search

certsocietegenerale / fame

FAME Automates Malware Evaluation
https://certsocietegenerale.github.io/fame/
GNU General Public License v3.0
847 stars 168 forks source link

Your VT API key is not set in the confile file #72

Closed phate1 closed 2 years ago

phate1 commented 5 years ago

Description

when submitting a hash the ui pops up "This requires a valid API key." and i see a log stating "Your VT API key is not set in the confile file"

my api is set in the config on the UI and checking the mongo db I can see its set in there

Steps to Reproduce

enter api key submit hash get error

Expected behavior

downloads file from vt

Actual behavior

"This requires a valid API key." and "Your VT API key is not set in the confile file" errors

Debug

 utils/run.sh utils/troubleshoot.py
[+] Using existing virtualenv.

########## VERSION ##########

OS: Linux-4.15.0-65-generic-x86_64-with-Ubuntu-18.04-bionic
Python: 2.7.15+

########## DEPENDENCIES ###########

DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support
alabaster==0.7.12
amqp==2.5.1
androguard==3.3.5
asn1crypto==1.0.0
Babel==2.7.0
backports.functools-lru-cache==1.5
backports.shutil-get-terminal-size==1.0.0
backports.ssl-match-hostname==3.7.0.1
bamfdetect==1.6.13
beautifulsoup4==4.8.0
billiard==3.5.0.5
bs4==0.0.1
celery==4.1.1
certifi==2019.9.11
cffi==1.12.3
chardet==3.0.4
Click==7.0
colorama==0.3.7
colorclass==2.2.0
configparser==4.0.2
contextlib2==0.6.0
cryptography==2.7
cycler==0.10.0
decorator==4.4.0
defang==0.4.0
docker==3.6.0
docker-pycreds==0.4.0
docutils==0.15.2
easygui==0.98.1
EditorConfig==0.12.2
enum34==1.1.6
extract-msg==0.20.8
Flask==1.0.4
Flask-Classy==0.6.10
Flask-Login==0.3.2
Flask-Negotiation==0.1.9
flask-paginate==0.5.3
future==0.17.1
gitdb2==2.0.6
GitPython==2.1.14
googleplay-api==0.1.0
idna==2.6
ijson==2.5.1
imagesize==1.1.0
IMAPClient==2.1.0
importlib-metadata==0.23
ipaddress==1.0.22
ipython==5.8.0
ipython-genutils==0.2.0
itsdangerous==1.1.0
jbxapi==3.4.0
Jinja2==2.10.1
jsbeautifier==1.8.9
kiwisolver==1.1.0
kombu==4.6.5
LEPL==5.1.3
lxml==4.4.1
markdown2==2.3.8
MarkupSafe==1.1.1
matplotlib==2.2.4
more-itertools==5.0.0
msoffcrypto-tool==4.10.1
networkx==2.2
numpy==1.16.5
olefile==0.46
oletools==0.54.2
packaging==19.2
pathlib2==2.3.5
pbkdf2==1.3
peepdf==0.4.2
pefile==2019.4.18
pexpect==4.7.0
pickleshare==0.7.5
Pillow==3.2.0
pkg-resources==0.0.0
prompt-toolkit==1.0.18
protobuf==3.10.0
ptyprocess==0.6.0
pycparser==2.19
pycrypto==2.6.1
pydot==1.4.1
pyelftools==0.25
Pygments==2.4.2
pymongo==3.6.1
pyparsing==2.4.2
python-dateutil==2.7.5
python-magic==0.4.15
pythonaes==1.0
pytz==2019.2
rarfile==3.1
requests==2.18.4
rfc6266==0.0.4
scandir==1.10.0
simplegeneric==0.8.1
six==1.12.0
smmap2==2.0.5
snowballstemmer==2.0.0
soupsieve==1.9.4
Sphinx==1.7.9
sphinx-rtd-theme==0.3.1
sphinxcontrib-httpdomain==1.6.1
sphinxcontrib-websupport==1.1.2
subprocess32==3.5.4
traitlets==4.3.3
typing==3.7.4.1
tzlocal==1.5.1
urllib3==1.22
vine==1.3.0
virustotal-api==1.1.10
wcwidth==0.1.7
websocket-client==0.56.0
Werkzeug==0.16.0
yara-python==3.10.0
zipp==0.6.0
zxcvbn==1.0

########## MongoDB ##########

Version: 4.0.12
Authorization check: True

########## Configuration ##########

types: True
virustotal: True
comments: True
extracted: True
email: False
malware_config: False
volatility: True

Modules:

McAfee                    Antivirus            Disabled   Configured
Sophos                    Antivirus            Disabled   Configured
Symantec                  Antivirus            Disabled   Not Configured
apk                       Processing           Enabled    Configured
apk_verification          Processing           Disabled   Not Configured
bamfdetect                Processing           Enabled    Configured
cuckoo                    Processing           Disabled   Configured
cuckoo_modified           Processing           Disabled   Configured
cutthecrap                Processing           Disabled   Not Configured
document_preview          Processing           Enabled    Configured
email_headers             Processing           Enabled    Configured
eml                       Processing           Enabled    Configured
exiftool                  Processing           Enabled    Configured
joe                       Processing           Disabled   Not Configured
marcher_config            Processing           Disabled   Configured
mem_yara                  Processing           Disabled   Not Configured
msg                       Processing           Enabled    Configured
office_macros             Processing           Enabled    Configured
office_password           Processing           Disabled   Configured
peepdf                    Processing           Disabled   Configured
rat_decoders              Processing           Disabled   Configured
url_download              Processing           Enabled    Configured
url_preview               Processing           Enabled    Configured
virustotal_public         Processing           Enabled    Configured
zip                       Processing           Enabled    Configured
mattermost                Reporting            Disabled   Not Configured
slack                     Reporting            Disabled   Not Configured
Google Safe Browsing (Lookup API) Threat Intelligence  Disabled   Not Configured
Google Safe Browsing (Update API) Threat Intelligence  Disabled   Not Configured
URLhaus                   Threat Intelligence  Disabled   Not Configured
Yeti                      Threat Intelligence  Enabled    Configured
kvm                       Virtualization       Disabled   Configured
virtualbox                Virtualization       Disabled   Configured
gaelmuller commented 2 years ago

This should no longer be an issue now that we have preloading modules