def migrate(revision): """Perform database migrations.""" if not migrate_database(revision): print red(">>> Error migrating your database..") exit(1) print yellow(">>> Your database migration was successful!")
def dist_migrate(): args = [ "alembic", "-x", "cwd=%s" % cwd(), "upgrade", "head", ] try: subprocess.check_call( args, cwd=cwd("distributed", "migration", private=True) ) except subprocess.CalledProcessError: print red(">>> Error migrating your database..") exit(1) print yellow(">>> Your database migration was successful!")
def submit(ctx, target, url, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, baseline, remote, shuffle, pattern, max, unique): """Submit one or more files or URLs to Cuckoo.""" init_console_logging(level=ctx.parent.level) Database().connect() try: l = submit_tasks( target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, max, unique, url, baseline, shuffle ) for category, target, task_id in l: if task_id: print "%s: %s \"%s\" added as task with ID #%s" % ( bold(green("Success")), category, target, task_id ) else: print "%s: %s \"%s\" as it has already been analyzed" % ( bold(yellow("Skipped")), category, target ) except KeyboardInterrupt: print(red("Aborting submission of samples.."))
def community(ctx, force, branch, filepath): """Fetch supplies from the Cuckoo Community.""" init_console_logging(level=ctx.parent.level) try: fetch_community(force=force, branch=branch, filepath=filepath) log.info("Finished fetching & extracting the community files!") except KeyboardInterrupt: print(yellow("Aborting fetching of the Cuckoo Community resources.."))
def emit(self, record): colored = copy.copy(record) if record.levelname == "WARNING": colored.msg = yellow(record.msg) elif record.levelname == "ERROR" or record.levelname == "CRITICAL": colored.msg = red(record.msg) else: if "analysis procedure completed" in record.msg: colored.msg = cyan(record.msg) else: colored.msg = record.msg logging.StreamHandler.emit(self, colored)
def check_version(): """Checks version of Cuckoo.""" if not config("cuckoo:cuckoo:version_check"): return print(" Checking for updates...") try: r = requests.post( "http://api.cuckoosandbox.org/checkversion.php", data={"version": version} ) r.raise_for_status() r = r.json() except (requests.RequestException, ValueError) as e: print(red(" Error checking for the latest Cuckoo version: %s!" % e)) return if not isinstance(r, dict) or r.get("error"): print(red(" Error checking for the latest Cuckoo version:")) print(yellow(" Response: %s" % r)) return rc1_responses = "NEW_VERSION", "NO_UPDATES" # Deprecated response. if r.get("response") in rc1_responses and r.get("current") == "2.0-rc1": print(green(" You're good to go!")) return try: old = StrictVersion(version) < StrictVersion(r.get("current")) except ValueError: old = True if old: msg = "Cuckoo Sandbox version %s is available now." % r.get("current") print(red(" Outdated! ") + msg), else: print(green(" You're good to go!"))
