def breakpoint(self): set_event() self.handler.suspend_machine() print yellow("Run hh() for help") set_bp = self.set_bp set_volshell_bp = self.set_volshell_bp import pdb;pdb.set_trace() self.handler.resume_machine() clear_event()
def logo(): """Cuckoo asciiarts. @return: asciiarts array. """ logos = [] logos.append(""" ),-. / Cuckoo Sandbox <(a `---',' no chance for malwares! ( `-, ._> ) ) _>.___/ _/""") logos.append(""" .-----------------. | Cuckoo Sandbox? | | OH NOES! |\\ '-.__.-' '-----------------' \\ /oo |--.--,--,--. \\_.-'._i__i__i_.' \"\"\"\"\"\"\"\"\"""") print((color(random.choice(logos), random.randrange(31, 37)))) print() print((" Cuckoo Sandbox %s" % yellow(CUCKOO_VERSION))) print(" www.cuckoosandbox.org") print(" Copyright (c) 2010-2015") print() print(" CAPE: Config and Payload Extraction") print(" github.com/kevoreilly/CAPEv2") print() sys.stdout.flush()
def check_version(): """Checks version of Cuckoo.""" cfg = Config() if not cfg.cuckoo.version_check: return print(" Checking for updates...") url = "http://api.cuckoosandbox.org/checkversion.php" data = urllib.urlencode({"version": CUCKOO_VERSION}) try: request = urllib2.Request(url, data) response = urllib2.urlopen(request) except (urllib2.URLError, urllib2.HTTPError): print(red(" Failed! ") + "Unable to establish connection.\n") return try: r = json.loads(response.read()) except ValueError: print(red(" Failed! ") + "Invalid response.\n") return if not r["error"]: if r["response"] == "NEW_VERSION" and r["current"] != "1.2": msg = "Cuckoo Sandbox version %s is available now." % r["current"] print(red(" Outdated! ") + msg) elif r["current"] == "1.2": print(yellow(" Okay! ") + "You are running a development version.") else: print( green(" Good! ") + "You have the latest version " "available.\n")
def check_version(): """Checks version of Cuckoo.""" cfg = Config() if not cfg.cuckoo.version_check: return print(" Checking for updates...") url = "http://api.cuckoosandbox.org/checkversion.php" data = urllib.urlencode({"version": CUCKOO_VERSION}) try: request = urllib2.Request(url, data) response = urllib2.urlopen(request) except (urllib2.URLError, urllib2.HTTPError): print(red(" Failed! ") + "Unable to establish connection.\n") return try: r = json.loads(response.read()) except ValueError: print(red(" Failed! ") + "Invalid response.\n") return if not r["error"]: if r["response"] == "NEW_VERSION" and r["current"] != "1.2": msg = "Cuckoo Sandbox version %s is available now." % r["current"] print(red(" Outdated! ") + msg) elif r["current"] == "1.2": print(yellow(" Okay! ") + "You are running a development version.") else: print(green(" Good! ") + "You have the latest version " "available.\n")
def install(enabled, force, rewrite): (temp, source) = download_archive() folders = { "signatures": os.path.join("modules", "signatures"), "processing": os.path.join("modules", "processing"), "reporting": os.path.join("modules", "reporting"), "machinemanagers": os.path.join("modules", "machinemanagers"), "windows": os.path.join("analyzer", "windows", "bin"), } for category in enabled: folder = folders[category] print("\nInstalling {0}".format(colors.cyan(category.upper()))) origin = os.path.join(source, folder) if not os.path.isdir(origin): print " No candidates available, continuing." continue for file_name in os.listdir(origin): if file_name == ".gitignore": continue destination = os.path.join(CUCKOO_ROOT, folder, file_name) if not rewrite: if os.path.exists(destination): print("File \"{0}\" already exists, " "{1}".format(file_name, colors.yellow("skipped"))) continue install = False if not force: while 1: choice = raw_input("Do you want to install file " "\"{0}\"? [yes/no] ".format(file_name)) if choice.lower() == "yes": install = True break elif choice.lower() == "no": break else: continue else: install = True if install: shutil.copy(os.path.join(origin, file_name), destination) print("File \"{0}\" {1}".format(file_name, colors.green("installed"))) shutil.rmtree(temp)
def install(enabled, force, rewrite, filepath): (temp, source) = download_archive(filepath) folders = { "feeds": os.path.join("modules", "feeds"), "signatures": os.path.join("modules", "signatures"), "processing": os.path.join("modules", "processing"), "reporting": os.path.join("modules", "reporting"), "machinery": os.path.join("modules", "machinery") } for category in enabled: folder = folders.get(category, False) if not folder: continue print("\nInstalling {0}".format(colors.cyan(category.upper()))) origin = os.path.join(source, folder) for file_name in os.listdir(origin): if file_name == ".gitignore": continue destination = os.path.join(CUCKOO_ROOT, folder, file_name) if not rewrite: if os.path.exists(destination): print("File \"{0}\" already exists, " "{1}".format(file_name, colors.yellow("skipped"))) continue install = False if not force: while 1: choice = input("Do you want to install file " "\"{0}\"? [yes/no] ".format(file_name)) if choice.lower() == "yes": install = True break elif choice.lower() == "no": break else: continue else: install = True if install: shutil.copy(os.path.join(origin, file_name), destination) print("File \"{0}\" {1}".format(file_name, colors.green("installed"))) shutil.rmtree(temp)
def installdir(src, dst, force, rewrite, origin=[]): for file_name in os.listdir(src): if file_name == ".gitignore": continue destination = os.path.join(dst, file_name) if not rewrite: if os.path.exists(destination): print("File \"{0}\" already exists, " "{1}".format(file_name, colors.yellow("skipped"))) continue install = False if not force: while 1: choice = raw_input("Do you want to install file " "\"{0}\"? [yes/no] ".format(file_name)) if choice.lower() == "yes": install = True break elif choice.lower() == "no": break else: continue else: install = True if install: srcpath = os.path.join(src, file_name) if os.path.islink(srcpath): if os.path.lexists(destination): try: shutil.rmtree(destination) except OSError: os.unlink(destination) os.symlink(os.readlink(srcpath), destination) print "Symbolic link \"%s/%s\" -> \"%s\" %s" % ( "/".join(origin), file_name, os.readlink(srcpath), colors.green("installed")) elif os.path.isdir(srcpath): installdir(srcpath, destination, force, rewrite, origin + [file_name]) else: if not os.path.isdir(os.path.dirname(destination)): os.makedirs(os.path.dirname(destination)) shutil.copy(srcpath, destination) print "File \"%s/%s\" %s" % ("/".join(origin), file_name, colors.green("installed"))
