search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.56k stars 1.7k forks source link

Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to the connect to the Guest or the other way around #2000

Closed zaxoscy closed 6 years ago

zaxoscy commented 6 years ago

Hello guys, i installed cuckoo to virtual Kali Linux and i am trying to analyze a malware to a virtual windows 7 unsuccessfully. on the cuckoo logs i am getting the following error It appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to the connect to the Guest or the other way around (i.e., Guest wasn't able to contact the Cuckoo Host) but i can ping the devices each other (Kali Linux to Windows and opposite)

I am using a windows 7 host with virtualbox. Set to NAT below you can find the configuration of cuckoo cuckoo.conf machinery = virtualbox resultserver -> ip = 10.0.2.15 resultserver -> port = 2042

virtualbox.conf

virtualbox conf

memory.conf guest_profile = Win7SP1x86

you can find also the cuckoo logs

File Fake Intel (1).exe Summary Size 1.2MB Type PE32 executable (GUI) Intel 80386, for MS Windows MD5 9b68b45afa269ba1b0c01749fa4b942f SHA1 644a80486752ddc2d3c468f7190cf504c149c7ba SHA256 b71a4a57d21742797ec9079c745e2f884cb9379717069189bf0839078b0e2c62 SHA512
CRC32 7B3175CD ssdeep None PDB Path c:\To\CALs\The.pdb Yara None matched Score This file appears fairly benign with a score of 0.0 out of 10.

Please notice: The scoring system is currently still in development and should be considered an alpha feature. Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here Information on Execution Analysis Category Started Completed Duration Logs FILE Dec. 6, 2017, 3:51 a.m. Dec. 6, 2017, 3:54 a.m. 204 seconds Show Analyzer Log Show Cuckoo Log Machine Name Label Started On Shutdown On IE8 - Win7 IE8 - Win7 2017-12-06 03:51:03 2017-12-06 03:54:27 Cuckoo Log