def check_version(): """Checks version of Cuckoo.""" if not config("cuckoo:cuckoo:version_check"): return print(" Checking for updates...") try: r = requests.get( "https://cuckoosandbox.org/updates.json", params={"version": version}, timeout=6 ) r.raise_for_status() r = r.json() except (requests.RequestException, ValueError) as e: print(red(" Error checking for the latest Cuckoo version: %s!" % e)) return try: old = StrictVersion(version) < StrictVersion(r["version"]) except ValueError: old = True if old: msg = "Cuckoo Sandbox version %s is available now." % r["version"] print(red(" Outdated! ") + msg) else: print(green(" You're good to go!")) print("\n Our latest blogposts:") for blogpost in r["blogposts"]: print(" * %s, %s." % (yellow(blogpost["title"]), blogpost["date"])) print(" %s" % red(blogpost["oneline"])) print(" More at %s" % blogpost["url"]) print("") return r
def submit_tasks(target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, maxcount, is_unique, is_url, is_baseline, is_shuffle): db = Database() data = dict( package=package or "", timeout=timeout, options=options, priority=priority, machine=machine, platform=platform, custom=custom, owner=owner, tags=tags, memory="1" if memory else "0", enforce_timeout="1" if enforce_timeout else "0", clock=clock, unique="1" if is_unique else "0", ) if is_baseline: if remote: print "Remote baseline support has not yet been implemented." return task_id = db.add_baseline(timeout, owner, machine, memory) yield "Baseline", machine, task_id return if is_url and is_unique: print "URL doesn't have --unique support yet." return if is_url: for url in target: if not remote: data.pop("unique", None) task_id = db.add_url(to_unicode(url), **data) yield "URL", url, task_id continue data["url"] = to_unicode(url) try: r = requests.post( "http://%s/tasks/create/url" % remote, data=data ) yield "URL", url, r.json()["task_id"] except Exception as e: print "%s: unable to submit URL: %s" % ( bold(red("Error")), e ) else: files = [] for path in target: files.extend(enumerate_files(os.path.abspath(path), pattern)) if is_shuffle: random.shuffle(files) for filepath in files: if not os.path.getsize(filepath): print "%s: sample %s (skipping file)" % ( bold(yellow("Empty")), filepath ) continue if maxcount is not None: if not maxcount: break maxcount -= 1 if not remote: if is_unique: sha256 = File(filepath).get_sha256() if db.find_sample(sha256=sha256): yield "File", filepath, None continue data.pop("unique", None) task_id = db.add_path(file_path=filepath, **data) yield "File", filepath, task_id continue files = { "file": (os.path.basename(filepath), open(filepath, "rb")), } try: r = requests.post( "http://%s/tasks/create/file" % remote, data=data, files=files ) yield "File", filepath, r.json()["task_id"] except Exception as e: print "%s: unable to submit file: %s" % ( bold(red("Error")), e ) continue
def import_cuckoo(username, mode, dirpath): version = identify(dirpath) if not version: raise CuckooOperationalError( "The path that you specified is not a proper Cuckoo setup. Please " "point the path to the root of your older Cuckoo setup, i.e., to " "the directory containing the cuckoo.py script!" ) # TODO Copy over the configuration and ignore the database. if version in ("0.4", "0.4.1", "0.4.2"): raise CuckooOperationalError( "Importing from version 0.4, 0.4.1, or 0.4.2 is not supported as " "there are no database migrations for that version. Please start " "from scratch, your configuration would have been obsolete anyway!" ) print "We've identified a Cuckoo Sandbox %s installation!" % version if os.path.isdir(cwd()) and os.listdir(cwd()): raise CuckooOperationalError( "This Cuckoo Working Directory already exists. Please import to " "a new/clean Cuckoo Working Directory." ) # Following are various recursive imports. from cuckoo.apps import migrate_database from cuckoo.main import cuckoo_create print "Reading in the old configuration.." # Port the older configuration. cfg = Config.from_confdir(os.path.join(dirpath, "conf"), loose=True) cfg = migrate_conf(cfg, version) print " configuration has been migrated to the latest version!" print # Create a fresh Cuckoo Working Directory. cuckoo_create(username, cfg, quiet=True) dburi = cfg["cuckoo"]["database"]["connection"] # Ask if the user would like to make a backup of the SQL database and in # the case of sqlite3, copy/move/symlink cuckoo.db to the CWD. sqldump(dburi, dirpath) movesql(dburi, mode, dirpath) # Run database migrations. if not migrate_database(): raise CuckooOperationalError( "Error migrating your old Cuckoo database!" ) # Link or copy all of the older results to the new CWD. import_legacy_analyses(mode, dirpath) # Urge the user to run the community command. print print "You have successfully imported your old version of Cuckoo!" print "However, in order to get up-to-date, you'll probably want to" print yellow("run the community command"), print "by running", red("'cuckoo community'"), "manually." print "The community command will fetch the latest monitoring updates" print "and Cuckoo Signatures."