def installdir(src, dst, force, rewrite, origin=[]): for file_name in os.listdir(src): if file_name == ".gitignore": continue destination = os.path.join(dst, file_name) if not rewrite: if os.path.exists(destination): print("File \"{0}\" already exists, " "{1}".format(file_name, colors.yellow("skipped"))) continue install = False if not force: while 1: choice = raw_input("Do you want to install file " "\"{0}\"? [yes/no] ".format(file_name)) if choice.lower() == "yes": install = True break elif choice.lower() == "no": break else: continue else: install = True if install: srcpath = os.path.join(src, file_name) if os.path.islink(srcpath): if os.path.lexists(destination): try: shutil.rmtree(destination) except OSError: os.unlink(destination) os.symlink(os.readlink(srcpath), destination) print "Symbolic link \"%s/%s\" -> \"%s\" %s" % ( "/".join(origin), file_name, os.readlink(srcpath), colors.green("installed")) elif os.path.isdir(srcpath): installdir(srcpath, destination, force, rewrite, origin + [file_name]) else: if not os.path.isdir(os.path.dirname(destination)): os.makedirs(os.path.dirname(destination)) shutil.copy(srcpath, destination) print "File \"%s/%s\" %s" % ( "/".join(origin), file_name, colors.green("installed"))
def check_status(_id): """Periodically check whether all URL analysis is finished.""" try: while True: time.sleep(5) task_status = task_done(tid) if task_status == False: print(bold(yellow("Task Not Done")) + ": still processing URLs") if task_status == True: print (bold(green("Task Completed"))+ ": All URLs done have been analyzed") break except KeyboardInterrupt: return
def emit(self, record): colored = copy.copy(record) if record.levelname == "WARNING": colored.msg = yellow(record.msg) elif record.levelname == "ERROR" or record.levelname == "CRITICAL": colored.msg = red(record.msg) else: if "analysis procedure completed" in record.msg: colored.msg = cyan(record.msg) else: colored.msg = record.msg logging.StreamHandler.emit(self, colored)
def check_version(): """Checks version of Cuckoo.""" cfg = Config() if not cfg.cuckoo.version_check: return print(" Checking for updates...") url = "http://api.cuckoosandbox.org/checkversion.php" data = urllib.urlencode({"version": CUCKOO_VERSION}) try: request = urllib2.Request(url, data) response = urllib2.urlopen(request) except (urllib2.URLError, urllib2.HTTPError, httplib.BadStatusLine): print(red(" Failed! ") + "Unable to establish connection.\n") return try: response_data = json.loads(response.read()) except ValueError: print(red(" Failed! ") + "Invalid response.\n") return stable_version = response_data["current"] if CUCKOO_VERSION.endswith("-dev"): print( yellow( " You are running a development version! Current stable is {}." .format(stable_version))) else: if LooseVersion(CUCKOO_VERSION) < LooseVersion(stable_version): msg = "Cuckoo Sandbox version {} is available now.".format( stable_version) print(red(" Outdated! ") + msg) else: print( green(" Good! ") + "You have the latest version " "available.\n")
def install(enabled, force, rewrite): (temp, source) = download_archive() folders = {"signatures" : os.path.join("modules", "signatures")} for category in enabled: folder = folders[category] print("\nInstalling %s" % colors.cyan(category.upper())) origin = os.path.join(source, folder) for file_name in os.listdir(origin): destination = os.path.join(ROOT, folder, file_name) if not rewrite: if os.path.exists(destination): print("File \"%s\" already exists, %s" % (file_name, colors.yellow("skipped"))) continue install = False if not force: while 1: choice = raw_input("Do you want to install file \"%s\"? [yes/no] " % file_name) if choice.lower() == "yes": install = True break elif choice.lower() == "no": break else: continue else: install = True if install: shutil.copy(os.path.join(origin, file_name), destination) print("File \"%s\" %s" % (file_name, colors.green("installed"))) shutil.rmtree(temp)
def installdir(src, dst, force, rewrite, origin=[]): for file_name in os.listdir(src): if file_name == ".gitignore": continue destination = os.path.join(dst, file_name) if not rewrite: if os.path.exists(destination): print("File \"{0}\" already exists, " "{1}".format(file_name, colors.yellow("skipped"))) continue install = False if not force: while 1: choice = raw_input("Do you want to install file " "\"{0}\"? [yes/no] ".format(file_name)) if choice.lower() == "yes": install = True break elif choice.lower() == "no": break else: continue else: install = True if install: srcpath = os.path.join(src, file_name) if os.path.isdir(srcpath): installdir(srcpath, destination, force, rewrite, origin + [file_name]) else: shutil.copy(srcpath, destination) print("File \"{0}/{1}\" {2}".format("/".join(origin), file_name, colors.green("installed")))
def check_version(): """Checks version of Cuckoo.""" cfg = Config() if not cfg.cuckoo.version_check: return print(" Checking for updates...") url = "http://api.cuckoosandbox.org/checkversion.php" data = urllib.urlencode({"version": CUCKOO_VERSION}) try: request = urllib2.Request(url, data) response = urllib2.urlopen(request) except (urllib2.URLError, urllib2.HTTPError): print(red(" Failed! ") + "Unable to establish connection.\n") return try: response_data = json.loads(response.read()) except ValueError: print(red(" Failed! ") + "Invalid response.\n") return stable_version = response_data["current"] if CUCKOO_VERSION.endswith("-dev"): print(yellow(" You are running a development version! Current stable is {}.".format( stable_version))) else: if LooseVersion(CUCKOO_VERSION) < LooseVersion(stable_version): msg = "Cuckoo Sandbox version {} is available now.".format( stable_version) print(red(" Outdated! ") + msg) else: print(green(" Good! ") + "You have the latest version " "available.\n")
