def submit(ctx, target, url, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, baseline, remote, shuffle, pattern, max, unique): """Submit one or more files or URLs to Cuckoo.""" init_console_logging(level=ctx.parent.level) Database().connect() try: l = submit_tasks( target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, max, unique, url, baseline, shuffle ) for category, target, task_id in l: if task_id: print "%s: %s \"%s\" added as task with ID #%s" % ( bold(green("Success")), category, target, task_id ) else: print "%s: %s \"%s\" as it has already been analyzed" % ( bold(yellow("Skipped")), category, target ) except KeyboardInterrupt: print(red("Aborting submission of samples.."))
def submit(ctx, target, url, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, baseline, remote, shuffle, pattern, max, unique): """Submit one or more files or URLs to Cuckoo.""" init_console_logging(level=ctx.parent.level) Database().connect() try: l = submit_tasks( target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, max, unique, url, baseline, shuffle ) for category, target, task_id in l: if task_id: print "%s: %s \"%s\" added as task with ID #%s" % ( bold(green("Success")), category, target, task_id ) else: print "%s: %s \"%s\" as it has already been analyzed" % ( bold(yellow("Skipped")), category, target ) except KeyboardInterrupt: print(red("Aborting submission of samples.."))
def check_version(): """Checks version of Cuckoo.""" if not config("cuckoo:cuckoo:version_check"): return print(" Checking for updates...") try: r = requests.get("https://cuckoosandbox.org/updates.json", params={"version": version}, timeout=6) r.raise_for_status() r = r.json() except (requests.RequestException, ValueError) as e: print(red(" Error checking for the latest Cuckoo version: %s!" % e)) return try: old = StrictVersion(version) < StrictVersion(r["version"]) except ValueError: old = True if old: msg = "Cuckoo Sandbox version %s is available now." % r["version"] print(red(" Outdated! ") + msg) else: print(green(" You're good to go!")) print("\n Our latest blogposts:") for blogpost in r["blogposts"]: print(" * %s, %s." % (yellow(blogpost["title"]), blogpost["date"])) print(" %s" % red(blogpost["oneline"])) print(" More at %s" % blogpost["url"]) print("") return r
def check_version(): """Checks version of Cuckoo.""" if not config("cuckoo:cuckoo:version_check"): return print(" Checking for updates...") try: r = requests.post( "http://api.cuckoosandbox.org/checkversion.php", data={"version": version} ) r.raise_for_status() r = r.json() except (requests.RequestException, ValueError) as e: print(red(" Error checking for the latest Cuckoo version: %s!" % e)) return if not isinstance(r, dict) or r.get("error"): print(red(" Error checking for the latest Cuckoo version:")) print(yellow(" Response: %s" % r)) return rc1_responses = "NEW_VERSION", "NO_UPDATES" # Deprecated response. if r.get("response") in rc1_responses and r.get("current") == "2.0-rc1": print(green(" You're good to go!")) return try: old = StrictVersion(version) < StrictVersion(r.get("current")) except ValueError: old = True if old: msg = "Cuckoo Sandbox version %s is available now." % r.get("current") print(red(" Outdated! ") + msg), else: print(green(" You're good to go!"))
def check_version(): """Checks version of Cuckoo.""" if not config("cuckoo:cuckoo:version_check"): return print(" Checking for updates...") try: r = requests.post( "http://api.cuckoosandbox.org/checkversion.php", data={"version": version} ) r.raise_for_status() r = r.json() except (requests.RequestException, ValueError) as e: print(red(" Error checking for the latest Cuckoo version: %s!" % e)) return if not isinstance(r, dict) or r.get("error"): print(red(" Error checking for the latest Cuckoo version:")) print(yellow(" Response: %s" % r)) return rc1_responses = "NEW_VERSION", "NO_UPDATES" # Deprecated response. if r.get("response") in rc1_responses and r.get("current") == "2.0-rc1": print(green(" You're good to go!")) return try: old = StrictVersion(version) < StrictVersion(r.get("current")) except ValueError: old = True if old: msg = "Cuckoo Sandbox version %s is available now." % r.get("current") print(red(" Outdated! ") + msg), else: print(green(" You're good to go!"))
