Can't start cuckoo web runserver web server but cuckoo -d will work fine

[gbdavidx]

My reporting.conf looks like this: enabled = yes host = 127.0.0.1 port = 27017 db = cuckoo store_memdump = yes paginate = 100

I can start mongodb by issuing command /etc/init.d/mongodb start and get an [ ok ] following on the next line but when i do cuckoo web runserver i get the error: in order to use the cuckoo web interface it is required to have Mongodb up and running and enabled in Cuckoo. ect

What else do i need to configure?

[gbdavidx]

output of netstat -tupln shows 127.0.0.1:27017 running mongod (obviously mongodb) so it is running!

[SparkyNZL]

can you please supply the entire errror ths will help more the command line you should be using if this is the package version of cuckoo eg installed with pip install cuckoo etc is as follows

cuckoo web -H 127.0.0.1 -p 8000 this will bind to 127.0.0.1 and port 8000.

Again please supply the entire error which is supplied on the screen you can just cut and paste it into there.

Cheers

[gbdavidx]

I appreciate the response, but that does not work

[gbdavidx]

i did indeed use pip install cuckoo, i'm using version 2.0.3

Error: in order to use the cuckoo web interface it is required to have MongoDB up-and-running and enabled in Cuckoo. PLease refer to our official documentation as well as the $CWD/conf/reporting.conf file.

http://docs.cuckoosandbox.org/en/latest/installation/host/configuration/#reporting-conf doesn't say much on how to turn on the web services, what i have provided above is what i have by googling from other analysts.

[gbdavidx]

Going to try out version 2.0.0 since i can't get this to work on 2.0.3 after reading almost everything online

[SparkyNZL]

you could install the alpha sudo pip install cuckoo==2.0.4a5

[gbdavidx]

apparently it doesn't work on 2.0.0 so this is a major issue across all releases

[jbremer]

Sounds like something is wrong with your version of MongoDB, though, as the Web Interface works for everyone else :-) What version of MongoDB are you running? Can you connect manually to it using the mongo command-line utliity? etc.

[gbdavidx]

i am using 2.6.11 i can connect if i do mongo and then it connects to a test database

it is an issue if the dbpath=/data/db 64-bit host =david-virtualbox, per the documantion is said to create a cuckoo user

[SparkyNZL]

can you post your reporting.conf file please. (the entire thing)

[gbdavidx]

Enable or disable the available reporting modules [on/off].

If you add a custom reporting module to your Cuckoo setup, you have to add

a dedicated entry in this file, or it won't be executed.

You can also add additional options under the section of your module and

they will be available in your Python class.

[feedback]

Automatically report errors that occurred during an analysis. Requires the

Cuckoo Feedback settings in cuckoo.conf to have been filled out properly.

enabled = no

[jsondump] enabled = yes indent = 4 calls = yes

[singlefile]

Enable creation of report.html and/or report.pdf?

enabled = no

Enable creation of report.html?

html = no

Enable creation of report.pdf?

pdf = no

[misp] enabled = no url = apikey =

The various modes describe which information should be submitted to MISP,

separated by whitespace. Available modes: maldoc ipaddr hashes url.

mode = maldoc ipaddr hashes url

[mongodb] enabled = yes host = {{ reporting.mongodb.host }} port = {{ reporting.mongodb.port }} db = {{ reporting.mongodb.db }} store_memdump = {{ reporting.mongodb.store_memdump }} paginate = {{ reporting.mongodb.paginate }}

MongoDB authentication (optional).

username = {{ reporting.mongodb.username }} password = {{ reporting.mongodb.password }}

[elasticsearch] enabled = no

Comma-separated list of ElasticSearch hosts. Format is IP:PORT, if port is

missing the default port is used.

Example: hosts = 127.0.0.1:9200, 192.168.1.1:80

hosts = 127.0.0.1

Increase default timeout from 10 seconds, required when indexing larger

analysis documents.

timeout = 300

Set to yes if we want to be able to search every API call instead of just

through the behavioral summary.

calls = no

Index of this Cuckoo instance. If multiple Cuckoo instances connect to the

same ElasticSearch host then this index (in Moloch called "instance") should

be unique for each Cuckoo instance.

index = cuckoo

Logging time pattern. This sets how elasticsearch creates indexes

by default it is yearly in most instances this will be sufficient

valid options: yearly, monthly, daily

index_time_pattern = yearly

Cuckoo node name in Elasticsearch to identify reporting host. Can be useful

for automation and while referring back to correct Cuckoo host.

cuckoo_node =

[moloch] enabled = no

If the Moloch web interface is hosted on a different IP address than the

Cuckoo Web Interface then you'll want to override the IP address here.

host =

If you wish to run Moloch in http (insecure) versus https (secure) mode,

set insecure to yes.

insecure = no

Following are various configurable settings. When in use of a recent version

of Moloch there is no need to change any of the following settings as they

represent the defaults.

moloch_capture = /data/moloch/bin/moloch-capture conf = /data/moloch/etc/config.ini instance = cuckoo

[notification]

Notification module to inform external systems that analysis is finished.