def install(enabled, force, rewrite, filepath): if filepath and os.path.exists(filepath): data = open(filepath, "rb").read() else: print("Downloading modules from {0}".format(URL)) try: http = urllib3.PoolManager() data = http.request("GET", URL).data t = tarfile.TarFile.open(fileobj=BytesIO(data), mode="r:gz") except Exception as e: print("ERROR: Unable to download archive: %s" % e) sys.exit(-1) folders = { "feeds": "modules/feeds", "signatures": "modules/signatures", "processing": "modules/processing", "reporting": "modules/reporting", "machinery": "modules/machinery", "analyzer": "analyzer", "data": "data", } members = t.getmembers() directory = members[0].name.split("/")[0] for category in enabled: folder = folders.get(category, False) if not folder: continue print("\nInstalling {0}".format(colors.cyan(category.upper()))) # E.g., "community-master/modules/signatures". name_start = "%s/%s" % (directory, folder) for member in members: if not member.name.startswith( name_start) or name_start == member.name: continue filepath = os.path.join(CUCKOO_ROOT, folder, member.name[len(name_start) + 1:]) if member.name.endswith(".gitignore"): continue if member.isdir(): if not os.path.exists(filepath): os.mkdir(filepath) continue if not rewrite: if os.path.exists(filepath): print('File "{}" already exists, {}'.format( filepath, colors.yellow("skipped"))) continue install = False dest_file = os.path.basename(filepath) if not force: while 1: choice = input( 'Do you want to install file "{}"? [yes/no] '.format( dest_file)) if choice.lower() == "yes": install = True break elif choice.lower() == "no": break else: continue else: install = True if install: if not os.path.exists(os.path.dirname(filepath)): os.makedirs(os.path.dirname(filepath)) print('File "{}" {}'.format(filepath, colors.green("installed"))) open(filepath, "wb").write(t.extractfile(member).read())
def logo(): """Cuckoo asciiarts. @return: asciiarts array. """ logos = [] logos.append(""" _| _|_|_| _| _| _|_|_| _| _| _|_| _|_| _| _| _| _| _|_| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _|_|_| _|_|_| _|_|_| _| _| _|_| _|_|""") logos.append(""" __ .----..--.--..----.| |--..-----..-----. | __|| | || __|| < | _ || _ | |____||_____||____||__|__||_____||_____|""") logos.append(""" .: :: .-. , : .-. ;;.-. .-. .-. ; ; ; ; ;; .' ; ;'; ;' `;;;;'.'`..:;._`;;;;'_.'` `.`;;' `;;'""") logos.append(""" eeee e e eeee e e eeeee eeeee 8 8 8 8 8 8 8 8 8 88 8 88 8e 8e 8 8e 8eee8e 8 8 8 8 88 88 8 88 88 8 8 8 8 8 88e8 88ee8 88e8 88 8 8eee8 8eee8""") logos.append(""" _____________________________________/\/\_______________________________ ___/\/\/\/\__/\/\__/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ ___/\/\/\/\____/\/\/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ ________________________________________________________________________""") logos.append(""" _______ _ _ _______ _ _ _____ _____ | | | | |____/ | | | | |_____ |_____| |_____ | \\_ |_____| |_____|""") logos.append(""" _ ____ _ _ ____| | _ ___ ___ / ___) | | |/ ___) |_/ ) _ \ / _ \\ ( (___| |_| ( (___| _ ( |_| | |_| | \\____)____/ \\____)_| \\_)___/ \\___/""") logos.append(""" ______ __ __ ______ ___ ___ ______ ______ /_____/\\ /_/\\/_/\\ /_____/\\ /___/\\/__/\\ /_____/\\ /_____/\\ \\:::__\\/ \\:\\ \\:\\ \\\\:::__\\/ \\::.\\ \\\\ \\ \\\\:::_ \\ \\\\:::_ \\ \\ \\:\\ \\ __\\:\\ \\:\\ \\\\:\\ \\ __\\:: \\/_) \\ \\\\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\ \\/_/\\\\:\\ \\:\\ \\\\:\\ \\/_/\\\\:. __ ( ( \\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\_\\ \\ \\\\:\\_\\:\\ \\\\:\\_\\ \\ \\\\: \\ ) \\ \\ \\:\\_\\ \\ \\\\:\\_\\ \\ \\ \\_____\\/ \\_____\\/ \\_____\\/ \\__\\/\\__\\/ \\_____\\/ \\_____\\/""" ) logos.append(""" sSSs .S S. sSSs .S S. sSSs_sSSs sSSs_sSSs d%%SP .SS SS. d%%SP .SS SS. d%%SP~YS%%b d%%SP~YS%%b d%S' S%S S%S d%S' S%S S&S d%S' `S%b d%S' `S%b S%S S%S S%S S%S S%S d*S S%S S%S S%S S%S S&S S&S S&S S&S S&S .S*S S&S S&S S&S S&S S&S S&S S&S S&S S&S_sdSSS S&S S&S S&S S&S S&S S&S S&S S&S S&S~YSSY%b S&S S&S S&S S&S S&S S&S S&S S&S S&S `S% S&S S&S S&S S&S S*b S*b d*S S*b S*S S% S*b d*S S*b d*S S*S. S*S. .S*S S*S. S*S S& S*S. .S*S S*S. .S*S SSSbs SSSbs_sdSSS SSSbs S*S S& SSSbs_sdSSS SSSbs_sdSSS YSSP YSSP~YSSY YSSP S*S SS YSSP~YSSY YSSP~YSSY SP Y""") logos.append(""" _______ _____ _____ /::\\ \\ /\\ \\ /\\ \\ /::::\\ \\ /::\\____\\ /::\\ \\ /::::::\\ \\ /::::| | /::::\\ \\ /::::::::\\ \\ /:::::| | /::::::\\ \\ /:::/~~\\:::\\ \\ /::::::| | /:::/\\:::\\ \\ /:::/ \\:::\\ \\ /:::/|::| | /:::/ \\:::\\ \\ /:::/ / \\:::\\ \\ /:::/ |::| | /:::/ \\:::\\ \\ /:::/____/ \\:::\\____\\ /:::/ |::|___|______ /:::/ / \\:::\\ \\ |:::| | |:::| | /:::/ |::::::::\\ \\ /:::/ / \\:::\\ ___\\ |:::|____| |:::| |/:::/ |:::::::::\\____\\/:::/____/ ___\\:::| | \\:::\\ \\ /:::/ / \\::/ / ~~~~~/:::/ /\\:::\\ \\ /\\ /:::|____| \\:::\\ \\ /:::/ / \\/____/ /:::/ / \\:::\\ /::\\ \\::/ / \\:::\\ /:::/ / /:::/ / \\:::\\ \\:::\\ \\/____/ \\:::\\__/:::/ / /:::/ / \\:::\\ \\:::\\____\\ \\::::::::/ / /:::/ / \\:::\\ /:::/ / \\::::::/ / /:::/ / \\:::\\/:::/ / \\::::/ / /:::/ / \\::::::/ / \\::/____/ /:::/ / \\::::/ / ~~ \\::/ / \\::/____/ \\/____/ it's Cuckoo!""") logos.append(""" _ _ _ _ _ _ /\\ \\ /\\_\\ /\\ \\ /\\_\\ /\\ \\ /\\ \\ / \\ \\ / / / _ / \\ \\ / / / _ / \\ \\ / \\ \\ / /\\ \\ \\ \\ \\ \\__ /\\_\\ / /\\ \\ \\ / / / /\\_\\ / /\\ \\ \\ / /\\ \\ \\ / / /\\ \\ \\ \\ \\___\\ / / // / /\\ \\ \\ / / /__/ / / / / /\\ \\ \\ / / /\\ \\ \\ / / / \\ \\_\\ \\__ / / / // / / \\ \\_\\ / /\\_____/ / / / / \\ \\_\\ / / / \\ \\_\\ / / / \\/_/ / / / / / // / / \\/_/ / /\\_______/ / / / / / // / / / / / / / / / / / / / // / / / / /\\ \\ \\ / / / / / // / / / / / / / /________ / / /___/ / // / /________ / / / \\ \\ \\ / / /___/ / // / /___/ / / / / /_________\\/ / /____\\/ // / /_________\\/ / / \\ \\ \\ / / /____\\/ // / /____\\/ / \\/____________/\\/_________/ \\/____________/\\/_/ \\_\\_\\\\/_________/ \\/_________/""" ) logos.append(""" ),-. / Cuckoo Sandbox <(a `---',' no chance for malwares! ( `-, ._> ) ) _>.___/ _/""") logos.append(""" .-----------------. | Cuckoo Sandbox? | | OH NOES! |\\ '-.__.-' '-----------------' \\ /oo |--.--,--,--. \\_.-'._i__i__i_.' \"\"\"\"\"\"\"\"\"""") print((color(random.choice(logos), random.randrange(31, 37)))) print() print((" Cuckoo Sandbox %s" % yellow(CUCKOO_VERSION))) print(" www.cuckoosandbox.org") print(" Copyright (c) 2010-2015") print() print(" CAPE: Config and Payload Extraction") print(" github.com/kevoreilly/CAPEv2") print() sys.stdout.flush()