2017-12-06 03:51:03,533 [cuckoo.core.scheduler] INFO: Task #25: acquired machine IE8 - Win7 (label=IE8 - Win7) 2017-12-06 03:51:03,534 [cuckoo.auxiliary.mitm] ERROR: Mitmdump does not exist at path "/usr/local/bin/mitmdump", man in the middle interception aborted. 2017-12-06 03:51:03,534 [cuckoo.core.plugins] DEBUG: Started auxiliary module: MITM 2017-12-06 03:51:03,603 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 2311 (interface=vboxnet0, host=10.0.2.16) 2017-12-06 03:51:03,604 [cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer 2017-12-06 03:51:03,814 [cuckoo.machinery.virtualbox] DEBUG: Starting vm IE8 - Win7 2017-12-06 03:51:04,607 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine IE8 - Win7 to IE 2017-12-06 03:51:19,336 [cuckoo.core.guest] INFO: Starting analysis on guest (id=IE8 - Win7, ip=10.0.2.16) 2017-12-06 03:51:20,362 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:21,236 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:22,242 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:23,247 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:24,253 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:25,257 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:26,262 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:27,270 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:28,277 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:29,282 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:30,288 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:31,293 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:32,299 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:33,306 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:34,312 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:35,317 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:36,322 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:37,327 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:38,330 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:39,371 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:40,375 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:41,381 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:42,386 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:43,390 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:44,396 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:45,401 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:46,603 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:47,608 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:48,613 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:49,641 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:50,646 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:51,651 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:52,655 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:53,692 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:54,697 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:55,704 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:56,713 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:57,729 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:58,733 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:51:59,738 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:00,744 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:01,748 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:02,751 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:03,754 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:04,758 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:05,763 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:06,767 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:07,771 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:08,886 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:09,894 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:10,902 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:11,907 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:12,913 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:13,941 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:14,945 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:15,950 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:16,954 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:17,960 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:18,964 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:19,967 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:20,980 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:21,987 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:22,991 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:23,997 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:25,003 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:26,007 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:27,015 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:28,020 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:29,068 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:30,075 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:31,081 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:32,087 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:33,094 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:34,101 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:35,108 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:36,113 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:37,120 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:38,127 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:39,131 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:40,138 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:41,187 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:42,191 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:43,199 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:44,204 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:45,208 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:46,212 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:47,216 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:48,220 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:49,247 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:50,254 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:51,260 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:52,263 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:53,268 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:54,271 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:55,275 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:56,278 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:57,282 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:58,288 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:52:59,292 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:00,301 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:01,305 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:02,314 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:03,318 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:04,322 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:05,327 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:06,341 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:07,348 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:08,353 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:09,359 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:10,366 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:11,381 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:12,386 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:13,390 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:14,394 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:15,398 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:16,403 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:17,409 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:18,416 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:19,421 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:20,425 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:21,430 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:22,435 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:23,448 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:24,465 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:25,474 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:26,478 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:27,482 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:28,491 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:29,496 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:30,506 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:31,513 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:32,526 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:33,539 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:34,553 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:35,556 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:36,564 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:37,568 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:38,574 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:39,585 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:40,592 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:41,611 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:42,616 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:43,624 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:44,632 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:45,637 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:46,642 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:47,653 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:48,688 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:49,695 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:50,699 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:51,706 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:52,712 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:53,726 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:54,739 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:55,748 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:56,754 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:57,761 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:58,765 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:53:59,770 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:00,774 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:01,780 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:02,787 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:03,791 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:04,798 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:05,804 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:06,811 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:07,817 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:08,829 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:09,835 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:10,840 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:11,846 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:12,860 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:13,865 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:14,868 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:15,873 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:16,878 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:17,881 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:18,886 [cuckoo.core.guest] DEBUG: IE8 - Win7: not ready yet 2017-12-06 03:54:19,892 [cuckoo.core.scheduler] ERROR: Error from machine 'IE8 - Win7': it appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to connect to the Guest. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2017-12-06 03:54:20,038 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: MITM 2017-12-06 03:54:20,041 [cuckoo.core.plugins] ERROR: Unable to stop auxiliary module: Sniffer Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/cuckoo/core/plugins.py", line 162, in stop module.stop() File "/usr/local/lib/python2.7/dist-packages/cuckoo/auxiliary/sniffer.py", line 154, in stop (out, err, faq("permission-denied-for-tcpdump")) CuckooOperationalError: Error running tcpdump to sniff the network traffic during the analysis; stdout = '' and stderr = 'tcpdump: vboxnet0: No such device exists\n(SIOCGIFHWADDR: No such device)\n'. Did you enable the extra capabilities to allow running tcpdump as non-root user and disable AppArmor properly (the latter only applies to Ubuntu-based distributions with AppArmor, see also https://cuckoo.sh/docs/faq/index.html#permission-denied-for-tcpdump)? 2017-12-06 03:54:24,813 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label IE8 - Win7 to path /root/.cuckoo/storage/analyses/25/memory.dmp 2017-12-06 03:54:25,438 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm IE8 - Win7 2017-12-06 03:54:27,442 [cuckoo.core.scheduler] DEBUG: Released database task #25 2017-12-06 03:54:27,496 [cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" for task #25 2017-12-06 03:54:27,616 [cuckoo.processing.behavior] WARNING: Analysis results folder does not exist at path '/root/.cuckoo/storage/analyses/25/logs'. 2017-12-06 03:54:27,619 [cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" for task #25 2017-12-06 03:54:27,633 [cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" for task #25 2017-12-06 03:54:27,637 [cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" for task #25 2017-12-06 03:54:27,639 [cuckoo.core.plugins] DEBUG: Executed processing module "Extracted" for task #25 2017-12-06 03:54:34,279 [cuckoo.processing.memory] DEBUG: Executing volatility 'pslist' module. 2017-12-06 03:54:38,526 [cuckoo.processing.memory] DEBUG: Executing volatility 'psxview' module. 2017-12-06 03:55:14,688 [cuckoo.processing.memory] DEBUG: Executing volatility 'callbacks' module. 2017-12-06 03:55:23,954 [cuckoo.processing.memory] DEBUG: Executing volatility 'idt' module. 2017-12-06 03:55:33,261 [cuckoo.processing.memory] DEBUG: Executing volatility 'ssdt' module. 2017-12-06 03:55:44,921 [cuckoo.processing.memory] DEBUG: Executing volatility 'gdt' module. 2017-12-06 03:55:48,465 [cuckoo.processing.memory] DEBUG: Executing volatility 'timers' module. 2017-12-06 03:55:56,293 [cuckoo.processing.memory] DEBUG: Skipping 'messagehooks' volatility module 2017-12-06 03:55:56,294 [cuckoo.processing.memory] DEBUG: Executing volatility 'getsids' module. 2017-12-06 03:56:01,419 [cuckoo.processing.memory] DEBUG: Executing volatility 'privs' module. 2017-12-06 03:56:06,059 [cuckoo.processing.memory] DEBUG: Executing volatility 'malfind' module. 2017-12-06 03:56:14,001 [cuckoo.processing.memory] DEBUG: Skipping 'apihooks' volatility module 2017-12-06 03:56:14,002 [cuckoo.processing.memory] DEBUG: Executing volatility 'dlllist' module. 2017-12-06 03:56:18,074 [cuckoo.processing.memory] DEBUG: Executing volatility 'handles' module. 2017-12-06 03:56:40,392 [cuckoo.processing.memory] DEBUG: Executing volatility 'ldrmodules' module. 2017-12-06 03:56:50,323 [cuckoo.processing.memory] DEBUG: Executing volatility 'mutantscan' module. 2017-12-06 03:56:52,416 [cuckoo.processing.memory] DEBUG: Executing volatility 'devicetree' module. 2017-12-06 03:56:54,224 [cuckoo.processing.memory] DEBUG: Executing volatility 'svcscan' module. 2017-12-06 03:56:57,292 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,301 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,303 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,311 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,315 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,321 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,330 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,337 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,350 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,352 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,364 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,368 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,373 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,378 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,384 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,391 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,393 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,394 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,408 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,424 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,436 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,450 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,458 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,481 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,483 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,509 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,522 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,524 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,529 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,531 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,533 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,535 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,542 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,544 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,552 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,557 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,563 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,565 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,568 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,571 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,579 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,584 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,592 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,595 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,612 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,619 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,620 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,631 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,633 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,638 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,648 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,653 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,657 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,660 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,670 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,674 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,697 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,699 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,700 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,714 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,722 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,729 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,738 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,760 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,784 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,786 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,789 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,792 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,798 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,803 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,811 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,821 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,833 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,840 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,842 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,845 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,853 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,859 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:57,876 [volatility.debug] WARNING: NoneObject as string: Pointer DisplayName invalid 2017-12-06 03:56:58,158 [cuckoo.processing.memory] DEBUG: Executing volatility 'modscan' module. 2017-12-06 03:56:59,025 [cuckoo.processing.memory] DEBUG: Executing volatility 'yarascan' module. 2017-12-06 03:57:27,374 [cuckoo.processing.memory] DEBUG: Executing volatility 'netscan' module. 2017-12-06 03:57:28,224 [volatility.debug] WARNING: NoneObject as string: Pointer Owner invalid 2017-12-06 03:57:28,232 [volatility.debug] WARNING: NoneObject as string: Pointer Owner invalid 2017-12-06 03:57:28,285 [volatility.debug] WARNING: NoneObject as string: Pointer Owner invalid 2017-12-06 03:57:28,379 [cuckoo.core.plugins] DEBUG: Executed processing module "Memory" for task #25 2017-12-06 03:57:28,402 [cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" for task #25 2017-12-06 03:57:28,402 [cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" for task #25 2017-12-06 03:57:28,403 [cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" for task #25 2017-12-06 03:57:28,403 [cuckoo.core.plugins] DEBUG: Executed processing module "Screenshots" for task #25 2017-12-06 03:57:28,827 [cuckoo.core.plugins] DEBUG: Executed processing module "Static" for task #25 2017-12-06 03:57:28,930 [cuckoo.core.plugins] DEBUG: Executed processing module "Strings" for task #25 2017-12-06 03:57:28,991 [cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" for task #25 2017-12-06 03:57:28,992 [cuckoo.processing.network] WARNING: The PCAP file does not exist at path "/root/.cuckoo/storage/analyses/25/dump.pcap". 2017-12-06 03:57:28,997 [cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" for task #25 2017-12-06 03:57:28,998 [cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" for task #25 2017-12-06 03:57:28,999 [cuckoo.processing.debug] ERROR: Error processing task #25: it appears that the Virtual Machine hasn't been able to contact back to the Cuckoo Host. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2017-12-06 03:57:29,051 [cuckoo.core.plugins] DEBUG: Executed processing module "Debug" for task #25 2017-12-06 03:57:29,052 [cuckoo.core.plugins] DEBUG: Running 0 signatures 2017-12-06 03:57:29,422 [cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump"