def check_version(): """Checks version of Cuckoo.""" if not config("cuckoo:cuckoo:version_check"): return print(" Checking for updates...") try: r = requests.get( "https://cuckoosandbox.org/updates.json", params={"version": version}, timeout=6 ) r.raise_for_status() r = r.json() except (requests.RequestException, ValueError) as e: print(red(" Error checking for the latest Cuckoo version: %s!" % e)) return try: old = StrictVersion(version) < StrictVersion(r["version"]) except ValueError: old = True if old: msg = "Cuckoo Sandbox version %s is available now." % r["version"] print(red(" Outdated! ") + msg) else: print(green(" You're good to go!")) print("\n Our latest blogposts:") for blogpost in r["blogposts"]: print(" * %s, %s." % (yellow(blogpost["title"]), blogpost["date"])) print(" %s" % red(blogpost["oneline"])) print(" More at %s" % blogpost["url"]) print("") return r
def check_version(ignore_vuln=False): """Check version of Cuckoo.""" if not config("cuckoo:cuckoo:version_check"): return ignore_vuln = ignore_vuln or config("cuckoo:cuckoo:ignore_vulnerabilities") import pkg_resources print(" Checking for updates...") try: r = requests.get("https://cuckoosandbox.org/updates.json", params={"version": version}, timeout=6) r.raise_for_status() r = r.json() except (requests.RequestException, ValueError) as e: print(red(" Error checking for the latest Cuckoo version: %s!" % e)) return try: old = StrictVersion(version) < StrictVersion(r["version"]) except ValueError: old = True warnings = [] for deptype, vulns in r.get("vulnerable", {}).iteritems(): for dep in vulns: compare = dep.get("highest") or dep.get("lowest") # Check if any of the mentioned Python dependencies are installed if deptype == "pydep": try: v = pkg_resources.get_distribution( dep["name"]).parsed_version except (pkg_resources.DistributionNotFound, ValueError): continue # See if the mentioned virtualization software is used elif deptype == "machinery": if config("cuckoo:cuckoo:machinery") != dep["name"]: continue # If the version number cannot be determined, raise a warning # to be sure. Virtualization vulnerabilities can potentially # cause a lot of damage v = cuckoo.machinery.plugins[dep["name"]].version() if not v: warnings.append( bold( red("Potentially vulnerable %s version installed. " "Failed to retrieve its version. Update if version" " is: %s" % (dep["name"], compare)))) continue else: continue warn = False # If a range is specified, check if the current version falls # within the range. if dep.get("highest") and dep.get("lowest"): lv = LooseVersion(str(v)) if (lv >= LooseVersion(dep["lowest"]) and lv <= LooseVersion(dep["highest"])): warn = True # If no range is specified, use the specified operator to see if # the installed version is # 'if <operator> highest/lowest specified' elif cmp_version(str(v), compare, dep["op"]): warn = True # Warn the user the dependency must be updated/ if warn: info = dep.get("info") message = "Vulnerable version of %s installed (%s). It is " \ "highly recommended to update. Please update and " \ "restart Cuckoo." % (dep["name"], v) if deptype == "pydep": message += " 'pip install %s%s'" % (dep["name"], dep["recommended"]) else: message += " Recommended version: %s" % dep["recommended"] message = bold(red(message)) if info: message += yellow("\nAdditional information: %s" % info) warnings.append(message) if warnings: print(color(bold(red("Vulnerable dependencies found\n")), 5)) for warning in warnings: print("--> %s\n" % color(warning, 4)) if warnings and not ignore_vuln: print( "This check can be disabled by enabling " "'ignore_vulnerabilities' in cuckoo.conf under the " "[cuckoo] section") sys.exit(1) if old: msg = "Cuckoo Sandbox version %s is available now." % r["version"] print(red(" Outdated! ") + msg) else: print(green(" You're good to go!")) print("\n Our latest blogposts:") for blogpost in r["blogposts"]: print(" * %s, %s." % (yellow(blogpost["title"]), blogpost["date"])) print(" %s" % red(blogpost["oneline"])) print(" More at %s" % blogpost["url"]) print("") return r