def main(): parser = argparse.ArgumentParser() parser.add_argument("target", type=str, nargs="?", help="URL, path to the file or folder to analyze") parser.add_argument("-d", "--debug", action="store_true", help="Enable debug logging") parser.add_argument( "--remote", type=str, action="store", default=None, help="Specify IP:port to a Cuckoo API server to submit remotely", required=False) parser.add_argument("--url", action="store_true", default=False, help="Specify whether the target is an URL", required=False) parser.add_argument("--package", type=str, action="store", default="", help="Specify an analysis package", required=False) parser.add_argument("--custom", type=str, action="store", default="", help="Specify any custom value", required=False) parser.add_argument("--owner", type=str, action="store", default="", help="Specify the task owner", required=False) parser.add_argument("--timeout", type=int, action="store", default=0, help="Specify an analysis timeout", required=False) parser.add_argument( "-o", "--options", type=str, action="store", default="", help= "Specify options for the analysis package (e.g. \"name=value,name2=value2\")", required=False) parser.add_argument( "--priority", type=int, action="store", default=1, help="Specify a priority for the analysis represented by an integer", required=False) parser.add_argument( "--machine", type=str, action="store", default="", help="Specify the identifier of a machine you want to use", required=False) parser.add_argument( "--platform", type=str, action="store", default="", help= "Specify the operating system platform you want to use (windows/darwin/linux)", required=False) parser.add_argument( "--memory", action="store_true", default=False, help="Enable to take a memory dump of the analysis machine", required=False) parser.add_argument( "--enforce-timeout", action="store_true", default=False, help="Enable to force the analysis to run for the full timeout period", required=False) parser.add_argument("--clock", type=str, action="store", default=None, help="Set virtual machine clock", required=False) parser.add_argument( "--tags", type=str, action="store", default=None, help="Specify tags identifier of a machine you want to use", required=False) parser.add_argument("--baseline", action="store_true", default=None, help="Run a baseline analysis", required=False) parser.add_argument("--max", type=int, action="store", default=None, help="Maximum samples to add in a row", required=False) parser.add_argument("--pattern", type=str, action="store", default=None, help="Pattern of files to submit", required=False) parser.add_argument("--shuffle", action="store_true", default=False, help="Shuffle samples before submitting them", required=False) parser.add_argument("--unique", action="store_true", default=False, help="Only submit new samples, ignore duplicates", required=False) parser.add_argument("--quiet", action="store_true", default=False, help="Only print text on failure", required=False) parser.add_argument("--PIN", help="\033[91mForce PINDemonium \o/ \033[0m", action='store_true', required=False) try: args = parser.parse_args() except IOError as e: parser.error(e) return False print(args.target) if args.target: if FileEntropy(args.target) > 7.5: print( green( "We detected high entropy on the file. Trying to unpack.\n" )) args.PIN = True else: print(FileEntropy(args.target), args.target) # Add PINDemonium as an option if args.PIN: args.package = 'exePIN' Pin = PINParser() print( "\033[91m\n\t\t Please specify arguments for PIN. If no arguments are specified, it will run with default args within 10 secs. \n\t\t Here is a reminder : \033[0m\n" ) # We use a timeout in case the file is automatically sent so the analysis is not stuck on waiting for arguments. Pin.Help() print("\n\t\tPress enter to continue") i, o, e = select.select([sys.stdin], [], [], 10) if (i): sys.stdin.readline() sys.stdout.write(">>> ") Args = Pin.Parse(raw_input()) args.package = args.package + ";" + Args else: print("Timeout, launching analysis with default args.") if not args.baseline and not args.target: print "No file or URL has been specified!" exit(1) # If the quiet flag has been set, then we also disable the "warning" # level of the logging module. (E.g., when pydeep has not been installed, # there will be a warning message, because Cuckoo can't resolve the # ssdeep hash of this particular sample.) if args.debug: logging.basicConfig(level=logging.DEBUG) else: logging.basicConfig() if args.quiet: logging.disable(logging.WARNING) db = Database() if args.url: target = to_unicode(args.target) if args.remote: if not HAVE_REQUESTS: print( bold(red("Error")) + ": you need to install python-requests (`pip install requests`)" ) return False url = "http://{0}/tasks/create/url".format(args.remote) data = dict(url=target, package=args.package, timeout=args.timeout, options=args.options, priority=args.priority, machine=args.machine, platform=args.platform, memory=args.memory, enforce_timeout=args.enforce_timeout, custom=args.custom, owner=args.owner, tags=args.tags) try: response = requests.post(url, data=data) except Exception as e: print( bold(red("Error")) + ": unable to send URL: {0}".format(e)) return False json = response.json() task_id = json["task_id"] else: task_id = db.add_url(target, package=args.package, timeout=args.timeout, options=args.options, priority=args.priority, machine=args.machine, platform=args.platform, custom=args.custom, owner=args.owner, memory=args.memory, enforce_timeout=args.enforce_timeout, clock=args.clock, tags=args.tags) if task_id: if not args.quiet: print( bold(green("Success")) + u": URL \"{0}\" added as task with ID {1}".format( target, task_id)) else: print(bold(red("Error")) + ": adding task to database") elif args.baseline: if args.remote: print "Remote baseline support has not yet been implemented." exit(1) task_id = db.add_baseline(args.timeout, args.owner, args.machine, args.memory) if task_id: if not args.quiet: print( bold(green("Success")) + u": Baseline analysis added as task with ID {0}".format( task_id)) else: print(bold(red("Error")) + ": adding task to database") else: target = to_unicode(args.target) # Get absolute path to deal with relative. path = to_unicode(os.path.abspath(target)) if not os.path.exists(path): print( bold(red("Error")) + u": the specified file/folder does not exist at path \"{0}\"". format(path)) return False files = [] if os.path.isdir(path): for dirname, dirnames, filenames in os.walk(path): for file_name in filenames: file_path = os.path.join(dirname, file_name) if os.path.isfile(file_path): if args.pattern: if fnmatch.fnmatch(file_name, args.pattern): files.append(to_unicode(file_path)) else: files.append(to_unicode(file_path)) else: files.append(path) if args.shuffle: random.shuffle(files) else: files = sorted(files) for file_path in files: if not File(file_path).get_size(): if not args.quiet: print( bold( yellow("Empty") + ": sample {0} (skipping file)".format(file_path))) continue if args.max is not None: # Break if the maximum number of samples has been reached. if not args.max: break args.max -= 1 if args.remote: if not HAVE_REQUESTS: print( bold(red("Error")) + ": you need to install python-requests (`pip install requests`)" ) return False url = "http://{0}/tasks/create/file".format(args.remote) files = dict(file=open(file_path, "rb"), filename=os.path.basename(file_path)) data = dict(package=args.package, timeout=args.timeout, options=args.options, priority=args.priority, machine=args.machine, platform=args.platform, memory=args.memory, enforce_timeout=args.enforce_timeout, custom=args.custom, owner=args.owner, tags=args.tags) try: response = requests.post(url, files=files, data=data) except Exception as e: print( bold(red("Error")) + ": unable to send file: {0}".format(e)) return False json = response.json() task_id = json["task_id"] else: if args.unique: sha256 = File(file_path).get_sha256() if not db.find_sample(sha256=sha256) is None: msg = ": Sample {0} (skipping file)".format(file_path) if not args.quiet: print(bold(yellow("Duplicate")) + msg) continue task_id = db.add_path( file_path=file_path, package=args.package, timeout=args.timeout, options=args.options, priority=args.priority, machine=args.machine, platform=args.platform, custom=args.custom, owner=args.owner, memory=args.memory, enforce_timeout=args.enforce_timeout, clock=args.clock, tags=args.tags, ) if task_id: if not args.quiet: print( bold(green("Success")) + u": File \"{0}\" added as task with ID {1}".format( file_path, task_id)) else: print(bold(red("Error")) + ": adding task to database")
def logo(): """Cuckoo asciiarts. @return: asciiarts array. """ logos = [] logos.append(""" _| _|_|_| _| _| _|_|_| _| _| _|_| _|_| _| _| _| _| _|_| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _|_|_| _|_|_| _|_|_| _| _| _|_| _|_|""") logos.append(""" __ .----..--.--..----.| |--..-----..-----. | __|| | || __|| < | _ || _ | |____||_____||____||__|__||_____||_____|""") logos.append(""" .: :: .-. , : .-. ;;.-. .-. .-. ; ; ; ; ;; .' ; ;'; ;' `;;;;'.'`..:;._`;;;;'_.'` `.`;;' `;;'""") logos.append(""" eeee e e eeee e e eeeee eeeee 8 8 8 8 8 8 8 8 8 88 8 88 8e 8e 8 8e 8eee8e 8 8 8 8 88 88 8 88 88 8 8 8 8 8 88e8 88ee8 88e8 88 8 8eee8 8eee8""") logos.append(""" _____________________________________/\/\_______________________________ ___/\/\/\/\__/\/\__/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ ___/\/\/\/\____/\/\/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ ________________________________________________________________________""") logos.append(""" _______ _ _ _______ _ _ _____ _____ | | | | |____/ | | | | |_____ |_____| |_____ | \\_ |_____| |_____|""") logos.append(""" _ ____ _ _ ____| | _ ___ ___ / ___) | | |/ ___) |_/ ) _ \ / _ \\ ( (___| |_| ( (___| _ ( |_| | |_| | \\____)____/ \\____)_| \\_)___/ \\___/""") logos.append(""" ______ __ __ ______ ___ ___ ______ ______ /_____/\\ /_/\\/_/\\ /_____/\\ /___/\\/__/\\ /_____/\\ /_____/\\ \\:::__\\/ \\:\\ \\:\\ \\\\:::__\\/ \\::.\\ \\\\ \\ \\\\:::_ \\ \\\\:::_ \\ \\ \\:\\ \\ __\\:\\ \\:\\ \\\\:\\ \\ __\\:: \\/_) \\ \\\\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\ \\/_/\\\\:\\ \\:\\ \\\\:\\ \\/_/\\\\:. __ ( ( \\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\_\\ \\ \\\\:\\_\\:\\ \\\\:\\_\\ \\ \\\\: \\ ) \\ \\ \\:\\_\\ \\ \\\\:\\_\\ \\ \\ \\_____\\/ \\_____\\/ \\_____\\/ \\__\\/\\__\\/ \\_____\\/ \\_____\\/""") logos.append(""" sSSs .S S. sSSs .S S. sSSs_sSSs sSSs_sSSs d%%SP .SS SS. d%%SP .SS SS. d%%SP~YS%%b d%%SP~YS%%b d%S' S%S S%S d%S' S%S S&S d%S' `S%b d%S' `S%b S%S S%S S%S S%S S%S d*S S%S S%S S%S S%S S&S S&S S&S S&S S&S .S*S S&S S&S S&S S&S S&S S&S S&S S&S S&S_sdSSS S&S S&S S&S S&S S&S S&S S&S S&S S&S~YSSY%b S&S S&S S&S S&S S&S S&S S&S S&S S&S `S% S&S S&S S&S S&S S*b S*b d*S S*b S*S S% S*b d*S S*b d*S S*S. S*S. .S*S S*S. S*S S& S*S. .S*S S*S. .S*S SSSbs SSSbs_sdSSS SSSbs S*S S& SSSbs_sdSSS SSSbs_sdSSS YSSP YSSP~YSSY YSSP S*S SS YSSP~YSSY YSSP~YSSY SP Y""") logos.append(""" _______ _____ _____ /::\\ \\ /\\ \\ /\\ \\ /::::\\ \\ /::\\____\\ /::\\ \\ /::::::\\ \\ /::::| | /::::\\ \\ /::::::::\\ \\ /:::::| | /::::::\\ \\ /:::/~~\\:::\\ \\ /::::::| | /:::/\\:::\\ \\ /:::/ \\:::\\ \\ /:::/|::| | /:::/ \\:::\\ \\ /:::/ / \\:::\\ \\ /:::/ |::| | /:::/ \\:::\\ \\ /:::/____/ \\:::\\____\\ /:::/ |::|___|______ /:::/ / \\:::\\ \\ |:::| | |:::| | /:::/ |::::::::\\ \\ /:::/ / \\:::\\ ___\\ |:::|____| |:::| |/:::/ |:::::::::\\____\\/:::/____/ ___\\:::| | \\:::\\ \\ /:::/ / \\::/ / ~~~~~/:::/ /\\:::\\ \\ /\\ /:::|____| \\:::\\ \\ /:::/ / \\/____/ /:::/ / \\:::\\ /::\\ \\::/ / \\:::\\ /:::/ / /:::/ / \\:::\\ \\:::\\ \\/____/ \\:::\\__/:::/ / /:::/ / \\:::\\ \\:::\\____\\ \\::::::::/ / /:::/ / \\:::\\ /:::/ / \\::::::/ / /:::/ / \\:::\\/:::/ / \\::::/ / /:::/ / \\::::::/ / \\::/____/ /:::/ / \\::::/ / ~~ \\::/ / \\::/____/ \\/____/ it's Cuckoo!""") logos.append(""" _ _ _ _ _ _ /\\ \\ /\\_\\ /\\ \\ /\\_\\ /\\ \\ /\\ \\ / \\ \\ / / / _ / \\ \\ / / / _ / \\ \\ / \\ \\ / /\\ \\ \\ \\ \\ \\__ /\\_\\ / /\\ \\ \\ / / / /\\_\\ / /\\ \\ \\ / /\\ \\ \\ / / /\\ \\ \\ \\ \\___\\ / / // / /\\ \\ \\ / / /__/ / / / / /\\ \\ \\ / / /\\ \\ \\ / / / \\ \\_\\ \\__ / / / // / / \\ \\_\\ / /\\_____/ / / / / \\ \\_\\ / / / \\ \\_\\ / / / \\/_/ / / / / / // / / \\/_/ / /\\_______/ / / / / / // / / / / / / / / / / / / / // / / / / /\\ \\ \\ / / / / / // / / / / / / / /________ / / /___/ / // / /________ / / / \\ \\ \\ / / /___/ / // / /___/ / / / / /_________\\/ / /____\\/ // / /_________\\/ / / \\ \\ \\ / / /____\\/ // / /____\\/ / \\/____________/\\/_________/ \\/____________/\\/_/ \\_\\_\\\\/_________/ \\/_________/""") logos.append(""" ),-. / Cuckoo Sandbox <(a `---',' no chance for malwares! ( `-, ._> ) ) _>.