search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.55k stars 1.71k forks source link

host wasnt able to connect with the guest machine #1889

Open meca003 opened 7 years ago

meca003 commented 7 years ago

hi,

i just installed the latest cuckoo 2.0.4 and im having a problem with the communication between host and guest machine

error log i received

2017-10-13 16:11:07,331 [cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager 2017-10-13 16:11:08,500 [cuckoo.core.scheduler] INFO: Loaded 1 machine/s 2017-10-13 16:11:08,515 [cuckoo.core.scheduler] INFO: Waiting for analysis tasks. 2017-10-13 16:11:09,686 [cuckoo.core.scheduler] INFO: Starting analysis of FILE "smb-qua22o4u.7z" (task #2, options "") 2017-10-13 16:11:09,900 [cuckoo.core.scheduler] INFO: Task #2: acquired machine XP (label=XP) 2017-10-13 16:11:09,929 [cuckoo.auxiliary.mitm] INFO: Started mitm interception with PID 3121 (ip=192.168.0.102, port=50000). 2017-10-13 16:11:21,470 [cuckoo.core.guest] INFO: Starting analysis on guest (id=XP, ip=192.168.56.1) 2017-10-13 16:14:21,900 [cuckoo.core.scheduler] ERROR: Error from machine 'XP': it appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to connect to the Guest. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2017-10-13 16:14:57,576 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label XP to path /home/ace/.cuckoo/storage/analyses/2/memory.dmp 2017-10-13 16:15:02,439 [cuckoo.processing.behavior] WARNING: Analysis results folder does not exist at path '/home/ace/.cuckoo/storage/analyses/2/logs'. 2017-10-13 16:15:02,479 [cuckoo.processing.network] WARNING: The PCAP file does not exist at path "/home/ace/.cuckoo/storage/analyses/2/dump.pcap". 2017-10-13 16:15:02,480 [cuckoo.processing.debug] ERROR: Error processing task #2: it appears that the Virtual Machine hasn't been able to contact back to the Cuckoo Host. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2017-10-13 16:15:02,773 [cuckoo.core.scheduler] INFO: Task #2: reports generation completed 2017-10-13 16:15:02,962 [cuckoo.core.scheduler] INFO: Task #2: analysis procedure completed

and my host ip is

enp9s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.0.102 netmask 255.255.255.0 broadcast 192.168.0.255

my virtualbox interface and ip address is

vboxnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.56.1 netmask 255.255.255.0 broadcast 192.168.56.255

and i think i have configured the necessary configuration within the virtualbox.conf, cuckoo.conf and auxiliary.conf i would really appreciate if anyone can see what is the problem im facing. And its my first time installing cuckoo and i need it for a research im doing. thanx

jbremer commented 7 years ago

What do the IP addresses in your configuration look like?