def init_modules():
"""Initializes plugins."""
log.debug("Importing modules...")
# Import all processing modules.
import_package(modules.processing)
# Import all signatures.
import_package(modules.signatures)
# Import only enabled reporting modules.
report_cfg = Config(cfg=os.path.join(CUCKOO_ROOT,
"conf",
"reporting.conf"))
prefix = modules.reporting.__name__ + "."
for loader, name, ispkg in pkgutil.iter_modules(modules.reporting.__path__):
if ispkg:
continue
try:
options = report_cfg.get(name)
except AttributeError:
log.debug("Reporting module %s not found in "
"configuration file" % module_name)
if not options.enabled:
continue
import_plugin("%s.%s" % (modules.reporting.__name__, name))
# Import machine manager.
import_plugin("modules.machinemanagers.%s"
% Config().cuckoo.machine_manager)
for category, mods in list_plugins().items():
log.debug("Imported \"%s\" modules:" % category)
for mod in mods:
if mod == mods[-1]:
log.debug("\t `-- %s" % mod.__name__)
else:
log.debug("\t |-- %s" % mod.__name__)
class TestConfig:
CONF_EXAMPLE = """
[cuckoo]
debug = off
analysis_timeout = 120
critical_timeout = 600
delete_original = off
machine_manager = kvm
use_sniffer = no
tcpdump = /usr/sbin/tcpdump
interface = vboxnet0
"""
def setUp(self):
self.file = tempfile.mkstemp()[1]
self._load_conf(self.CONF_EXAMPLE)
self.c = Config(self.file)
def _load_conf(self, conf):
"""Loads a configuration from a string.
@param conf: configuration string.
"""
f = open(self.file, "w")
f.write(conf)
f.close()
def test_get_option_exist(self):
"""Fetch an option of each type from default config file."""
assert_equals(self.c.get("cuckoo")["debug"], False)
assert_equals(self.c.get("cuckoo")["tcpdump"], "/usr/sbin/tcpdump")
assert_equals(self.c.get("cuckoo")["critical_timeout"], 600)
def test_config_file_not_found(self):
assert Config("foo")
@raises(CuckooOperationalError)
def test_get_option_not_found(self):
self.c.get("foo")
@raises(CuckooOperationalError)
def test_get_option_not_found_in_file_not_found(self):
self.c = Config("bar")
self.c.get("foo")
class Reporter:
"""Reporting Engine.
This class handles the loading and execution of the enabled reporting
modules. It receives the analysis results dictionary from the Processing
Engine and pass it over to the reporting modules before executing them.
"""
def __init__(self, task_id):
"""@param analysis_path: analysis folder path.
"""
self.task = Database().view_task(task_id).to_dict()
self.analysis_path = os.path.join(CUCKOO_ROOT,
"storage",
"analyses",
str(task_id))
self.cfg = Config(cfg=os.path.join(CUCKOO_ROOT,
"conf",
"reporting.conf"))
def _run_report(self, module, results):
"""Run a single reporting module.
@param module: reporting module.
@param results: results results from analysis.
"""
# Initialize current reporting module.
current = module()
# Give it the path to the analysis results folder.
current.set_path(self.analysis_path)
# Load the content of the analysis.conf file.
current.cfg = Config(current.conf_path)
# Extract the module name.
module_name = inspect.getmodule(current).__name__
if "." in module_name:
module_name = module_name.rsplit(".", 1)[1]
options = self.cfg.get(module_name)
# If the reporting module is disabled in the config, skip it.
if not options.enabled:
return
# Give it the content of the relevant section from the reporting.conf
# configuration file.
current.set_options(options)
current.set_task(self.task)
try:
# Run report, for each report a brand new copy of results is
# created, to prevent a reporting module to edit global
# result set and affect other reporting modules.
current.run(results)
log.debug("Executed reporting module \"%s\""
% current.__class__.__name__)
except CuckooReportError as e:
log.warning("The reporting module \"%s\" returned the following "
"error: %s" % (current.__class__.__name__, e))
except Exception as e:
log.exception("Failed to run the reporting module \"%s\":"
% (current.__class__.__name__))
def run(self, results):
"""Generates all reports.
@param results: analysis results.
@raise CuckooReportError: if a report module fails.
"""
# In every reporting module you can specify a numeric value that
# represents at which position that module should be executed among
# all the available ones. It can be used in the case where a
# module requires another one to be already executed beforehand.
modules_list = list_plugins(group="reporting")
# Return if no reporting modules are loaded.
if not modules_list:
log.debug("No reporting modules loaded")
return
modules_list.sort(key=lambda module: module.order)
# Run every loaded reporting module.
for module in modules_list:
self._run_report(module, results)
