def submit(ctx, target, url, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, baseline, remote, shuffle, pattern, max, unique): """Submit one or more files or URLs to Cuckoo.""" init_console_logging(level=ctx.parent.level) Database().connect() try: l = submit_tasks( target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, max, unique, url, baseline, shuffle ) for category, target, task_id in l: if task_id: print "%s: %s \"%s\" added as task with ID #%s" % ( bold(green("Success")), category, target, task_id ) else: print "%s: %s \"%s\" as it has already been analyzed" % ( bold(yellow("Skipped")), category, target ) except KeyboardInterrupt: print(red("Aborting submission of samples.."))
def submit_tasks(target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, maxcount, is_unique, is_url, is_baseline, is_shuffle): db = Database() data = dict( package=package or "", timeout=timeout, options=options, priority=priority, machine=machine, platform=platform, custom=custom, owner=owner, tags=tags, memory="1" if memory else "0", enforce_timeout="1" if enforce_timeout else "0", clock=clock, unique="1" if is_unique else "0", ) if is_baseline: if remote: print "Remote baseline support has not yet been implemented." return task_id = db.add_baseline(timeout, owner, machine, memory) yield "Baseline", machine, task_id return if is_url and is_unique: print "URL doesn't have --unique support yet." return if is_url: for url in target: if not remote: data.pop("unique", None) task_id = db.add_url(to_unicode(url), **data) yield "URL", url, task_id continue data["url"] = to_unicode(url) try: r = requests.post("http://%s/tasks/create/url" % remote, data=data) yield "URL", url, r.json()["task_id"] except Exception as e: print "%s: unable to submit URL: %s" % (bold(red("Error")), e) else: files = [] for path in target: files.extend(enumerate_files(os.path.abspath(path), pattern)) if is_shuffle: random.shuffle(files) for filepath in files: if not os.path.getsize(filepath): print "%s: sample %s (skipping file)" % (bold( yellow("Empty")), filepath) continue if maxcount is not None: if not maxcount: break maxcount -= 1 if not remote: if is_unique: sha256 = File(filepath).get_sha256() if db.find_sample(sha256=sha256): yield "File", filepath, None continue data.pop("unique", None) task_id = db.add_path(file_path=filepath, **data) yield "File", filepath, task_id continue files = { "file": (os.path.basename(filepath), open(filepath, "rb")), } try: r = requests.post("http://%s/tasks/create/file" % remote, data=data, files=files) yield "File", filepath, r.json()["task_id"] except Exception as e: print "%s: unable to submit file: %s" % (bold(red("Error")), e) continue
def check_version(ignore_vuln=False): """Check version of Cuckoo.""" if not config("cuckoo:cuckoo:version_check"): return ignore_vuln = ignore_vuln or config("cuckoo:cuckoo:ignore_vulnerabilities") import pkg_resources print(" Checking for updates...") try: r = requests.get("https://cuckoosandbox.org/updates.json", params={"version": version}, timeout=6) r.raise_for_status() r = r.json() except (requests.RequestException, ValueError) as e: print(red(" Error checking for the latest Cuckoo version: %s!" % e)) return try: old = StrictVersion(version) < StrictVersion(r["version"]) except ValueError: old = True warnings = [] for deptype, vulns in r.get("vulnerable", {}).iteritems(): for dep in vulns: compare = dep.get("highest") or dep.get("lowest") # Check if any of the mentioned Python dependencies are installed if deptype == "pydep": try: v = pkg_resources.get_distribution( dep["name"]).parsed_version except (pkg_resources.DistributionNotFound, ValueError): continue # See if the mentioned virtualization software is used elif deptype == "machinery": if config("cuckoo:cuckoo:machinery") != dep["name"]: continue # If the version number cannot be determined, raise a warning # to be sure. Virtualization vulnerabilities can potentially # cause a lot of damage