def start_analysis(self, options, monitor):
"""Start analysis.
@param options: options.
@return: operation status.
"""
# TODO Deal with unicode URLs, should probably try URL encoding.
# Unicode files are being taken care of.
self.timeout = options["timeout"] + config("cuckoo:timeouts:critical")
url = "http://{0}:{1}".format(self.ip, CUCKOO_GUEST_PORT)
self.server = TimeoutServer(url, allow_none=True, timeout=self.timeout)
try:
# Wait for the agent to respond. This is done to check the
# availability of the agent and verify that it's ready to receive
# data.
self.wait(CUCKOO_GUEST_INIT)
if not self.do_run:
return
# Invoke the upload of the analyzer to the guest.
self.upload_analyzer(monitor)
# Give the analysis options to the guest, so it can generate the
# analysis.conf inside the guest.
try:
self.server.add_config(options)
except:
raise CuckooGuestError(
"%s: unable to upload config to analysis machine" %
self.id)
# If the target of the analysis is a file, upload it to the guest.
if options["category"] in ("file", "archive"):
try:
file_data = open(options["target"], "rb").read()
except (IOError, OSError) as e:
raise CuckooGuestError("Unable to read %s, error: %s" %
(options["target"], e))
data = xmlrpclib.Binary(file_data)
try:
self.server.add_malware(data, options["file_name"])
except Exception as e:
raise CuckooGuestError(
"#%s: unable to upload malware to analysis "
"machine: %s" % (self.id, e))
# Launch the analyzer.
pid = self.server.execute()
log.debug("%s: analyzer started with PID %d", self.id, pid)
# If something goes wrong when establishing the connection, raise an
# exception and abort the analysis.
except (socket.timeout, socket.error):
raise CuckooGuestError(
"%s: guest communication timeout, check networking or try "
"to increase timeout" % self.id)
def _status(self, label):
"""Gets current status of a physical machine.
@param label: physical machine name.
@return: status string.
"""
# For physical machines, the agent can either be contacted or not.
# However, there is some information to be garnered from potential
# exceptions.
log.debug("Getting status for machine: %s.", label)
machine = self._get_machine(label)
# The status is only used to determine whether the Guest is running
# or whether it is in a stopped status, therefore the timeout can most
# likely be fairly arbitrary. TODO This is a temporary fix as it is
# not compatible with the new Cuckoo Agent, but it will have to do.
url = "http://{0}:{1}".format(machine.ip, CUCKOO_GUEST_PORT)
server = TimeoutServer(url, allow_none=True, timeout=60)
try:
status = server.get_status()
except xmlrpclib.Fault as e:
# Contacted Agent, but it threw an error.
log.debug("Agent error: %s (%s) (Error: %s).",
machine.id, machine.ip, e)
return self.ERROR
except socket.error as e:
# Could not contact agent.
log.debug("Agent unresponsive: %s (%s) (Error: %s).",
machine.id, machine.ip, e)
return self.STOPPED
except Exception as e:
# TODO Handle this better.
log.debug("Received unknown exception: %s.", e)
return self.ERROR
# If the agent responded successfully, then the physical machine
# is running
if status:
return self.RUNNING
return self.ERROR