image

I need some help how to solve this issue

zaxoscy commented 6 years ago

additional info regarding virtual windows 7 image

zaxoscy commented 6 years ago

please note that i get the following error when i start the Kali linux

image

hendl commented 6 years ago

Is the Agent running in the VM? What is the output if you type: curl :8000

zaxoscy commented 6 years ago

Probably is not running but where i have to write this curl :8000? When i start the agent in the guest windows 7 is open and close instantly

zaxoscy commented 6 years ago

image

zaxoscy commented 6 years ago

image

doomedraven commented 6 years ago

ahahhaa no, you need to provide vm ip curl ip:8000

zaxoscy commented 6 years ago

image

as you can see i am not the best in linux :)

doomedraven commented 6 years ago

as you can see, agent is not started in vm, or firewall blocking it or any other things blocking connection

zaxoscy commented 6 years ago

For sure firewall is disable from windows vm.. do you have any idea where to look?

doomedraven commented 6 years ago

can you check if your vm is listening in port 8000? from inside of the vm netstat -ano check for :8000
check

on host sudo iptables -L sudo iptables -L -t nat sudo ufw status etc etc etc

zaxoscy commented 6 years ago

image

firewall is disable on both VMs..

doomedraven commented 6 years ago

you can answer the problem by yourself, there no agent started in guest

zaxoscy commented 6 years ago

I followed the instruction how to install and config the cuckoo but something went wrong i guess.. do you know how to start the agent? Any command how to activate or any instructions?

Thanks anyway:)

doomedraven commented 6 years ago

https://cuckoo.sh/docs/installation/guest/agent.html put it in startup and reboot vm, or put where you want and add to autorun, any method which do you like

jbremer commented 6 years ago

The resultserver IP address is probably incorrect. Also follow the steps that @doomedraven mentioned. Closing issue - it's all in the documentation.

Kashyapkrs commented 6 years ago

I am also facing the same error . Please help me out

Kashyapkrs commented 6 years ago

@jbremer

Please help me out.

