search

EricZimmerman / KapeFiles

This repository serves as a place for community created Targets and Modules for use with KAPE.
MIT License
637 stars 190 forks source link

SparkCore Module Not running #168

Closed GabrielNBJJ closed 4 years ago

GabrielNBJJ commented 4 years ago

KAPE version # 0.8.8.0

Describe the bug Hello Eric,

I cannot get the SparkCore module to run. I have downloaded the binary files required and put them in bin\SparkCore folder.

I did a sample run with the command line below, no indication of SparkCore getting in to play. In the modules folder, running it with the default arguments.

Any help would be greatly appreciated. Thank you.

C:\KAPE Command line: --tsource C: --tdest C:\Kapetest --tflush --target $J,$LogFile --mdest C:\Kapetest\Modules --mflush --module SparkCore --gui

Using Target operations Flushing target destination directory 'C:\Kapetest' Creating target destination directory 'C:\Kapetest' Found 2 targets. Expanding targets to file list... Found 3 files in 0.086 seconds. Beginning copy... Deferring 'C:\$Extend\$UsnJrnl:$J' due to NotSupportedException... Deferring 'C:\$Extend\$UsnJrnl:$Max' due to NotSupportedException... Deferring 'C:\$LogFile' due to UnauthorizedAccessException... Deferred file count: 3. Copying locked files... Skipping sparse data area in $J! Copied deferred file 'C:\$Extend\$UsnJrnl:$J' to 'C:\Kapetest\C\$Extend\$J'. Hashing source file... Copied deferred file 'C:\$Extend\$UsnJrnl:$Max' to 'C:\Kapetest\C\$Extend\$Max'. Hashing source file... Copied deferred file 'C:\$LogFile' to 'C:\Kapetest\C\$LogFile'. Hashing source file...

Copied 3 out of 3 files in 2.9541 seconds. See '*_CopyLog.csv' in 'C:\Kapetest' for copy details

Using Module operations Setting --msource to 'C:\Kapetest' since --msource was not provided Flushing module destination directory 'C:\Kapetest\Modules' Creating module destination directory 'C:\Kapetest\Modules' Discovered 0 processors to run. Executing modules with file masks... Executing remaining modules... Executed 0 processors in 0.0123 seconds

Total execution time: 2.9930 seconds

Press any key to exit +

EricZimmerman commented 4 years ago

Reach out to the module author. No idea. Isn't this a paid tool?

GabrielNBJJ commented 4 years ago

It is a IOC Scanner, similar to Loki, available for free. Module is written by Eric Capuano.

EricZimmerman commented 4 years ago

I would ask him. @ecapuano ??

EricZimmerman commented 4 years ago

closing this as nothing from @ecapuano, the module author.