def main():
parser = argparse.ArgumentParser()
parser.add_argument("id", type=str, help="ID of the analysis to process (auto for continuous processing of unprocessed tasks).")
parser.add_argument("-c", "--caperesubmit", help="Allow CAPE resubmit processing.", action="store_true", required=False)
parser.add_argument("-d", "--debug", help="Display debug messages", action="store_true", required=False)
parser.add_argument("-r", "--report", help="Re-generate report", action="store_true", required=False)
parser.add_argument("-s", "--signatures", help="Re-execute signatures on the report", action="store_true", required=False)
parser.add_argument("-p", "--parallel", help="Number of parallel threads to use (auto mode only).", type=int, required=False, default=1)
parser.add_argument("-fp", "--failed-processing", help="reprocess failed processing", action="store_true", required=False, default=False)
parser.add_argument("-mc", "--maxtasksperchild", help="Max children tasks per worker", action="store", type=int, required=False, default=7)
parser.add_argument("-md", "--memory-debugging", help="Enable logging garbage collection related info", action="store_true", required=False, default=False)
args = parser.parse_args()
init_yara()
init_modules()
if args.id == "auto":
init_logging(auto=True, debug=args.debug)
autoprocess(parallel=args.parallel, failed_processing=args.failed_processing, maxtasksperchild=args.maxtasksperchild, memory_debugging=args.memory_debugging)
else:
if not os.path.exists(os.path.join(CUCKOO_ROOT, "storage", "analyses", args.id)):
sys.exit(red("\n[-] Analysis folder doesn't exist anymore\n"))
init_logging(tid=args.id, debug=args.debug)
task = Database().view_task(int(args.id))
if args.signatures:
report = os.path.join(CUCKOO_ROOT, "storage", "analyses", args.id, "reports", "report.json")
if not os.path.exists(report):
sys.exit("File {} doest exist".format(report))
results = json.load(open(report))
if results is not None:
RunSignatures(task=task.to_dict(), results=results).run()
else:
process(task=task, report=args.report, capeproc=args.caperesubmit, memory_debugging=args.memory_debugging)
def cuckoo_init(quiet=False, debug=False, artwork=False, test=False, ml=False):
"""Cuckoo initialization workflow.
@param quiet: if set enable silent mode, it doesn't print anything except warnings
@param debug: if set enable debug mode, it print all debug messages
@param artwork: if set it will print only artworks, forever
@param test: enable integration test mode, used only for testing
@param ml: do CuckooML analysis of locally stored samples
"""
cur_path = os.getcwd()
os.chdir(CUCKOO_ROOT)
logo()
check_working_directory()
check_configs()
check_version()
create_structure()
if artwork:
import time
try:
while True:
time.sleep(1)
logo()
except KeyboardInterrupt:
return
init_logging()
if quiet:
log.setLevel(logging.WARN)
elif debug:
log.setLevel(logging.DEBUG)
if ml:
init_cuckooml()
return
init_modules()
init_tasks()
init_yara()
init_binaries()
init_rooter()
init_routing()
# TODO: This is just a temporary hack, we need an actual test suite to
# integrate with Travis-CI.
if test:
return
ResultServer()
os.chdir(cur_path)
def cuckoo_init(quiet=False, debug=False, artwork=False, test=False, ml=False):
"""Cuckoo initialization workflow.
@param quiet: if set enable silent mode, it doesn't print anything except warnings
@param debug: if set enable debug mode, it print all debug messages
@param artwork: if set it will print only artworks, forever
@param test: enable integration test mode, used only for testing
@param ml: do CuckooML analysis of locally stored samples
"""
cur_path = os.getcwd()
os.chdir(CUCKOO_ROOT)
logo()
check_working_directory()
check_configs()
check_version()
create_structure()
if artwork:
import time
try:
while True:
time.sleep(1)
logo()
except KeyboardInterrupt:
return
init_logging()
if quiet:
log.setLevel(logging.WARN)
elif debug:
log.setLevel(logging.DEBUG)
if ml:
init_cuckooml()
return
init_modules()
init_tasks()
init_yara()
init_binaries()
init_rooter()
init_routing()
# TODO: This is just a temporary hack, we need an actual test suite to
# integrate with Travis-CI.
if test:
return
ResultServer()
os.chdir(cur_path)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("id", type=str, help="ID of the analysis to process (auto for continuous processing of unprocessed tasks).")
