def start_cuckoo2(self,url,parent_dir): state1="" list_file_operation1=[] list_command_line1=[] refer_url1="" list_url_chain1=[] ek_name1="" set_cwd('/opt/cuckoo') db = Database() db.connect() id=db.add_url(url.split()[0]) print "folder {} is running".format(id) while True: if str(db.guest_get_status(id))=="stopped": break print "folder {} is stopped".format(id) time.sleep(70) #subfolder = os.listdir("/opt/cuckoo/storage/analyses") #print subfolder state_analyse_=state_analyse(id,parent_dir) state1=state_analyse_.state_decide_single() list_file_operation1=state_analyse_.analyse_file_operation_single() list_command_line1=state_analyse_.analyse_command_line_single() refer_url1=state_analyse_.acquire_refer_url_single() list_url_chain1,ek_name1=state_analyse_.analyse_url_chain_single() campaign_name=state_analyse_.analyse_Campaign_single() #print list_file_operation #print "Unexpected error:{}".format(sys.exc_info()[0]) print " foler {} state is {}".format(id,state1) return id,state1,list_file_operation1,list_command_line1,refer_url1,list_url_chain1,ek_name1,campaign_name
class DatabaseEngine(object): """Tests database stuff.""" URI = None def setup_class(self): set_cwd(tempfile.mkdtemp()) self.d = Database() self.d.connect(dsn=self.URI) def add_url(self, url, priority=1, status="pending"): task_id = self.d.add_url(url, priority=priority) self.d.set_status(task_id, status) return task_id def test_add_tasks(self): fd, sample_path = tempfile.mkstemp() os.write(fd, "hehe") os.close(fd) # Add task. count = self.d.Session().query(Task).count() self.d.add_path(sample_path) assert self.d.Session().query(Task).count() == count + 1 # Add url. self.d.add_url("http://foo.bar") assert self.d.Session().query(Task).count() == count + 2 def test_processing_get_task(self): # First reset all existing rows so that earlier exceptions don't affect # this unit test run. null, session = None, self.d.Session() session.query(Task).filter( Task.status == "completed", Task.processing == null ).update({ "processing": "something", }) session.commit() t1 = self.add_url("http://google.com/1", priority=1, status="completed") t2 = self.add_url("http://google.com/2", priority=2, status="completed") t3 = self.add_url("http://google.com/3", priority=1, status="completed") t4 = self.add_url("http://google.com/4", priority=1, status="completed") t5 = self.add_url("http://google.com/5", priority=3, status="completed") t6 = self.add_url("http://google.com/6", priority=1, status="completed") t7 = self.add_url("http://google.com/7", priority=1, status="completed") assert self.d.processing_get_task("foo") == t5 assert self.d.processing_get_task("foo") == t2 assert self.d.processing_get_task("foo") == t1 assert self.d.processing_get_task("foo") == t3 assert self.d.processing_get_task("foo") == t4 assert self.d.processing_get_task("foo") == t6 assert self.d.processing_get_task("foo") == t7 assert self.d.processing_get_task("foo") is None def test_error_exists(self): task_id = self.add_url("http://google.com/") self.d.add_error("A"*1024, task_id) assert len(self.d.view_errors(task_id)) == 1 self.d.add_error("A"*1024, task_id) assert len(self.d.view_errors(task_id)) == 2 def test_long_error(self): self.add_url("http://google.com/") self.d.add_error("A"*1024, 1) err = self.d.view_errors(1) assert err and len(err[0].message) == 1024 def test_submit(self): dirpath = tempfile.mkdtemp() submit_id = self.d.add_submit(dirpath, "files", { "foo": "bar", }) submit = self.d.view_submit(submit_id) assert submit.id == submit_id assert submit.tmp_path == dirpath assert submit.submit_type == "files" assert submit.data == { "foo": "bar", } def test_connect_no_create(self): AlembicVersion.