v = cuckoo.machinery.plugins[dep["name"]].version() if not v: warnings.append( bold( red("Potentially vulnerable %s version installed. " "Failed to retrieve its version. Update if version" " is: %s" % (dep["name"], compare)))) continue else: continue warn = False # If a range is specified, check if the current version falls # within the range. if dep.get("highest") and dep.get("lowest"): lv = LooseVersion(str(v)) if (lv >= LooseVersion(dep["lowest"]) and lv <= LooseVersion(dep["highest"])): warn = True # If no range is specified, use the specified operator to see if # the installed version is # 'if <operator> highest/lowest specified' elif cmp_version(str(v), compare, dep["op"]): warn = True # Warn the user the dependency must be updated/ if warn: info = dep.get("info") message = "Vulnerable version of %s installed (%s). It is " \ "highly recommended to update. Please update and " \ "restart Cuckoo." % (dep["name"], v) if deptype == "pydep": message += " 'pip install %s%s'" % (dep["name"], dep["recommended"]) else: message += " Recommended version: %s" % dep["recommended"] message = bold(red(message)) if info: message += yellow("\nAdditional information: %s" % info) warnings.append(message) if warnings: print(color(bold(red("Vulnerable dependencies found\n")), 5)) for warning in warnings: print("--> %s\n" % color(warning, 4)) if warnings and not ignore_vuln: print( "This check can be disabled by enabling " "'ignore_vulnerabilities' in cuckoo.conf under the " "[cuckoo] section") sys.exit(1) if old: msg = "Cuckoo Sandbox version %s is available now." % r["version"] print(red(" Outdated! ") + msg) else: print(green(" You're good to go!")) print("\n Our latest blogposts:") for blogpost in r["blogposts"]: print(" * %s, %s." % (yellow(blogpost["title"]), blogpost["date"])) print(" %s" % red(blogpost["oneline"])) print(" More at %s" % blogpost["url"]) print("") return r
def submit_tasks(target, options, package, custom, owner, timeout, priority, machine, platform, memory, enforce_timeout, clock, tags, remote, pattern, maxcount, is_unique, is_url, is_baseline, is_shuffle): db = Database() data = dict( package=package or "", timeout=timeout, options=options, priority=priority, machine=machine, platform=platform, custom=custom, owner=owner, tags=tags, memory="1" if memory else "0", enforce_timeout="1" if enforce_timeout else "0", clock=clock, unique="1" if is_unique else "0", ) if is_baseline: if remote: print "Remote baseline support has not yet been implemented." return task_id = db.add_baseline(timeout, owner, machine, memory) yield "Baseline", machine, task_id return if is_url and is_unique: print "URL doesn't have --unique support yet." return if is_url: for url in target: if not remote: data.pop("unique", None) task_id = db.add_url(to_unicode(url), **data) yield "URL", url, task_id continue data["url"] = to_unicode(url) try: r = requests.post( "http://%s/tasks/create/url" % remote, data=data ) yield "URL", url, r.json()["task_id"] except Exception as e: print "%s: unable to submit URL: %s" % ( bold(red("Error")), e ) else: files = [] for path in target: files.extend(enumerate_files(os.path.abspath(path), pattern)) if is_shuffle: random.shuffle(files) for filepath in files: if not os.path.getsize(filepath): print "%s: sample %s (skipping file)" % ( bold(yellow("Empty")), filepath ) continue if maxcount is not None: if not maxcount: break maxcount -= 1 if not remote: if is_unique: sha256 = File(filepath).get_sha256() if db.find_sample(sha256=sha256): yield "File", filepath, None continue data.pop("unique", None) task_id = db.add_path(file_path=filepath, **data) yield "File", filepath, task_id continue files = { "file": (os.path.basename(filepath), open(filepath, "rb")), } try: r = requests.post( "http://%s/tasks/create/file" % remote, data=data, files=files ) yield "File", filepath, r.json()["task_id"] except Exception as e: print "%s: unable to submit file: %s" % ( bold(red("Error")), e ) continue