def import_(ctx, mode, path): """Imports an older Cuckoo setup into a new CWD. The old setup should be identified by PATH and the new CWD may be specified with the --cwd parameter, e.g., "cuckoo --cwd /tmp/cwd import old-cuckoo".""" if mode == "symlink" and is_windows(): sys.exit(red( "You can only use the 'symlink' mode on non-Windows platforms." )) print yellow("You are importing an existing Cuckoo setup. Please") print yellow("understand that, depending on the mode taken, if ") print yellow("you remove the old Cuckoo setup after this import ") print yellow("you may still"), red("lose ALL of your data!") print print yellow("Additionally, database migrations will be performed ") print yellow("in-place*. You won't be able to use your old Cuckoo ") print yellow("setup anymore afterwards! However, we'll provide ") print yellow("you with the option to create a SQL backup beforehand.") print print red("TL;DR Cleaning the old setup after the import may") print red("corrupt your new setup: its SQL, MongoDB, and ") print red("ElasticSearch database may be dropped and, in 'symlink'") print red("mode, the analyses removed.") print print yellow("*: Except for sqlite3 databases in combination with") print yellow(" the import 'copy' approach.") print value = click.confirm( "... I've read the above and understand the consequences", False ) if not value: sys.exit(red("Aborting operation.. please try again!")) try: import_cuckoo(ctx.parent.user, mode, path) except KeyboardInterrupt: print(red("Aborting import of Cuckoo instance.."))
def logo(): """Cuckoo asciiarts. @return: asciiarts array. """ logos = [] logos.append(""" _| _|_|_| _| _| _|_|_| _| _| _|_| _|_| _| _| _| _| _|_| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _|_|_| _|_|_| _|_|_| _| _| _|_| _|_|""") logos.append(""" __ .----..--.--..----.| |--..-----..-----. | __|| | || __|| < | _ || _ | |____||_____||____||__|__||_____||_____|""") logos.append(""" .: :: .-. , : .-. ;;.-. .-. .-. ; ; ; ; ;; .' ; ;'; ;' `;;;;'.'`..:;._`;;;;'_.'` `.`;;' `;;'""") logos.append(""" eeee e e eeee e e eeeee eeeee 8 8 8 8 8 8 8 8 8 88 8 88 8e 8e 8 8e 8eee8e 8 8 8 8 88 88 8 88 88 8 8 8 8 8 88e8 88ee8 88e8 88 8 8eee8 8eee8""") logos.append(""" _____________________________________/\/\_______________________________ ___/\/\/\/\__/\/\__/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ ___/\/\/\/\____/\/\/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ ________________________________________________________________________""") logos.append(""" _______ _ _ _______ _ _ _____ _____ | | | | |____/ | | | | |_____ |_____| |_____ | \\_ |_____| |_____|""") logos.append(""" _ ____ _ _ ____| | _ ___ ___ / ___) | | |/ ___) |_/ ) _ \ / _ \\ ( (___| |_| ( (___| _ ( |_| | |_| | \\____)____/ \\____)_| \\_)___/ \\___/""") logos.append(""" ______ __ __ ______ ___ ___ ______ ______ /_____/\\ /_/\\/_/\\ /_____/\\ /___/\\/__/\\ /_____/\\ /_____/\\ \\:::__\\/ \\:\\ \\:\\ \\\\:::__\\/ \\::.