Open MikeFow opened 6 years ago
The same behavior is occurring in my cuckoo. However, in rare cases analysis results may be displayed.
I want to know the solution.
Can either of you share one or more PCAPs for these URL analyses?
I attached my pcap files.
Hi guys, I have the same behavior using https://www.google.fr or http://www.msn.fr as example. Did you find out something on this issue ? Thank you PS : I'm using Cuckoo 2.0.5
@MikeFow I suspect there's an issue due to the HTTP proxy that you're using. @TAKEDA-Yasuhiro it seems there are some TCP retransmission parsing issues in your pcap. Will have to take a better look at that at some point, thanks for the pcap.
Could be link to this issue https://github.com/cuckoosandbox/cuckoo/issues/2103 for some people concerning the HTTPS decryption ...
Hello,
I have installed Cuckoo 2.0.3 in my lab and hit an issue. Using similar lab set up with Cuckoo 2.0RC1 did not have this issue.
When I run an analysis - for example google.com, the HTTP tab under Network Analysis shows no traffic.
The PCAP and other tabs show correct information:![na-tcp](https://user-images.githubusercontent.com/28709833/29167378-11a9e90a-7dc2-11e7-9ec4-ef2cd3e60c93.JPG)
This behaviour is the same for both URLs and files.
Any ideas on where I can look to try and resolve this?