__table__.drop(self.d.engine) self.d.connect(dsn=self.URI, create=False) assert "alembic_version" not in self.d.engine.table_names() self.d.connect(dsn=self.URI) assert "alembic_version" in self.d.engine.table_names() def test_view_submit_tasks(self): submit_id = self.d.add_submit(None, None, None) t1 = self.d.add_path(__file__, custom="1", submit_id=submit_id) t2 = self.d.add_path(__file__, custom="2", submit_id=submit_id) submit = self.d.view_submit(submit_id) assert submit.id == submit_id with pytest.raises(DetachedInstanceError): print submit.tasks submit = self.d.view_submit(submit_id, tasks=True) assert len(submit.tasks) == 2 tasks = sorted((task.id, task) for task in submit.tasks) assert tasks[0][1].id == t1 assert tasks[0][1].custom == "1" assert tasks[1][1].id == t2 assert tasks[1][1].custom == "2" def test_add_reboot(self): t0 = self.d.add_path(__file__) s0 = self.d.add_submit(None, None, None) t1 = self.d.add_reboot(task_id=t0, submit_id=s0) t = self.d.view_task(t1) assert t.custom == "%s" % t0 assert t.submit_id == s0 def test_task_set_options(self): t0 = self.d.add_path(__file__, options={"foo": "bar"}) t1 = self.d.add_path(__file__, options="foo=bar") assert self.d.view_task(t0).options == {"foo": "bar"} assert self.d.view_task(t1).options == {"foo": "bar"} def test_task_tags_str(self): task = self.d.add_path(__file__, tags="foo,,bar") tag0, tag1 = self.d.view_task(task).tags assert sorted((tag0.name, tag1.name)) == ["bar", "foo"] def test_task_tags_list(self): task = self.d.add_path(__file__, tags=["tag1", "tag2", "", 1, "tag3"]) tag0, tag1, tag2 = self.d.view_task(task).tags assert sorted((tag0.name, tag1.name, tag2.name)) == [ "tag1", "tag2", "tag3" ] def test_error_action(self): task_id = self.d.add_path(__file__) self.d.add_error("message1", task_id) self.d.add_error("message2", task_id, "actionhere") e1, e2 = self.d.view_errors(task_id) assert e1.message == "message1" assert e1.action is None assert e2.message == "message2" assert e2.action == "actionhere" def test_view_tasks(self): t1 = self.d.add_path(__file__) t2 = self.d.add_url("http://google.com/") tasks = self.d.view_tasks([t1, t2]) assert tasks[0].to_dict() == self.d.view_task(t1).to_dict() assert tasks[1].to_dict() == self.d.view_task(t2).to_dict() def test_add_machine(self): self.d.add_machine( "name1", "label", "1.2.3.4", "windows", None, "tag1 tag2", "int0", "snap0", "5.6.7.8", 2043 ) self.d.add_machine( "name2", "label", "1.2.3.4", "windows", "", "tag1 tag2", "int0", "snap0", "5.6.7.8", 2043 ) self.d.add_machine( "name3", "label", "1.2.3.4", "windows", "opt1 opt2", "tag1 tag2", "int0", "snap0", "5.6.7.8", 2043 ) self.d.add_machine( "name4", "label", "1.2.3.4", "windows", ["opt3", "opt4"], "tag1 tag2", "int0", "snap0", "5.6.7.8", 2043 ) m1 = self.d.view_machine("name1") m2 = self.d.view_machine("name2") m3 = self.d.view_machine("name3") m4 = self.d.view_machine("name4") assert m1.options == [] assert m2.options == [] assert m3.options == ["opt1", "opt2"] assert m4.options == ["opt3", "opt4"] @mock.patch("cuckoo.common.objects.magic") def test_add_sample(self, p): p.from_file.return_value = "" assert self.d.add_path(Files.temp_put(os.urandom(16))) is not None
def submit_tasks(target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, maxcount, is_unique, is_url, is_baseline, is_shuffle): db = Database() data = dict( package=package or "", timeout=timeout, options=options, priority=priority, machine=machine, platform=platform, custom=custom, owner=owner, tags=tags, memory="1" if memory else "0", enforce_timeout="1" if enforce_timeout else "0", clock=clock, unique="1" if is_unique else "0", ) if is_baseline: if remote: print "Remote baseline support has not yet been implemented." return task_id = db.add_baseline(timeout, owner, machine, memory) yield "Baseline", machine, task_id return if is_url and is_unique: print "URL doesn't have --unique support yet." return if is_url: for url in target: if not remote: data.pop("unique", None) task_id = db.add_url(to_unicode(url), **data) yield "URL", url, task_id continue data["url"] = to_unicode(url) try: r = requests.post("http://%s/tasks/create/url" % remote, data=data) yield "URL", url, r.json()["task_id"] except Exception as e: print "%s: unable to submit URL: %s" % (bold(red("Error")), e) else: files = [] for path in target: files.extend(enumerate_files(os.path.abspath(path), pattern)) if is_shuffle: random.shuffle(files) for filepath in files: if not os.path.getsize(filepath): print "%s: sample %s (skipping file)" % (bold( yellow("Empty")), filepath) continue if maxcount is not None: if not maxcount: break maxcount -= 1 if not remote: if is_unique: sha256 = File(filepath).get_sha256() if db.find_sample(sha256=sha256): yield "File", filepath, None continue data.pop("unique", None) task_id = db.add_path(file_path=filepath, **data) yield "File", filepath, task_id continue files = { "file": (os.path.basename(filepath), open(filepath, "rb")), } try: r = requests.post("http://%s/tasks/create/file" % remote, data=data, files=files) yield "File", filepath, r.json()["task_id"] except Exception as e: print "%s: unable to submit file: %s" % (bold(red("Error")), e) continue