\\ \\\\ \\ \\\\:::_ \\ \\\\:::_ \\ \\ \\:\\ \\ __\\:\\ \\:\\ \\\\:\\ \\ __\\:: \\/_) \\ \\\\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\ \\/_/\\\\:\\ \\:\\ \\\\:\\ \\/_/\\\\:. __ ( ( \\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\_\\ \\ \\\\:\\_\\:\\ \\\\:\\_\\ \\ \\\\: \\ ) \\ \\ \\:\\_\\ \\ \\\\:\\_\\ \\ \\ \\_____\\/ \\_____\\/ \\_____\\/ \\__\\/\\__\\/ \\_____\\/ \\_____\\/""" ) logos.append(""" sSSs .S S. sSSs .S S. sSSs_sSSs sSSs_sSSs d%%SP .SS SS. d%%SP .SS SS. d%%SP~YS%%b d%%SP~YS%%b d%S' S%S S%S d%S' S%S S&S d%S' `S%b d%S' `S%b S%S S%S S%S S%S S%S d*S S%S S%S S%S S%S S&S S&S S&S S&S S&S .S*S S&S S&S S&S S&S S&S S&S S&S S&S S&S_sdSSS S&S S&S S&S S&S S&S S&S S&S S&S S&S~YSSY%b S&S S&S S&S S&S S&S S&S S&S S&S S&S `S% S&S S&S S&S S&S S*b S*b d*S S*b S*S S% S*b d*S S*b d*S S*S. S*S. .S*S S*S. S*S S& S*S. .S*S S*S. .S*S SSSbs SSSbs_sdSSS SSSbs S*S S& SSSbs_sdSSS SSSbs_sdSSS YSSP YSSP~YSSY YSSP S*S SS YSSP~YSSY YSSP~YSSY SP Y""") logos.append(""" _______ _____ _____ /::\\ \\ /\\ \\ /\\ \\ /::::\\ \\ /::\\____\\ /::\\ \\ /::::::\\ \\ /::::| | /::::\\ \\ /::::::::\\ \\ /:::::| | /::::::\\ \\ /:::/~~\\:::\\ \\ /::::::| | /:::/\\:::\\ \\ /:::/ \\:::\\ \\ /:::/|::| | /:::/ \\:::\\ \\ /:::/ / \\:::\\ \\ /:::/ |::| | /:::/ \\:::\\ \\ /:::/____/ \\:::\\____\\ /:::/ |::|___|______ /:::/ / \\:::\\ \\ |:::| | |:::| | /:::/ |::::::::\\ \\ /:::/ / \\:::\\ ___\\ |:::|____| |:::| |/:::/ |:::::::::\\____\\/:::/____/ ___\\:::| | \\:::\\ \\ /:::/ / \\::/ / ~~~~~/:::/ /\\:::\\ \\ /\\ /:::|____| \\:::\\ \\ /:::/ / \\/____/ /:::/ / \\:::\\ /::\\ \\::/ / \\:::\\ /:::/ / /:::/ / \\:::\\ \\:::\\ \\/____/ \\:::\\__/:::/ / /:::/ / \\:::\\ \\:::\\____\\ \\::::::::/ / /:::/ / \\:::\\ /:::/ / \\::::::/ / /:::/ / \\:::\\/:::/ / \\::::/ / /:::/ / \\::::::/ / \\::/____/ /:::/ / \\::::/ / ~~ \\::/ / \\::/____/ \\/____/ it's Cuckoo!""") logos.append(""" _ _ _ _ _ _ /\\ \\ /\\_\\ /\\ \\ /\\_\\ /\\ \\ /\\ \\ / \\ \\ / / / _ / \\ \\ / / / _ / \\ \\ / \\ \\ / /\\ \\ \\ \\ \\ \\__ /\\_\\ / /\\ \\ \\ / / / /\\_\\ / /\\ \\ \\ / /\\ \\ \\ / / /\\ \\ \\ \\ \\___\\ / / // / /\\ \\ \\ / / /__/ / / / / /\\ \\ \\ / / /\\ \\ \\ / / / \\ \\_\\ \\__ / / / // / / \\ \\_\\ / /\\_____/ / / / / \\ \\_\\ / / / \\ \\_\\ / / / \\/_/ / / / / / // / / \\/_/ / /\\_______/ / / / / / // / / / / / / / / / / / / / // / / / / /\\ \\ \\ / / / / / // / / / / / / / /________ / / /___/ / // / /________ / / / \\ \\ \\ / / /___/ / // / /___/ / / / / /_________\\/ / /____\\/ // / /_________\\/ / / \\ \\ \\ / / /____\\/ // / /____\\/ / \\/____________/\\/_________/ \\/____________/\\/_/ \\_\\_\\\\/_________/ \\/_________/""" ) logos.append(""" ),-. / Cuckoo Sandbox <(a `---',' no chance for malwares! ( `-, ._> ) ) _>.___/ _/""") logos.append(""" .-----------------. | Cuckoo Sandbox? | | OH NOES! |\\ '-.__.-' '-----------------' \\ /oo |--.--,--,--. \\_.-'._i__i__i_.' \"\"\"\"\"\"\"\"\"""") print(color(random.choice(logos), random.randrange(31, 37))) print print(" Cuckoo Sandbox %s" % yellow(version)) print(" www.cuckoosandbox.org") print(" Copyright (c) 2010-2018") print sys.stdout.flush()
def import_(ctx, mode, path): """Imports an older Cuckoo setup into a new CWD. The old setup should be identified by PATH and the new CWD may be specified with the --cwd parameter, e.g., "cuckoo --cwd /tmp/cwd import old-cuckoo".""" if os.path.exists(os.path.join(path, ".cwd")): print( yellow( "The 'cuckoo import' feature is meant to import a legacy Cuckoo, " "i.e., Cuckoo 1.2, 2.0-dev, 2.0-rc1, or 2.0-rc2 into a new Cuckoo " "CWD.")) print( red("You're attempting to import an existing Cuckoo CWD. To upgrade " "Cuckoo / your CWD, simply run 'pip install -U cuckoo' and re-run " "the cuckoo commands!")) sys.exit(1) if mode == "symlink" and is_windows(): sys.exit( red("You can only use the 'symlink' mode on non-Windows platforms." )) print yellow("You are importing an existing Cuckoo setup. Please") print yellow("understand