def cuckoo_init(level, ctx, cfg=None): """Initialize Cuckoo configuration. @param quiet: enable quiet mode. """ logo() # It would appear this is the first time Cuckoo is being run (on this # Cuckoo Working Directory anyway). if not os.path.isdir(cwd()) or not os.listdir(cwd()): cuckoo_create(ctx.user, cfg) sys.exit(0) # Determine if this is a proper CWD. if not os.path.exists(cwd(".cwd")): sys.exit( "No proper Cuckoo Working Directory was identified, did you pass " "along the correct directory? For new installations please use a " "non-existant directory to build up the CWD! You can craft a CWD " "manually, but keep in mind that the CWD layout may change along " "with Cuckoo releases (and don't forget to fill out '$CWD/.cwd')!" ) init_console_logging(level) check_configs() check_version() ctx.log and init_logging(level) # Determine if any CWD updates are required and if so, do them. current = open(cwd(".cwd"), "rb").read().strip() latest = open(cwd(".cwd", private=True), "rb").read().strip() if current != latest: migrate_cwd() open(cwd(".cwd"), "wb").write(latest) Database().connect() # Load additional Signatures. load_signatures() init_modules() init_tasks() init_yara() init_binaries() init_rooter() init_routing() signatures = 0 for sig in cuckoo.signatures: if not sig.enabled: continue signatures += 1 if not signatures: log.warning( "It appears that you haven't loaded any Cuckoo Signatures. " "Signatures are highly recommended and improve & enrich the " "information extracted during an analysis. They also make up " "for the analysis score that you see in the Web Interface - so, " "pretty important!" ) log.warning( "You'll be able to fetch all the latest Cuckoo Signaturs, Yara " "rules, and more goodies by running the following command:" ) raw = cwd(raw=True) if raw == "." or raw == "~/.cuckoo": command = "cuckoo community" elif " " in raw or "'" in raw: command = 'cuckoo --cwd "%s" community' % raw else: command = "cuckoo --cwd %s community" % raw log.info("$ %s", green(command))
def cuckoo_init(level, ctx, cfg=None): """Initialize Cuckoo configuration. @param quiet: enable quiet mode. """ logo() # It would appear this is the first time Cuckoo is being run (on this # Cuckoo Working Directory anyway). if not os.path.isdir(cwd()) or not os.listdir(cwd()): cuckoo_create(ctx.user, cfg) sys.exit(0) # Determine if this is a proper CWD. if not os.path.exists(cwd(".cwd")): sys.exit( "No proper Cuckoo Working Directory was identified, did you pass " "along the correct directory? For new installations please use a " "non-existant directory to build up the CWD! You can craft a CWD " "manually, but keep in mind that the CWD layout may change along " "with Cuckoo releases (and don't forget to fill out '$CWD/.cwd')!" ) init_console_logging(level) # Only one Cuckoo process should exist per CWD. Run this check before any # files are possibly modified. Note that we mkdir $CWD/pidfiles/ here as # its CWD migration rules only kick in after the pidfile check. mkdir(cwd("pidfiles")) pidfile = Pidfile("cuckoo") if pidfile.exists(): log.error(red("Cuckoo is already running. PID: %s"), pidfile.pid) sys.exit(1) pidfile.create() check_configs() check_version() ctx.log and init_logging(level) # Determine if any CWD updates are required and if so, do them. current = open(cwd(".cwd"), "rb").read().strip() latest = open(cwd(".cwd", private=True), "rb").read().strip() if current != latest: migrate_cwd() open(cwd(".cwd"), "wb").write(latest) Database().connect() # Load additional Signatures. load_signatures() init_modules() init_tasks() init_yara() init_binaries() init_rooter() init_routing() signatures = 0 for sig in cuckoo.signatures: if not sig.enabled: continue signatures += 1 if not signatures: log.warning( "It appears that you haven't loaded any Cuckoo Signatures. " "Signatures are highly recommended and improve & enrich the " "information extracted during an analysis. They also make up " "for the analysis score that you see in the Web Interface - so, " "pretty important!" ) log.warning( "You'll be able to fetch all the latest Cuckoo Signaturs, Yara " "rules, and more goodies by running the following command:" ) raw = cwd(raw=True) if raw == "." or raw == "~/.cuckoo": command = "cuckoo community" elif " " in raw or "'" in raw: command = 'cuckoo --cwd "%s" community' % raw else: command = "cuckoo --cwd %s community" % raw log.info("$ %s", green(command))