def submit_tasks(target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, maxcount, is_unique, is_url, is_baseline, is_shuffle): db = Database() data = dict( package=package or "", timeout=timeout, options=options, priority=priority, machine=machine, platform=platform, custom=custom, owner=owner, tags=tags, memory="1" if memory else "0", enforce_timeout="1" if enforce_timeout else "0", clock=clock, unique="1" if is_unique else "0", ) if is_baseline: if remote: print "Remote baseline support has not yet been implemented." return task_id = db.add_baseline(timeout, owner, machine, memory) yield "Baseline", machine, task_id return if is_url and is_unique: print "URL doesn't have --unique support yet." return if is_url: for url in target: if not remote: data.pop("unique", None) task_id = db.add_url(to_unicode(url), **data) yield "URL", url, task_id continue data["url"] = to_unicode(url) try: r = requests.post( "http://%s/tasks/create/url" % remote, data=data ) yield "URL", url, r.json()["task_id"] except Exception as e: print "%s: unable to submit URL: %s" % ( bold(red("Error")), e ) else: files = [] for path in target: files.extend(enumerate_files(os.path.abspath(path), pattern)) if is_shuffle: random.shuffle(files) for filepath in files: if not os.path.getsize(filepath): print "%s: sample %s (skipping file)" % ( bold(yellow("Empty")), filepath ) continue if maxcount is not None: if not maxcount: break maxcount -= 1 if not remote: if is_unique: sha256 = File(filepath).get_sha256() if db.find_sample(sha256=sha256): yield "File", filepath, None continue data.pop("unique", None) task_id = db.add_path(file_path=filepath, **data) yield "File", filepath, task_id continue files = { "file": (os.path.basename(filepath), open(filepath, "rb")), } try: r = requests.post( "http://%s/tasks/create/file" % remote, data=data, files=files ) yield "File", filepath, r.json()["task_id"] except Exception as e: print "%s: unable to submit file: %s" % ( bold(red("Error")), e ) continue
class DatabaseEngine(object): """Tests database stuff.""" URI = None def setup_class(self): set_cwd(tempfile.mkdtemp()) self.d = Database() self.d.connect(dsn=self.URI) def add_url(self, url, priority=1, status="pending"): task_id = self.d.add_url(url, priority=priority) self.d.set_status(task_id, status) return task_id def test_add_tasks(self): fd, sample_path = tempfile.mkstemp() os.write(fd, "hehe") os.close(fd) # Add task. count = self.d.Session().query(Task).count() self.d.add_path(sample_path) assert self.d.Session().query(Task).count() == count + 1 # Add url. self.d.add_url("http://foo.bar") assert self.d.Session().query(Task).count() == count + 2 def test_processing_get_task(self): # First reset all existing rows so that earlier exceptions don't affect # this unit test run. null, session = None, self.d.Session() session.query(Task).filter(Task.status == "completed", Task.processing == null).update({ "processing": "something", }) session.commit() t1 = self.add_url("http://google.com/1", priority=1, status="completed") t2 = self.add_url("http://google.com/2", priority=2, status="completed") t3 = self.add_url("http://google.com/3", priority=1, status="completed") t4 = self.add_url("http://google.com/4", priority=1, status="completed") t5 = self.add_url("http://google.com/5", priority=3, status="completed") t6 = self.add_url("http://google.com/6", priority=1, status="completed") t7 = self.add_url("http://google.com/7", priority=1, status="completed") assert self.d.processing_get_task("foo") == t5 assert self.d.processing_get_task("foo") == t2 assert self.d.processing_get_task("foo") == t1 assert self.d.processing_get_task("foo") == t3 assert self.d.processing_get_task("foo") == t4 assert self.d.processing_get_task("foo") == t6 assert self.d.processing_get_task("foo") == t7 assert self.d.processing_get_task("foo") is None def test_error_exists(self): task_id = self.add_url("http://google.com/") self.d.add_error("A" * 1024, task_id) assert len(self.d.view_errors(task_id)) == 1 self.d.add_error("A" * 1024, task_id) assert len(self.d.view_errors(task_id)) == 2 def test_long_error(self): self.add_url("http://google.com/") self.d.add_error("A" * 1024, 1) err = self.d.view_errors(1) assert err and len(err[0].message) == 1024 def test_submit(self): dirpath = tempfile.mkdtemp() submit_id = self.d.add_submit(dirpath, "files", { "foo": "bar", }) submit = self.d.view_submit(submit_id) assert submit.id == submit_id assert submit.tmp_path == dirpath assert submit.submit_type == "files" assert submit.data == { "foo": "bar", } def test_connect_no_create(self): AlembicVersion.__table__.drop(self.d.engine) self.d.connect(dsn=self.URI, create=False) assert "alembic_version" not in self.d.engine.table_names() self.d.connect(dsn=self.URI) assert "alembic_version" in self.d.engine.table_names() def test_view_submit_tasks(self): submit_id = self.d.add_submit(None, None, None) t1 = self.d.add_path(__file__, custom="1", submit_id=submit_id) t2 = self.d.add_path(__file__, custom="2", submit_id=submit_id) submit = self.d.view_submit(submit_id) assert submit.id == submit_id with pytest.raises(DetachedInstanceError): print submit.tasks submit = self.d.view_submit(submit_id, tasks=True) assert len(submit.tasks) == 2 tasks = sorted((task.id, task) for task in submit.tasks) assert tasks[0][1].id == t1 assert tasks[0][1].custom == "1" assert tasks[1][1].id == t2 assert tasks[1][1].custom == "2" def test_add_reboot(self): t0 = self.d.add_path(__file__) s0 = self.d.add_submit(None, None, None) t1 = self.d.add_reboot(task_id=t0, submit_id=s0) t = self.d.view_task(t1) assert t.custom == "%s" % t0 assert t.submit_id == s0 def test_task_set_options(self): t0 = self.d.add_path(__file__, options={"foo": "bar"}) t1 = self.d.add_path(__file__, options="foo=bar") assert self.d.view_task(t0).options == {"foo": "bar"} assert self.d.view_task(t1).options == {"foo": "bar"} def test_task_tags_str(self): task = self.d.add_path(__file__, tags="foo,,bar") tag0, tag1 = self.d.view_task(task).tags assert sorted((tag0.name, tag1.name)) == ["bar", "foo"] def test_task_tags_list(self): task = self.d.add_path(__file__, tags=["tag1", "tag2", "", 1, "tag3"]) tag0, tag1, tag2 = self.d.view_task(task).tags assert sorted( (tag0.name, tag1.name, tag2.name)) == ["tag1", "tag2", "tag3"] def test_error_action(self): task_id = self.d.add_path(__file__) self.d.add_error("message1", task_id) self.d.add_error("message2", task_id, "actionhere") e1, e2 = self.d.view_errors(task_id) assert e1.message == "message1" assert e1.action is None assert e2.message == "message2" assert e2.action == "actionhere" def test_view_tasks(self): t1 = self.d.add_path(__file__) t2 = self.d.add_url("http://google.com/") tasks = self.d.view_tasks([t1, t2]) assert tasks[0].to_dict() == self.d.view_task(t1).to_dict() assert tasks[1].to_dict() == self.d.view_task(t2).to_dict() def test_add_machine(self): self.d.add_machine("name1", "label", "1.2.3.4", "windows", None, "tag1 tag2", "int0", "snap0", "5.6.7.8", 2043) self.d.add_machine("name2", "label", "1.2.3.4", "windows", "", "tag1 tag2", "int0", "snap0", "5.6.7.8", 2043) self.d.add_machine("name3", "label", "1.2.3.4", "windows", "opt1 opt2", "tag1 tag2", "int0", "snap0", "5.6.7.8", 2043) self.d.add_machine("name4", "label", "1.2.3.4", "windows", ["opt3", "opt4"], "tag1 tag2", "int0", "snap0", "5.6.7.8", 2043) m1 = self.d.view_machine("name1") m2 = self.d.view_machine("name2") m3 = self.d.view_machine("name3") m4 = self.d.view_machine("name4") assert m1.options == [] assert m2.options == [] assert m3.options == ["opt1", "opt2"] assert m4.options == ["opt3", "opt4"] def test_set_machine_rcparams(self): self.d.add_machine("name5", "label5", "1.2.3.4", "windows", None, "tag1 tag2", "int0", "snap0", "5.6.7.8", 2043) self.d.set_machine_rcparams("label5", { "protocol": "rdp", "host": "127.0.0.1", "port": 3389, }) m = self.d.view_machine("name5") assert m.rcparams == { "protocol": "rdp", "host": "127.0.0.1", "port": "3389", } @mock.patch("sflock.magic") def test_add_sample(self, p): p.from_file.return_value = "" assert self.d.add_path(Files.temp_put(os.urandom(16))) is not None