___/ _/""") logos.append(""" .-----------------. | Cuckoo Sandbox? | | OH NOES! |\\ '-.__.-' '-----------------' \\ /oo |--.--,--,--. \\_.-'._i__i__i_.' \"\"\"\"\"\"\"\"\"""") logos.append(""" .----------------. .----------------. .----------------. .----------------. .----------------. .----------------. | .--------------. || .--------------. || .--------------. || .--------------. || .--------------. || .--------------. | | | ______ | || | _____ _____ | || | ______ | || | ___ ____ | || | ____ | || | ____ | | | | .' ___ | | || ||_ _||_ _|| || | .' ___ | | || | |_ ||_ _| | || | .' `. | || | .' `. | | | | / .' \_| | || | | | | | | || | / .' \_| | || | | |_/ / | || | / .--. \ | || | / .--. \ | | | | | | | || | | ' ' | | || | | | | || | | __'. | || | | | | | | || | | | | | | | | | \ `.___.'\ | || | \ `--' / | || | \ `.___.'\ | || | _| | \ \_ | || | \ `--' / | || | \ `--' / | | | | `._____.' | || | `.__.' | || | `._____.' | || | |____||____| | || | `.____.' | || | `.____.' | | | | | || | | || | | || | | || | | || | | | | '--------------' || '--------------' || '--------------' || '--------------' || '--------------' || '--------------' | '----------------' '----------------' '----------------' '----------------' '----------------' '----------------' .-----------------. .----------------. .----------------. .----------------. .----------------. | .--------------. || .--------------. || .--------------. || .--------------. || .--------------. | | | ____ _____ | || | ____ ____ | || | ____ | || | _____ _____ | || | __ | | | ||_ \|_ _| | || | |_ _||_ _| | || | .' `. | || ||_ _||_ _|| || | / \ | | | | | \ | | | || | \ \ / / | || | / .--. \ | || | | | /\ | | | || | / /\ \ | | | | | |\ \| | | || | \ \/ / | || | | | | | | || | | |/ \| | | || | / ____ \ | | | | _| |_\ |_ | || | _| |_ | || | \ `--' / | || | | /\ | | || | _/ / \ \_ | | | ||_____|\____| | || | |______| | || | `.____.' | || | |__/ \__| | || ||____| |____|| | | | | || | | || | | || | | || | | | | '--------------' || '--------------' || '--------------' || '--------------' || '--------------' | '----------------' '----------------' '----------------' '----------------' '----------------' """) logos.append(""" 8 8888 ,o888888o. `8.`888b ,8' .8. 8 888888888o 8 8888888888 8 8888 d888888o. 8 8888 . 8888 `88. `8.`888b ,8' .888. 8 8888 `88. 8 8888 8 8888 .`8888:' `88. 8 8888 ,8 8888 `8b `8.`888b ,8' :88888. 8 8888 `88 8 8888 8 8888 8.`8888. Y8 8 8888 88 8888 `8b `8.`888b .b ,8' . `88888. 8 8888 ,88 8 8888 8 8888 `8.`8888. 8 8888 88 8888 88 `8.`888b 88b ,8' .8. `88888. 8 8888. ,88' 8 888888888888 8 8888 `8.`8888. 8 8888 88 8888 88 `8.`888b .`888b,8' .8`8. `88888. 8 8888888888 8 8888 8 8888 `8.`8888. 88. 8 8888 88 8888 ,8P `8.`888b8.`8888' .8' `8. `88888. 8 8888 `88. 8 8888 8 8888 `8.`8888. `88. 8 888' `8 8888 ,8P `8.`888`8.`88' .8' `8. `88888. 8 8888 88 8 8888 8 8888 8b `8.`8888. `88o. 8 88' ` 8888 ,88' `8.`8' `8,`' .888888888. `88888. 8 8888 ,88' 8 8888 8 8888 `8b. ;8.`8888 `Y888888 ' `8888888P' `8.` `8' .8' `8. `88888. 8 888888888P 8 888888888888 8 888888888888 `Y8888P ,88P' ,o888888o. 8 8888 88 ,o888888o. 8 8888 ,88' ,o888888o. ,o888888o. 8888 `88. 8 8888 88 8888 `88. 8 8888 ,88'. 8888 `88. . 8888 `88. ,8 8888 `8. 8 8888 88 ,8 8888 `8. 8 8888 ,88',8 8888 `8b ,8 8888 `8b 88 8888 8 8888 88 88 8888 8 8888 ,88' 88 8888 `8b 88 8888 `8b 88 8888 8 8888 88 88 8888 8 8888 ,88' 88 8888 88 88 8888 88 88 8888 8 8888 88 88 8888 8 8888 88' 88 8888 88 88 8888 88 88 8888 8 8888 88 88 8888 8 888888< 88 8888 ,8P 88 8888 ,8P `8 8888 .8' ` 8888 ,8P `8 8888 .8' 8 8888 `Y8. `8 8888 ,8P `8 8888 ,8P 8888 ,88' 8888 ,d8P 8888 ,88' 8 8888 `Y8. ` 8888 ,88' ` 8888 ,88' `8888888P' `Y88888P' `8888888P' 8 8888 `Y8. `8888888P' `8888888P' """) logos.append(""" jow ls u koo XXX . . X.X . . ..X . . ..X . . ..X . . ... . . jowabels cuckoo """) logos.append(""" _________ _______ _______ ______ _______ _ _______ _______ _______ _ _______ _______ \__ _/( ___ )|\ /|( ___ )( ___ \ ( ____ \( \ ( ____ \ ( ____ \|\ /|( ____ \| \ /\( ___ )( ___ ) ) ( | ( ) || ) ( || ( ) || ( ) )| ( \/| ( | ( \/ | ( \/| ) ( || ( \/| \ / /| ( ) || ( ) | | | | | | || | _ | || (___) || (__/ / | (__ | | | (_____ | | | | | || | | (_/ / | | | || | | | | | | | | || |( )| || ___ || __ ( | __) | | (_____ ) | | | | | || | | _ ( | | | || | | | | | | | | || || || || ( ) || ( \ \ | ( | | ) | | | | | | || | | ( \ \ | | | || | | | |\_) ) | (___) || () () || ) ( || )___) )| (____/\| (____/Y\____) | | (____/\| (___) || (____/\| / \ \| (___) || (___) | (____/ (_______)(_______)|/ \||/ \___/ (_______/(_______|_______) (_______/(_______)(_______/|_/ \/(_______)(_______) """) logos.append(""" o o o O O O o O o o o O .oOo O o .oOo O o .oOo. .oOo. OoOo. .oOo. o .oOo O o O O OoO O o O o O o OooO' O `Ooo. o O o o o O o O o O o O O o O `OoO' `OoO'o `OoO' O o `OoO' `OoO' `OoO' `OoO' Oo `OoO' """) print(color(random.choice(logos), random.randrange(31, 37))) print print(" Cuckoo Sandbox %s" % yellow(CUCKOO_VERSION)) print(" www.cuckoosandbox.org") print(" Copyright (c) 2010-2015") print sys.stdout.flush()
def hh(): print yellow("Use the set_bp function to set a new BP, or set_volshell_bp to set a volshell BP")