def cuckoo_init(level, ctx, cfg=None): """Initialize Cuckoo configuration. @param quiet: enable quiet mode. """ logo() # It would appear this is the first time Cuckoo is being run (on this # Cuckoo Working Directory anyway). if not os.path.isdir(cwd()) or not os.listdir(cwd()): cuckoo_create(ctx.user, cfg) sys.exit(0) # Determine if this is a proper CWD. if not os.path.exists(cwd(".cwd")): sys.exit( "No proper Cuckoo Working Directory was identified, did you pass " "along the correct directory? For new installations please use a " "non-existant directory to build up the CWD! You can craft a CWD " "manually, but keep in mind that the CWD layout may change along " "with Cuckoo releases (and don't forget to fill out '$CWD/.cwd')!") init_console_logging(level) # Only one Cuckoo process should exist per CWD. Run this check before any # files are possibly modified. Note that we mkdir $CWD/pidfiles/ here as # its CWD migration rules only kick in after the pidfile check. mkdir(cwd("pidfiles")) pidfile = Pidfile("cuckoo") if pidfile.exists(): log.error(red("Cuckoo is already running. PID: %s"), pidfile.pid) sys.exit(1) pidfile.create() check_configs() check_version() ctx.log and init_logging(level) # Determine if any CWD updates are required and if so, do them. current = open(cwd(".cwd"), "rb").read().strip() latest = open(cwd(".cwd", private=True), "rb").read().strip() if current != latest: migrate_cwd() open(cwd(".cwd"), "wb").write(latest) # Ensure the user is able to create and read temporary files. if not ensure_tmpdir(): sys.exit(1) Database().connect() # Load additional Signatures. load_signatures() init_modules() init_tasks() init_yara() init_binaries() init_rooter() init_routing() signatures = 0 for sig in cuckoo.signatures: if not sig.enabled: continue signatures += 1 if not signatures: log.warning( "It appears that you haven't loaded any Cuckoo Signatures. " "Signatures are highly recommended and improve & enrich the " "information extracted during an analysis. They also make up " "for the analysis score that you see in the Web Interface - so, " "pretty important!") log.warning( "You'll be able to fetch all the latest Cuckoo Signaturs, Yara " "rules, and more goodies by running the following command:") log.info("$ %s", green(format_command("community")))
def cuckoo_init(level, ctx, cfg=None): """Initialize Cuckoo configuration. @param quiet: enable quiet mode. """ logo() # It would appear this is the first time Cuckoo is being run (on this # Cuckoo Working Directory anyway). if not os.path.isdir(cwd()) or not os.listdir(cwd()): cuckoo_create(ctx.user, cfg) sys.exit(0) # Determine if this is a proper CWD. if not os.path.exists(cwd(".cwd")): sys.exit( "No proper Cuckoo Working Directory was identified, did you pass " "along the correct directory?" ) init_console_logging(level) check_configs() check_version() ctx.log and init_logging(level) # Determine if any CWD updates are required and if so, do them. current = open(cwd(".cwd"), "rb").read().strip() latest = open(cwd(".cwd", private=True), "rb").read().strip() if current != latest: migrate_cwd() open(cwd(".cwd"), "wb").write(latest) Database().connect() # Load additional Signatures. load_signatures() init_modules() init_tasks() init_yara() init_binaries() init_rooter() init_routing() signatures = 0 for sig in cuckoo.signatures: if not sig.enabled: continue signatures += 1 if not signatures: log.warning( "It appears that you haven't loaded any Cuckoo Signatures. " "Signatures are highly recommended and improve & enrich the " "information extracted during an analysis. They also make up " "for the analysis score that you see in the Web Interface - so, " "pretty important!" ) log.warning( "You'll be able to fetch all the latest Cuckoo Signaturs, Yara " "rules, and more goodies by running the following command:" ) raw = cwd(raw=True) if raw == "." or raw == "~/.cuckoo": command = "cuckoo community" elif " " in raw or "'" in raw: command = 'cuckoo --cwd "%s" community' % raw else: command = "cuckoo --cwd %s community" % raw log.info("$ %s", green(command))