You should consider keeping this as very last reporting module.

enabled = no

External service URL where info will be POSTed.

example : https://my.example.host/some/destination/url

url =

Cuckoo host identifier - can be hostname.

for example : my.cuckoo.host

identifier =

[mattermost] enabled = no

Mattermost webhook URL.

example : https://my.mattermost.host/hooks/yourveryrandomkey

url =

Cuckoo host URL to make analysis ID clickable.

example : https://my.cuckoo.host/

myurl =

Username to show when posting message

username = cuckoo

What kind of data to show apart from default.

Show virustotal hits.

show_virustotal = no

Show matched cuckoo signatures.

show_signatures = no

Show collected URL-s by signature "network_http".

show_urls = no

Hide filename and create hash of it

hash_filename = no

Hide URL and create hash of it

hash_url = no

[gbdavidx]

And my mongodb status: hopefully this helps (venv) david@david-VirtualBox:/opt/cuckoo/conf$ service mongodb status ● mongodb.service - An object/document-oriented database Loaded: loaded (/lib/systemd/system/mongodb.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2017-07-21 16:27:24 PDT; 2 days ago Docs: man:mongod(1) Main PID: 15329 (mongod) Tasks: 10 (limit: 4915) CGroup: /system.slice/mongodb.service └─15329 /usr/bin/mongod --unixSocketPrefix=/run/mongodb --config /etc/mongodb.conf

Jul 21 16:27:24 david-VirtualBox systemd[1]: Started An object/document-oriented database.

[gbdavidx]

Sorry guy, i figured out the issue, i did a locate -i reporting.conf and found four diffirent versions, i updated one of them and it appeared to have solved the issue, looks like i need some course on how to use linux lol

[SparkyNZL]

great :) thats awesome you can close the ticket :)

On Tue, Jul 25, 2017 at 5:55 AM, gbdavidx notifications@github.com wrote:

Sorry guy, i figured out the issue, i did a locate -i reporting.conf and found four diffirent versions, i updated one of them and it appeared to have solved the issue, looks like i need some course on how to use linux lol

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/cuckoosandbox/cuckoo/issues/1724#issuecomment-317503402, or mute the thread https://github.com/notifications/unsubscribe-auth/AQ_imISdNx7F1ho6tEmxBNaZaGadrL5Nks5sRNqngaJpZM4Oefwe .

[idktanwar]

Please help me .....i am having same issue but ... this .....locate -i reporting.conf ..... gave me single file location ...

[doomedraven]

ls -lah $HOME/.cuckoo/ check for config directory there

[idktanwar]

2018-03-21 15:27:36,414 [werkzeug] INFO: 127.0.0.1 - - [21/Mar/2018 15:27:36] "GET / HTTP/1.1" 404 - i have installed cuckoo now i'm using cuckoo api when i open http://localhost:8090 i get 404 not found and in the command line i got below response when i run cuckoo api 2018-03-21 15:27:36,414 [werkzeug] INFO: 127.0.0.1 - - [21/Mar/2018 15:27:36] "GET / HTTP/1.1" 404 -

[doomedraven]

if you run on localhost you won't be able to connect from remote host, use -H 0.0.0.0

[idktanwar]