that, depending on the mode taken, if ") print yellow("you remove the old Cuckoo setup after this import ") print yellow("you may still"), red("lose ALL of your data!") print print yellow("Additionally, database migrations will be performed ") print yellow("in-place*. You won't be able to use your old Cuckoo ") print yellow("setup anymore afterwards! However, we'll provide ") print yellow("you with the option to create a SQL backup beforehand.") print print red("TL;DR Cleaning the old setup after the import may") print red("corrupt your new setup: its SQL, MongoDB, and ") print red("ElasticSearch database may be dropped and, in 'symlink'") print red("mode, the analyses removed.") print print yellow("*: Except for sqlite3 databases in combination with") print yellow(" the import 'copy' approach.") print value = click.confirm( "... I've read the above and understand the consequences", False) if not value: sys.exit(red("Aborting operation.. please try again!")) try: import_cuckoo(ctx.parent.user, mode, path) except KeyboardInterrupt: print(red("Aborting import of Cuckoo instance.."))
def clean(): """Clean the CWD and associated databases.""" try: cuckoo_clean() except KeyboardInterrupt: print(yellow("Aborting cleaning up of your CWD.."))
def import_cuckoo(username, mode, dirpath): version = identify(dirpath) if not version: raise CuckooOperationalError( "The path that you specified is not a proper Cuckoo setup. Please " "point the path to the root of your legacy Cuckoo setup, i.e., to " "the directory containing the cuckoo.py script!") # TODO Copy over the configuration and ignore the database. if version in ("0.4", "0.4.1", "0.4.2"): raise CuckooOperationalError( "Importing from version 0.4, 0.4.1, or 0.4.2 is not supported as " "there are no database migrations for that version. Please start " "from scratch, your configuration would have been obsolete anyway!" ) print "We've identified a Cuckoo Sandbox %s installation!" % version if os.path.isdir(cwd()) and os.listdir(cwd()): raise CuckooOperationalError( "This Cuckoo Working Directory already exists. Please import to " "a new/clean Cuckoo Working Directory.") # Following are various recursive imports. from cuckoo.apps import migrate_database from cuckoo.main import cuckoo_create print "Reading in the old configuration.." # Port the older configuration. cfg = Config.from_confdir(os.path.join(dirpath, "conf"), loose=True) cfg = migrate_conf(cfg, version) print " configuration has been migrated to the latest version!" print # Create a fresh Cuckoo Working Directory. cuckoo_create(username, cfg, quiet=True) dburi = cfg["cuckoo"]["database"]["connection"] # Ask if the user would like to make a backup of the SQL database and in # the case of sqlite3, copy/move/symlink cuckoo.db to the CWD. sqldump(dburi, dirpath) movesql(dburi, mode, dirpath) # Run database migrations. if not migrate_database(): raise CuckooOperationalError( "Error migrating your old Cuckoo database!") # Link or copy all of the older results to the new CWD. import_legacy_analyses(mode, dirpath) # Urge the user to run the community command. print print "You have successfully imported your old version of Cuckoo!" print "However, in order to get up-to-date, you'll probably want to" print yellow("run the community command"), print "by running", red("'cuckoo community'"), "manually." print "The community command will fetch the latest monitoring updates" print "and Cuckoo Signatures."