parser.add_argument("-d", "--debug", help="Display debug messages", action="store_true", required=False)
parser.add_argument("-r", "--report", help="Re-generate report", action="store_true", required=False)
parser.add_argument("-p", "--parallel", help="Number of parallel threads to use (auto mode only).", type=int, required=False, default=1)
args = parser.parse_args()
init_yara()
init_modules()
if args.id == "auto":
init_logging(auto=True, debug=args.debug)
autoprocess(parallel=args.parallel)
else:
init_logging(tid=args.id, debug=args.debug)
task = Database().view_task(int(args.id))
process(task=task, report=args.report)
def cuckoo_init(quiet=False, debug=False, artwork=False, test=False):
cur_path = os.getcwd()
os.chdir(CUCKOO_ROOT)
logo()
check_working_directory()
check_configs()
create_structure()
if artwork:
import time
try:
while True:
time.sleep(1)
logo()
except KeyboardInterrupt:
return
if quiet:
level = logging.WARN
elif debug:
level = logging.DEBUG
else:
level = logging.INFO
log.setLevel(level)
init_logging(level)
check_webgui_mongo()
init_modules()
init_tasks()
init_yara()
init_rooter()
init_routing()
# This is just a temporary hack, we need an actual test suite to integrate
# with Travis-CI.
if test:
return
ResultServer()
os.chdir(cur_path)
def cuckoo_init(quiet=False, debug=False, artwork=False, test=False):
cur_path = os.getcwd()
os.chdir(CUCKOO_ROOT)
logo()
check_working_directory()
check_configs()
check_version()
create_structure()
if artwork:
import time
try:
while True:
time.sleep(1)
logo()
except KeyboardInterrupt:
return
init_logging()
if quiet:
log.setLevel(logging.WARN)
elif debug:
log.setLevel(logging.DEBUG)
init_config()
init_modules()
init_tasks()
init_yara()
# This is just a temporary hack, we need an actual test suite to integrate
# with Travis-CI.
if test:
return
ResultServer()
os.chdir(cur_path)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("id", type=str, help="ID of the analysis to process (auto for continuous processing of unprocessed tasks).")
parser.add_argument("-c", "--caperesubmit", help="Allow CAPE resubmit processing.", action="store_true", required=False)
parser.add_argument("-d", "--debug", help="Display debug messages", action="store_true", required=False)
parser.add_argument("-r", "--report", help="Re-generate report", action="store_true", required=False)
parser.add_argument(
"-p", "--parallel", help="Number of parallel threads to use (auto mode only).", type=int, required=False, default=1
)
parser.add_argument(
"-fp", "--failed-processing", help="reprocess failed processing", action="store_true", required=False, default=False
)
parser.add_argument(
"-mc", "--maxtasksperchild", help="Max children tasks per worker", action="store", type=int, required=False, default=7
)
parser.add_argument(
"-md",
"--memory-debugging",
help="Enable logging garbage collection related info",
action="store_true",
required=False,
default=False,
)
parser.add_argument(
"-pt",
"--processing-timeout",
help="Max amount of time spent in processing before we fail a task",
action="store",
type=int,
required=False,
default=300,
)
testing_args = parser.add_argument_group("Signature testing options")
testing_args.add_argument(
"-sig",
"--signatures",
help="Re-execute signatures on the report, doesn't work for signature with self.get_raw_argument, use self.get_argument",
action="store_true",
default=False,
required=False,
)
testing_args.add_argument(
"-sn",
"--signature-name",
help="Run only one signature. To be used with --signature. Example -sig -sn cape_detected_threat",
action="store",
default=False,
required=False,
)
testing_args.add_argument(
"-jr",
"--json-report",
help="Path to json report, only if data not in mongo/default report location",
action="store",
default=False,
required=False,
)
args = parser.parse_args()
init_yara()
init_modules()
if args.id == "auto":
init_logging(auto=True, debug=args.debug)
autoprocess(
parallel=args.parallel,
failed_processing=args.failed_processing,
maxtasksperchild=args.maxtasksperchild,
memory_debugging=args.memory_debugging,
processing_timeout=args.processing_timeout,
)
else:
if not os.path.exists(os.path.join(CUCKOO_ROOT, "storage", "analyses", args.id)):
sys.exit(red("\n[-] Analysis folder doesn't exist anymore\n"))
init_logging(tid=args.id, debug=args.debug)
task = Database().view_task(int(args.id))
if args.signatures:
conn = False
report = False
# check mongo
if repconf.mongodb.enabled:
conn, _, results = _load_mongo_report(int(args.id), return_one=True)
if not results:
# fallback to json
report = os.path.join(CUCKOO_ROOT, "storage", "analyses", args.id, "reports", "report.json")
if not os.path.exists(report):
if args.json_report and not os.path.exists(args.json_report):
report = args.json_report
else:
sys.exit("File {} doest exist".format(report))
if report:
results = json.load(open(report))
if results is not None:
RunSignatures(task=task.to_dict(), results=results).run(args.signature_name)
else:
process(task=task, report=args.report, capeproc=args.caperesubmit, memory_debugging=args.memory_debugging)