/home/ubuntu# ls -lah $HOME/.cuckoo total 104K drwxr-sr-x 17 root root 4.0K Mar 21 10:17 . drwx------ 17 root root 4.0K Mar 21 10:17 .. drwxr-sr-x 2 root root 4.0K Mar 21 08:19 agent drwxr-sr-x 6 root root 4.0K Mar 21 08:19 analyzer drwxr-sr-x 2 root root 4.0K Mar 21 10:17 conf -rw-r--r-- 1 root root 20K Mar 21 10:17 cuckoo.db -rw-r--r-- 1 root root 40 Mar 21 10:17 .cwd drwxr-sr-x 2 root root 4.0K Mar 21 08:19 distributed drwxr-sr-x 2 root root 4.0K Mar 21 08:19 elasticsearch -rw-r--r-- 1 root root 163 Dec 7 15:31 init.py drwxr-sr-x 2 root root 4.0K Mar 21 10:17 log drwxr-sr-x 3 root root 4.0K Mar 21 08:19 monitor drwxr-sr-x 2 root root 4.0K Mar 21 10:17 pidfiles drwxr-sr-x 9 root root 4.0K Mar 21 08:19 signatures drwxr-sr-x 5 root root 4.0K Mar 21 08:19 storage drwxr-sr-x 2 root root 4.0K Mar 21 10:17 stuff drwxr-sr-x 2 root root 4.0K Mar 21 08:19 supervisord -rw-r--r-- 1 root root 851 Mar 21 10:17 supervisord.conf drwxr-sr-x 2 root root 4.0K Mar 21 08:19 web drwxr-sr-x 2 root root 4.0K Mar 21 08:19 whitelist drwxr-sr-x 8 root root 4.0K Mar 21 08:19 yara

is this showing that i have mutiple file or else....

[idktanwar]

in $CWD/conf/reporting.conf file [mongodb] enabled = yes host = 127.0.0.1 port = 27017 db = cuckoo

/home/ubuntu/Cuckoo-2.0.5.3/cuckoo/web# cuckoo web -H 127.0.0.1 -p 27017

In order to use the Cuckoo Web Interface it is required to have MongoDB up-and-running and enabled in Cuckoo. Please refer to our official documentation as well as the $CWD/conf/reporting.conf file.

cuckoo -d is running properly but web interface is not starting .... help me !!!

[doomedraven]

do you start the web with both need to be executed in parallel

cuckoo web -H 127.0.0.1 -p 8000 # only access from localhost and cuckoo with ? cuckoo -d

[SparkyNZL]

Is there a reason you are trying to start cuckoo on the mongodb port ? if this machine is running mongo it will not work .

On Thu, Mar 22, 2018 at 6:49 AM, dktanwar notifications@github.com wrote:

in $CWD/conf/reporting.conf file [mongodb] enabled = yes host = 127.0.0.1 port = 27017 db = cuckoo

/home/ubuntu/Cuckoo-2.0.5.3/cuckoo/web# cuckoo web -H 127.0.0.1 -p 27017

In order to use the Cuckoo Web Interface it is required to have MongoDB up-and-running and enabled in Cuckoo. Please refer to our official documentation as well as the $CWD/conf/reporting.conf file.

cuckoo -d is running properly but web interface is not starting .... help me !!!

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/cuckoosandbox/cuckoo/issues/1724#issuecomment-375036028, or mute the thread https://github.com/notifications/unsubscribe-auth/AQ_imLam5vVl7IGxKWDGF-btbELZSqojks5tgpKrgaJpZM4Oefwe .

[doomedraven]

@SparkyNZL nice catch :D

[SparkyNZL]

thanks mate :)

On Thu, Mar 22, 2018 at 7:59 AM, doomedraven notifications@github.com wrote:

@SparkyNZL https://github.com/sparkynzl nice catch :D

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/cuckoosandbox/cuckoo/issues/1724#issuecomment-375059058, or mute the thread https://github.com/notifications/unsubscribe-auth/AQ_imEGFVwEmEKrIZkRpi0-mOLsjvRY0ks5tgqMrgaJpZM4Oefwe .

[doomedraven]

@idktanwar please read/reread the whole documentation till you understand what are you doing

[jz-wilson]

I was able to get this working by going into $CWD/web/local_settings.py and uncommenting the ADMINS section.

[adkharat]

test@test-Alienware-13-R2:~/cuckoo/web_android$ python manage.py runserver Performing system checks...

System check identified no issues (0 silenced). January 21, 2020 - 10:46:24 Django version 1.8.4, using settings 'web.settings' Starting development server at http://127.0.0.1:8000/ Quit the server with CONTROL-C.

/usr/local/lib/python2.7/dist-packages/sqlalchemy/sql/compiler.py:572: SAWarning: Can't resolve label reference 'added_on desc'; converting to text() (this warning may be suppressed after 10 occurrences) util.ellipses_string(element.element))

stack smashing detected : /usr/bin/python terminated Aborted (core dumped)

I get above error message when i start url http://127.0.0.1:8000/ in web-browser.

[r3dw0lf]

I had the same problem. MongoDB was running but WebUI was reporting not running. Solution: Enable MongoDB in "reporting.conf" in home directory "~/.cuckoo/". Update cuckoo and run again.