def main(): parser = argparse.ArgumentParser() parser.add_argument("target", type=str, help="URL, path to the file or folder to analyze") parser.add_argument("--remote", type=str, action="store", default=None, help="Specify IP:port to a Cuckoo API server to submit remotely", required=False) parser.add_argument("--user", type=str, action="store", default=None, help="Username for Basic Auth", required=False) parser.add_argument("--password", type=str, action="store", default=None, help="Password for Basic Auth", required=False) parser.add_argument("--sslnoverify", action="store_true", default=False, help="Do not validate SSL cert", required=False) parser.add_argument("--ssl", action="store_true", default=False, help="Use SSL/TLS for remote", required=False) parser.add_argument("--url", action="store_true", default=False, help="Specify whether the target is an URL", required=False) parser.add_argument("--package", type=str, action="store", default="", help="Specify an analysis package", required=False) parser.add_argument("--custom", type=str, action="store", default="", help="Specify any custom value", required=False) parser.add_argument("--timeout", type=int, action="store", default=0, help="Specify an analysis timeout", required=False) parser.add_argument("--options", type=str, action="store", default="", help="Specify options for the analysis package (e.g. \"name=value,name2=value2\")", required=False) parser.add_argument("--priority", type=int, action="store", default=1, help="Specify a priority for the analysis represented by an integer", required=False) parser.add_argument("--machine", type=str, action="store", default="", help="Specify the identifier of a machine you want to use", required=False) parser.add_argument("--platform", type=str, action="store", default="", help="Specify the operating system platform you want to use (windows/darwin/linux)", required=False) parser.add_argument("--memory", action="store_true", default=False, help="Enable to take a memory dump of the analysis machine", required=False) parser.add_argument("--enforce-timeout", action="store_true", default=False, help="Enable to force the analysis to run for the full timeout period", required=False) parser.add_argument("--clock", type=str, action="store", default=None, help="Set virtual machine clock", required=False) parser.add_argument("--tags", type=str, action="store", default=None, help="Specify tags identifier of a machine you want to use", required=False) parser.add_argument("--max", type=int, action="store", default=None, help="Maximum samples to add in a row", required=False) parser.add_argument("--pattern", type=str, action="store", default=None, help="Pattern of files to submit", required=False) parser.add_argument("--shuffle", action="store_true", default=False, help="Shuffle samples before submitting them", required=False) parser.add_argument("--unique", action="store_true", default=False, help="Only submit new samples, ignore duplicates", required=False) parser.add_argument("--quiet", action="store_true", default=False, help="Only print text on failure", required=False) try: args = parser.parse_args() except IOError as e: parser.error(e) return False # If the quiet flag has been set, then we also disable the "warning" # level of the logging module. (E.g., when pydeep has not been installed, # there will be a warning message, because Cuckoo can't resolve the # ssdeep hash of this particular sample.) if args.quiet: logging.disable(logging.WARNING) db = Database() target = to_unicode(args.target) if args.url: if args.remote: if not HAVE_REQUESTS: print(bold(red("Error")) + ": you need to install python-requests (`pip install requests`)") return False if args.ssl: url = "https://{0}/tasks/create/url".format(args.remote) else: url = "http://{0}/tasks/create/url".format(args.remote) data = dict( url=target, package=args.package, timeout=args.timeout, options=args.options, priority=args.priority, machine=args.machine, platform=args.platform, memory=args.memory, enforce_timeout=args.enforce_timeout, custom=args.custom, tags=args.tags ) try: if args.user and args.password: if args.ssl: if args.sslnoverify: verify = False else: verify = True response = requests.post(url, auth=(args.user,args.password), data=data,verify=verify) else: response = requests.post(url, auth=(args.user,args.password), data=data) else: if args.ssl: if args.sslnoverify: verify = False else: verify = True response = requests.post(url, data=data,verify=verify) else: response = requests.post(url, data=data) except Exception as e: print(bold(red("Error")) + ": unable to send URL: {0}".format(e)) return False json = response.json() task_id = json["task_id"] else: task_id = db.add_url(target, package=args.package, timeout=args.timeout, options=args.options, priority=args.priority, machine=args.machine, platform=args.platform, custom=args.custom, memory=args.memory, enforce_timeout=args.enforce_timeout, clock=args.clock, tags=args.tags) if task_id: if not args.quiet: print(bold(green("Success")) + u": URL \"{0}\" added as task with ID {1}".format(target, task_id)) else: print(bold(red("Error")) + ": adding task to database") else: # Get absolute path to deal with relative. path = to_unicode(os.path.abspath(target)) if not os.path.exists(path): print(bold(red("Error")) + u": the specified file/folder does not exist at path \"{0}\"".format(path)) return False files = [] if os.path.isdir(path): for dirname, dirnames, filenames in os.walk(path): for file_name in filenames: file_path = os.path.join(dirname, file_name) if os.path.isfile(file_path): if args.pattern: if fnmatch.fnmatch(file_name, args.pattern): files.append(to_unicode(file_path)) else: files.append(to_unicode(file_path)) else: files.append(path) if args.shuffle: random.shuffle(files) for file_path in files: if not File(file_path).get_size(): if not args.quiet: print(bold(yellow("Empty") + ": sample {0} (skipping file)".format(file_path))) continue if not args.max is None: # Break if the maximum number of samples has been reached. if not args.max: break args.max -= 1 if args.remote: if not HAVE_REQUESTS: print(bold(red("Error")) + ": you need to install python-requests (`pip install requests`)") return False if args.ssl: url = "https://{0}/tasks/create/file".format(args.remote) else: url = "http://{0}/tasks/create/file".format(args.remote) files = dict( file=open(file_path, "rb"), filename=os.path.basename(file_path) ) data = dict( package=args.package, timeout=args.timeout, options=args.options, priority=args.priority, machine=args.machine, platform=args.platform, memory=args.memory, enforce_timeout=args.enforce_timeout, custom=args.custom, tags=args.tags ) try: if args.user and args.password: if args.ssl: if args.sslnoverify: verify = False else: verify = True response = requests.post(url, auth=(args.user,args.password), files=files,data=data,verify=verify) else: response = requests.post(url, auth=(args.user,args.password), files=files,data=data) else: if args.ssl: if args.sslnoverify: verify = False else: verify = True response = requests.post(url, files=files, data=data, verify=verify) else: response = requests.post(url, files=files, data=data) except Exception as e: print(bold(red("Error")) + ": unable to send file: {0}".format(e)) return False json = response.json() task_id = json["task_id"] else: if args.unique: sha256 = File(file_path).get_sha256() if not db.find_sample(sha256=sha256) is None: msg = ": Sample {0} (skipping file)".format(file_path) if not args.quiet: print(bold(yellow("Duplicate")) + msg) continue task_id = db.add_path(file_path=file_path, package=args.package, timeout=args.timeout, options=args.options, priority=args.priority, machine=args.machine, platform=args.platform, custom=args.custom, memory=args.memory, enforce_timeout=args.enforce_timeout, clock=args.clock, tags=args.tags) if task_id: if not args.quiet: print(bold(green("Success")) + u": File \"{0}\" added as task with ID {1}".format(file_path, task_id)) else: print(bold(red("Error")) + ": adding task to database")
def logo(): """Cuckoo asciiarts. @return: asciiarts array. """ logos = [] logos.append(""" _| _|_|_| _| _| _|_|_| _| _| _|_| _|_| _| _| _| _| _|_| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _|_|_| _|_|_| _|_|_| _| _| _|_| _|_|""") logos.append(""" __ .----..--.--..----.| |--..-----..-----. | __|| | || __|| < | _ || _ | |____||_____||____||__|__||_____||_____|""") logos.append(""" .: :: .-. , : .-. ;;.-. .-. .-. ; ; ; ; ;; .' ; ;'; ;' `;;;;'.'`..:;._`;;;;'_.'` `.`;;' `;;'""") logos.append(""" eeee e e eeee e e eeeee eeeee 8 8 8 8 8 8 8 8 8 88 8 88 8e 8e 8 8e 8eee8e 8 8 8 8 88 88 8 88 88 8 8 8 8 8 88e8 88ee8 88e8 88 8 8eee8 8eee8""") logos.append(""" _____________________________________/\/\_______________________________ ___/\/\/\/\__/\/\__/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ ___/\/\/\/\____/\/\/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ ________________________________________________________________________""") logos.append(""" _______ _ _ _______ _ _ _____ _____ | | | | |____/ | | | | |_____ |_____| |_____ | \\_ |_____| |_____|""") logos.append(""" _ ____ _ _ ____| | _ ___ ___ / ___) | | |/ ___) |_/ ) _ \ / _ \\ ( (___| |_| ( (___| _ ( |_| | |_| | \\____)____/ \\____)_| \\_)___/ \\___/""") logos.append(""" ______ __ __ ______ ___ ___ ______ ______ /_____/\\ /_/\\/_/\\ /_____/\\ /___/\\/__/\\ /_____/\\ /_____/\\ \\:::__\\/ \\:\\ \\:\\ \\\\:::__\\/ \\::.\\ \\\\ \\ \\\\:::_ \\ \\\\:::_ \\ \\ \\:\\ \\ __\\:\\ \\:\\ \\\\:\\ \\ __\\:: \\/_) \\ \\\\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\ \\/_/\\\\:\\ \\:\\ \\\\:\\ \\/_/\\\\:. __ ( ( \\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\_\\ \\ \\\\:\\_\\:\\ \\\\:\\_\\ \\ \\\\: \\ ) \\ \\ \\:\\_\\ \\ \\\\:\\_\\ \\ \\ \\_____\\/ \\_____\\/ \\_____\\/ \\__\\/\\__\\/ \\_____\\/ \\_____\\/""") logos.append(""" sSSs .S S. sSSs .S S. sSSs_sSSs sSSs_sSSs d%%SP .SS SS. d%%SP .SS SS. d%%SP~YS%%b d%%SP~YS%%b d%S' S%S S%S d%S' S%S S&S d%S' `S%b d%S' `S%b S%S S%S S%S S%S S%S d*S S%S S%S S%S S%S S&S S&S S&S S&S S&S .S*S S&S S&S S&S S&S S&S S&S S&S S&S S&S_sdSSS S&S S&S S&S S&S S&S S&S S&S S&S S&S~YSSY%b S&S S&S S&S S&S S&S S&S S&S S&S S&S `S% S&S S&S S&S S&S S*b S*b d*S S*b S*S S% S*b d*S S*b d*S S*S. S*S. .S*S S*S. S*S S& S*S. .S*S S*S. .S*S SSSbs SSSbs_sdSSS SSSbs S*S S& SSSbs_sdSSS SSSbs_sdSSS YSSP YSSP~YSSY YSSP S*S SS YSSP~YSSY YSSP~YSSY SP Y""") logos.append(""" _______ _____ _____ /::\\ \\ /\\ \\ /\\ \\ /::::\\ \\ /::\\____\\ /::\\ \\ /::::::\\ \\ /::::| | /::::\\ \\ /::::::::\\ \\ /:::::| | /::::::\\ \\ /:::/~~\\:::\\ \\ /::::::| | /:::/\\:::\\ \\ /:::/ \\:::\\ \\ /:::/|::| | /:::/ \\:::\\ \\ /:::/ / \\:::\\ \\ /:::/ |::| | /:::/ \\:::\\ \\ /:::/____/ \\:::\\____\\ /:::/ |::|___|______ /:::/ / \\:::\\ \\ |:::| | |:::| | /:::/ |::::::::\\ \\ /:::/ / \\:::\\ ___\\ |:::|____| |:::| |/:::/ |:::::::::\\____\\/:::/____/ ___\\:::| | \\:::\\ \\ /:::/ / \\::/ / ~~~~~/:::/ /\\:::\\ \\ /\\ /:::|____| \\:::\\ \\ /:::/ / \\/____/ /:::/ / \\:::\\ /::\\ \\::/ / \\:::\\ /:::/ / /:::/ / \\:::\\ \\:::\\ \\/____/ \\:::\\__/:::/ / /:::/ / \\:::\\ \\:::\\____\\ \\::::::::/ / /:::/ / \\:::\\ /:::/ / \\::::::/ / /:::/ / \\:::\\/:::/ / \\::::/ / /:::/ / \\::::::/ / \\::/____/ /:::/ / \\::::/ / ~~ \\::/ / \\::/____/ \\/____/ it's Cuckoo!""") logos.append(""" _ _ _ _ _ _ /\\ \\ /\\_\\ /\\ \\ /\\_\\ /\\ \\ /\\ \\ / \\ \\ / / / _ / \\ \\ / / / _ / \\ \\ / \\ \\ / /\\ \\ \\ \\ \\ \\__ /\\_\\ / /\\ \\ \\ / / / /\\_\\ / /\\ \\ \\ / /\\ \\ \\ / / /\\ \\ \\ \\ \\___\\ / / // / /\\ \\ \\ / / /__/ / / / / /\\ \\ \\ / / /\\ \\ \\ / / / \\ \\_\\ \\__ / / / // / / \\ \\_\\ / /\\_____/ / / / / \\ \\_\\ / / / \\ \\_\\ / / / \\/_/ / / / / / // / / \\/_/ / /\\_______/ / / / / / // / / / / / / / / / / / / / // / / / / /\\ \\ \\ / / / / / // / / / / / / / /________ / / /___/ / // / /________ / / / \\ \\ \\ / / /___/ / // / /___/ / / / / /_________\\/ / /____\\/ // / /_________\\/ / / \\ \\ \\ / / /____\\/ // / /____\\/ / \\/____________/\\/_________/ \\/____________/\\/_/ \\_\\_\\\\/_________/ \\/_________/""") logos.append(""" ),-. / Cuckoo Sandbox <(a `---',' no chance for malwares! ( `-, ._> ) ) _>.___/ _/""") logos.append(""" .-----------------. | Cuckoo Sandbox? | | OH NOES! |\\ '-.__.-' '-----------------' \\ /oo |--.--,--,--. \\_.-'._i__i__i_.' \"\"\"\"\"\"\"\"\"""") print(color(random.choice(logos), random.randrange(31, 37))) print print(" Cuckoo Sandbox %s" % yellow(CUCKOO_VERSION)) print(" www.cuckoosandbox.org") print(" Copyright (c) 2010-2015") print sys.stdout.flush()