s" community' % raw
else:
command = "cuckoo --cwd %s community" % raw
log.info("$ %s", green(command))
def cuckoo_init(level, ctx, cfg=None):
"""Initialize Cuckoo configuration.
@param quiet: enable quiet mode.
"""
logo()
# It would appear this is the first time Cuckoo is being run (on this
# Cuckoo Working Directory anyway).
if not os.path.isdir(cwd()) or not os.listdir(cwd()):
cuckoo_create(ctx.user, cfg)
sys.exit(0)
# Determine if this is a proper CWD.
if not os.path.exists(cwd(".cwd")):
sys.exit(
"No proper Cuckoo Working Directory was identified, did you pass "
"along the correct directory? For new installations please use a "
"non-existant directory to build up the CWD! You can craft a CWD "
"manually, but keep in mind that the CWD layout may change along "
"with Cuckoo releases (and don't forget to fill out '$CWD/.cwd')!"
)
init_console_logging(level)
# Only one Cuckoo process should exist per CWD. Run this check before any
# files are possibly modified. Note that we mkdir $CWD/pidfiles/ here as
# its CWD migration rules only kick in after the pidfile check.
mkdir(cwd("pidfiles"))
pidfile = Pidfile("cuckoo")
if pidfile.exists():
log.error(red("Cuckoo is already running. PID: %s"), pidfile.pid)
sys.exit(1)
pidfile.create()
check_configs()
check_version()
ctx.log and init_logging(level)
# Determine if any CWD updates are required and if so, do them.
current = open(cwd(".cwd"), "rb").read().strip()
latest = open(cwd(".cwd", private=True), "rb").read().strip()
if current != latest:
migrate_cwd()
open(cwd(".cwd"), "wb").write(latest)
Database().connect()
# Load additional Signatures.
load_signatures()
init_modules()
init_tasks()
init_yara()
init_binaries()
init_rooter()
init_routing()
signatures = 0
for sig in cuckoo.signatures:
if not sig.enabled:
continue
signatures += 1
if not signatures:
log.warning(
"It appears that you haven't loaded any Cuckoo Signatures. "
"Signatures are highly recommended and improve & enrich the "
"information extracted during an analysis. They also make up "
"for the analysis score that you see in the Web Interface - so, "
"pretty important!"
)
log.warning(
"You'll be able to fetch all the latest Cuckoo Signaturs, Yara "
"rules, and more goodies by running the following command:"
)
raw = cwd(raw=True)
if raw == "." or raw == "~/.cuckoo":
command = "cuckoo community"
elif " " in raw or "'" in raw:
command = 'cuckoo --cwd "%s" community' % raw
else:
command = "cuckoo --cwd %s community" % raw
log.info("$ %s", green(command))
def cuckoo_init(level, ctx, cfg=None):
"""Initialize Cuckoo configuration.
@param quiet: enable quiet mode.
"""
logo()
# It would appear this is the first time Cuckoo is being run (on this
# Cuckoo Working Directory anyway).
if not os.path.isdir(cwd()) or not os.listdir(cwd()):
cuckoo_create(ctx.user, cfg)
sys.exit(0)
# Determine if this is a proper CWD.
if not os.path.exists(cwd(".cwd")):
sys.exit(
"No proper Cuckoo Working Directory was identified, did you pass "
"along the correct directory? For new installations please use a "
"non-existant directory to build up the CWD! You can craft a CWD "
"manually, but keep in mind that the CWD layout may change along "
"with Cuckoo releases (and don't forget to fill out '$CWD/.cwd')!")
init_console_logging(level)
# Only one Cuckoo process should exist per CWD. Run this check before any
# files are possibly modified. Note that we mkdir $CWD/pidfiles/ here as
# its CWD migration rules only kick in after the pidfile check.
mkdir(cwd("pidfiles"))
pidfile = Pidfile("cuckoo")
if pidfile.exists():
log.error(red("Cuckoo is already running. PID: %s"), pidfile.pid)
sys.exit(1)
pidfile.create()
check_configs()
check_version()
ctx.log and init_logging(level)
# Determine if any CWD updates are required and if so, do them.
current = open(cwd(".cwd"), "rb").read().strip()
latest = open(cwd(".cwd", private=True), "rb").read().strip()
if current != latest:
migrate_cwd()
open(cwd(".cwd"), "wb").write(latest)
# Ensure the user is able to create and read temporary files.
if not ensure_tmpdir():
sys.exit(1)
Database().connect()
# Load additional Signatures.
load_signatures()
init_modules()
init_tasks()
init_yara()
init_binaries()
init_rooter()
init_routing()
signatures = 0
for sig in cuckoo.signatures:
if not sig.enabled:
continue
signatures += 1
if not signatures:
log.warning(
"It appears that you haven't loaded any Cuckoo Signatures. "
"Signatures are highly recommended and improve & enrich the "
"information extracted during an analysis. They also make up "
"for the analysis score that you see in the Web Interface - so, "
"pretty important!")
log.warning(
"You'll be able to fetch all the latest Cuckoo Signaturs, Yara "
"rules, and more goodies by running the following command:")
log.info("$ %s", green(format_command("community")))
def cuckoo_init(level, ctx, cfg=None):
"""Initialize Cuckoo configuration.
@param quiet: enable quiet mode.
"""
logo()
# It would appear this is the first time Cuckoo is being run (on this
# Cuckoo Working Directory anyway).
if not os.path.isdir(cwd()) or not os.listdir(cwd()):
cuckoo_create(ctx.user, cfg)
sys.exit(0)
# Determine if this is a proper CWD.
if not os.path.exists(cwd(".cwd")):
sys.exit(
"No proper Cuckoo Working Directory was identified, did you pass "
"along the correct directory?"
)
init_console_logging(level)
check_configs()
check_version()
ctx.log and init_logging(level)
# Determine if any CWD updates are required and if so, do them.
current = open(cwd(".cwd"), "rb").read().strip()
latest = open(cwd(".cwd", private=True), "rb").read().strip()
if current != latest:
migrate_cwd()
open(cwd(".cwd"), "wb").write(latest)
Database().connect()
# Load additional Signatures.
load_signatures()
init_modules()
init_tasks()
init_yara()
init_binaries()
init_rooter()
init_routing()
signatures = 0
for sig in cuckoo.signatures:
if not sig.enabled:
continue
signatures += 1
if not signatures:
log.warning(
"It appears that you haven't loaded any Cuckoo Signatures. "
"Signatures are highly recommended and improve & enrich the "
"information extracted during an analysis. They also make up "
"for the analysis score that you see in the Web Interface - so, "
"pretty important!"
)
log.warning(
"You'll be able to fetch all the latest Cuckoo Signaturs, Yara "
"rules, and more goodies by running the following command:"
)
raw = cwd(raw=True)
if raw == "." or raw == "~/.cuckoo":
command = "cuckoo community"
elif " " in raw or "'" in raw:
command = 'cuckoo --cwd "%s" community' % raw
else:
command = "cuckoo --cwd %s community" % raw
log.info("$ %s", green(command))