def logo(): """Cuckoo asciiarts. @return: asciiarts array. """ logos = [] logos.append(""" _| _|_|_| _| _| _|_|_| _| _| _|_| _|_| _| _| _| _| _|_| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _|_|_| _|_|_| _|_|_| _| _| _|_| _|_|""") logos.append(""" __ .----..--.--..----.| |--..-----..-----. | __|| | || __|| < | _ || _ | |____||_____||____||__|__||_____||_____|""") logos.append(""" .: :: .-. , : .-. ;;.-. .-. .-. ; ; ; ; ;; .' ; ;'; ;' `;;;;'.'`..:;._`;;;;'_.'` `.`;;' `;;'""") logos.append(""" eeee e e eeee e e eeeee eeeee 8 8 8 8 8 8 8 8 8 88 8 88 8e 8e 8 8e 8eee8e 8 8 8 8 88 88 8 88 88 8 8 8 8 8 88e8 88ee8 88e8 88 8 8eee8 8eee8""") logos.append(""" _____________________________________/\/\_______________________________ ___/\/\/\/\__/\/\__/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ _/\/\________/\/\__/\/\__/\/\________/\/\/\/\____/\/\__/\/\__/\/\__/\/\_ ___/\/\/\/\____/\/\/\/\____/\/\/\/\__/\/\__/\/\____/\/\/\______/\/\/\___ ________________________________________________________________________""") logos.append(""" _______ _ _ _______ _ _ _____ _____ | | | | |____/ | | | | |_____ |_____| |_____ | \\_ |_____| |_____|""") logos.append(""" _ ____ _ _ ____| | _ ___ ___ / ___) | | |/ ___) |_/ ) _ \ / _ \\ ( (___| |_| ( (___| _ ( |_| | |_| | \\____)____/ \\____)_| \\_)___/ \\___/""") logos.append(""" ______ __ __ ______ ___ ___ ______ ______ /_____/\\ /_/\\/_/\\ /_____/\\ /___/\\/__/\\ /_____/\\ /_____/\\ \\:::__\\/ \\:\\ \\:\\ \\\\:::__\\/ \\::.\\ \\\\ \\ \\\\:::_ \\ \\\\:::_ \\ \\ \\:\\ \\ __\\:\\ \\:\\ \\\\:\\ \\ __\\:: \\/_) \\ \\\\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\ \\/_/\\\\:\\ \\:\\ \\\\:\\ \\/_/\\\\:. __ ( ( \\:\\ \\ \\ \\\\:\\ \\ \\ \\ \\:\\_\\ \\ \\\\:\\_\\:\\ \\\\:\\_\\ \\ \\\\: \\ ) \\ \\ \\:\\_\\ \\ \\\\:\\_\\ \\ \\ \\_____\\/ \\_____\\/ \\_____\\/ \\__\\/\\__\\/ \\_____\\/ \\_____\\/""") logos.append(""" sSSs .S S. sSSs .S S. sSSs_sSSs sSSs_sSSs d%%SP .SS SS. d%%SP .SS SS. d%%SP~YS%%b d%%SP~YS%%b d%S' S%S S%S d%S' S%S S&S d%S' `S%b d%S' `S%b S%S S%S S%S S%S S%S d*S S%S S%S S%S S%S S&S S&S S&S S&S S&S .S*S S&S S&S S&S S&S S&S S&S S&S S&S S&S_sdSSS S&S S&S S&S S&S S&S S&S S&S S&S S&S~YSSY%b S&S S&S S&S S&S S&S S&S S&S S&S S&S `S% S&S S&S S&S S&S S*b S*b d*S S*b S*S S% S*b d*S S*b d*S S*S. S*S. .S*S S*S. S*S S& S*S. .S*S S*S. .S*S SSSbs SSSbs_sdSSS SSSbs S*S S& SSSbs_sdSSS SSSbs_sdSSS YSSP YSSP~YSSY YSSP S*S SS YSSP~YSSY YSSP~YSSY SP Y""") logos.append(""" _______ _____ _____ /::\\ \\ /\\ \\ /\\ \\ /::::\\ \\ /::\\____\\ /::\\ \\ /::::::\\ \\ /::::| | /::::\\ \\ /::::::::\\ \\ /:::::| | /::::::\\ \\ /:::/~~\\:::\\ \\ /::::::| | /:::/\\:::\\ \\ /:::/ \\:::\\ \\ /:::/|::| | /:::/ \\:::\\ \\ /:::/ / \\:::\\ \\ /:::/ |::| | /:::/ \\:::\\ \\ /:::/____/ \\:::\\____\\ /:::/ |::|___|______ /:::/ / \\:::\\ \\ |:::| | |:::| | /:::/ |::::::::\\ \\ /:::/ / \\:::\\ ___\\ |:::|____| |:::| |/:::/ |:::::::::\\____\\/:::/____/ ___\\:::| | \\:::\\ \\ /:::/ / \\::/ / ~~~~~/:::/ /\\:::\\ \\ /\\ /:::|____| \\:::\\ \\ /:::/ / \\/____/ /:::/ / \\:::\\ /::\\ \\::/ / \\:::\\ /:::/ / /:::/ / \\:::\\ \\:::\\ \\/____/ \\:::\\__/:::/ / /:::/ / \\:::\\ \\:::\\____\\ \\::::::::/ / /:::/ / \\:::\\ /:::/ / \\::::::/ / /:::/ / \\:::\\/:::/ / \\::::/ / /:::/ / \\::::::/ / \\::/____/ /:::/ / \\::::/ / ~~ \\::/ / \\::/____/ \\/____/ it's Cuckoo!""") logos.append(""" _ _ _ _ _ _ /\\ \\ /\\_\\ /\\ \\ /\\_\\ /\\ \\ /\\ \\ / \\ \\ / / / _ / \\ \\ / / / _ / \\ \\ / \\ \\ / /\\ \\ \\ \\ \\ \\__ /\\_\\ / /\\ \\ \\ / / / /\\_\\ / /\\ \\ \\ / /\\ \\ \\ / / /\\ \\ \\ \\ \\___\\ / / // / /\\ \\ \\ / / /__/ / / / / /\\ \\ \\ / / /\\ \\ \\ / / / \\ \\_\\ \\__ / / / // / / \\ \\_\\ / /\\_____/ / / / / \\ \\_\\ / / / \\ \\_\\ / / / \\/_/ / / / / / // / / \\/_/ / /\\_______/ / / / / / // / / / / / / / / / / / / / // / / / / /\\ \\ \\ / / / / / // / / / / / / / /________ / / /___/ / // / /________ / / / \\ \\ \\ / / /___/ / // / /___/ / / / / /_________\\/ / /____\\/ // / /_________\\/ / / \\ \\ \\ / / /____\\/ // / /____\\/ / \\/____________/\\/_________/ \\/____________/\\/_/ \\_\\_\\\\/_________/ \\/_________/""") logos.append(""" ),-. / Cuckoo Sandbox <(a `---',' no chance for malwares! ( `-, ._> ) ) _>.___/ _/""") logos.append(""" .-----------------. | Cuckoo Sandbox? | | OH NOES! |\\ '-.__.-' '-----------------' \\ /oo |--.--,--,--. \\_.-'._i__i__i_.' \"\"\"\"\"\"\"\"\"""") print(color(random.choice(logos), random.randrange(31, 37))) print print(" Cuckoo Sandbox %s" % yellow(version)) print(" www.cuckoosandbox.org") print(" Copyright (c) 2010-2017") print sys.stdout.flush()
def submit_tasks(target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, maxcount, is_unique, is_url, is_baseline, is_shuffle): db = Database() data = dict( package=package or "", timeout=timeout, options=options, priority=priority, machine=machine, platform=platform, custom=custom, owner=owner, tags=tags, memory="1" if memory else "0", enforce_timeout="1" if enforce_timeout else "0", clock=clock, unique="1" if is_unique else "0", ) if is_baseline: if remote: print "Remote baseline support has not yet been implemented." return task_id = db.add_baseline(timeout, owner, machine, memory) yield "Baseline", machine, task_id return if is_url and is_unique: print "URL doesn't have --unique support yet." return if is_url: for url in target: if not remote: data.pop("unique", None) task_id = db.add_url(to_unicode(url), **data) yield "URL", url, task_id continue data["url"] = to_unicode(url) try: r = requests.post("http://%s/tasks/create/url" % remote, data=data) yield "URL", url, r.json()["task_id"] except Exception as e: print "%s: unable to submit URL: %s" % (bold(red("Error")), e) else: files = [] for path in target: files.extend(enumerate_files(os.path.abspath(path), pattern)) if is_shuffle: random.shuffle(files) for filepath in files: if not os.path.getsize(filepath): print "%s: sample %s (skipping file)" % (bold( yellow("Empty")), filepath) continue if maxcount is not None: if not maxcount: break maxcount -= 1 if not remote: if is_unique: sha256 = File(filepath).get_sha256() if db.find_sample(sha256=sha256): yield "File", filepath, None continue data.pop("unique", None) task_id = db.add_path(file_path=filepath, **data) yield "File", filepath, task_id continue files = { "file": (os.path.basename(filepath), open(filepath, "rb")), } try: r = requests.post("http://%s/tasks/create/file" % remote, data=data, files=files) yield "File", filepath, r.json()["task_id"] except Exception as e: print "%s: unable to submit file: %s" % (bold(red("Error")), e) continue
def import_(ctx, mode, path): """Imports an older Cuckoo setup into a new CWD. The old setup should be identified by PATH and the new CWD may be specified with the --cwd parameter, e.g., "cuckoo --cwd /tmp/cwd import old-cuckoo".""" if mode == "symlink" and is_windows(): sys.exit(red( "You can only use the 'symlink' mode on non-Windows platforms." )) print yellow("You are importing an existing Cuckoo setup. Please") print yellow("understand that, depending on the mode taken, if ") print yellow("you remove the old Cuckoo setup after this import ") print yellow("you may still"), red("loose ALL of your data!") print print yellow("Additionally, database migrations will be performed ") print yellow("in-place. You won't be able to use your old Cuckoo ") print yellow("setup anymore afterwards! However, we'll provide ") print yellow("you with the option to create a SQL backup beforehand.") print print red("TL;DR Cleaning the old setup after the import may") print red("corrupt your new setup: its SQL, MongoDB, and ") print red("ElasticSearch database may be dropped and, in 'symlink'") print red("mode, the analyses removed.") print value = click.confirm( "... I've read the above and understand the consequences", False ) if not value: sys.exit(red("Aborting operation.. please try again!")) try: import_cuckoo(ctx.parent.user, mode, path) except KeyboardInterrupt: print(red("Aborting import of Cuckoo instance.."))
def community(force, branch, filepath): """Fetch supplies from the Cuckoo Community.""" try: fetch_community(force=force, branch=branch, filepath=filepath) except KeyboardInterrupt: print(yellow("Aborting fetching of the Cuckoo Community resources.."))