2018-03-23 00:03:11,807 [cuckoo.core.scheduler] INFO: Task #27: acquired machine cuckoo (label=cuckoo) 2018-03-23 00:03:11,818 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 23395 (interface=vboxnet0, host=192.168.56.101) 2018-03-23 00:03:11,819 [cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer 2018-03-23 00:03:11,970 [cuckoo.machinery.virtualbox] DEBUG: Starting vm cuckoo 2018-03-23 00:03:12,195 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine cuckoo to fresh_state 2018-03-23 00:03:17,685 [cuckoo.core.guest] INFO: Starting analysis on guest (id=cuckoo, ip=192.168.56.101) 2018-03-23 00:03:18,693 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:19,702 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:20,708 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:20,756 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:22,764 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:23,774 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:24,785 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:24,820 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:26,832 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:27,840 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:28,850 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:28,884 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:30,896 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:31,906 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:32,915 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:32,948 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:34,960 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:35,969 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:36,978 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:37,016 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:39,027 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:40,037 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:41,050 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:41,076 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:43,086 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:44,101 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:45,108 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:45,140 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:47,152 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:48,160 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:49,168 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:49,204 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:51,211 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:52,218 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:53,228 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:53,268 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:55,279 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:56,291 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:57,302 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:57,332 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:03:59,342 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:00,351 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:01,359 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:01,396 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:03,407 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:04,414 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:05,425 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:05,460 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:07,471 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:08,481 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:09,488 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:09,526 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:11,542 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:12,548 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:13,556 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:13,620 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:15,628 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:16,635 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:17,653 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:17,684 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:19,692 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:20,700 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:21,712 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:21,748 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:23,761 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:24,771 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:25,776 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:25,812 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:27,820 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:28,829 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:29,847 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:29,880 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:31,888 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:32,895 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:33,913 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:33,940 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:35,955 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:36,974 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:37,986 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:38,008 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:40,030 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:41,050 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:42,060 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:42,100 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:44,112 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:45,127 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:46,133 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:46,164 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:48,175 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:49,200 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:50,220 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:51,246 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:52,260 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:53,268 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:53,300 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:55,319 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:56,342 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:57,365 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:57,396 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:04:59,412 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:00,436 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:01,469 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:02,476 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:03,504 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:04,519 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:04,532 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:06,553 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:07,564 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:08,593 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:08,628 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:10,639 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:11,649 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:12,659 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:12,692 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:14,699 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:15,709 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:16,718 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:16,756 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:18,766 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:19,774 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:20,783 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:20,820 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:22,831 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:23,841 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:24,849 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:24,884 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:26,893 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:27,900 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:28,908 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:28,948 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:30,958 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:31,969 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:32,982 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:33,012 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:35,023 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:36,033 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:37,043 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:37,076 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:39,086 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:40,096 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:41,106 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:41,140 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:43,150 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:44,160 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:45,170 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:45,204 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:47,214 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:48,225 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:49,236 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:49,272 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:51,282 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:52,293 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:53,303 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:53,332 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:55,345 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:56,355 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:57,363 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:57,396 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:05:59,407 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:00,417 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:01,426 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:01,460 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:03,472 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:04,482 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:05,492 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:05,524 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:07,534 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:08,544 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:09,554 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:09,588 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:11,599 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:12,608 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:13,616 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:13,652 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:15,663 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:16,672 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:17,682 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:17,716 [cuckoo.core.guest] DEBUG: cuckoo: not ready yet 2018-03-23 00:06:18,718 [cuckoo.core.scheduler] ERROR: Error from machine 'cuckoo': it appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to connect to the Guest. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2018-03-23 00:06:18,857 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer 2018-03-23 00:06:18,858 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm cuckoo 2018-03-23 00:06:20,462 [cuckoo.core.scheduler] DEBUG: Released database task #27 2018-03-23 00:06:20,580 [cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" for task #27 2018-03-23 00:06:20,581 [cuckoo.processing.behavior] WARNING: Analysis results folder does not exist at path '/home/kashyap/.cuckoo/storage/analyses/27/logs'. 2018-03-23 00:06:20,581 [cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" for task #27 2018-03-23 00:06:20,582 [cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" for task #27 2018-03-23 00:06:20,582 [cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" for task #27 2018-03-23 00:06:20,583 [cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" for task #27 2018-03-23 00:06:20,583 [cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" for task #27 2018-03-23 00:06:20,583 [cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" for task #27 2018-03-23 00:06:20,584 [cuckoo.core.plugins] DEBUG: Executed processing module "Screenshots" for task #27 2018-03-23 00:06:21,309 [cuckoo.core.plugins] DEBUG: Executed processing module "Static" for task #27 2018-03-23 00:06:21,464 [cuckoo.core.plugins] DEBUG: Executed processing module "Strings" for task #27 2018-03-23 00:06:21,557 [cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" for task #27 2018-03-23 00:06:21,588 [cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" for task #27 2018-03-23 00:06:21,589 [cuckoo.core.plugins] DEBUG: Executed processing module "Extracted" for task #27 2018-03-23 00:06:21,589 [cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" for task #27 2018-03-23 00:06:21,589 [cuckoo.processing.debug] ERROR: Error processing task #27: it appears that the Virtual Machine hasn't been able to contact back to the Cuckoo Host. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2018-03-23 00:06:21,699 [cuckoo.core.plugins] DEBUG: Executed processing module "Debug" for task #27 2018-03-23 00:06:21,700 [cuckoo.core.plugins] DEBUG: Running 0 signatures 2018-03-23 00:06:21,722 [cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump"

doomedraven commented 6 years ago

read my msgs plz and check documentation for that

Kashyapkrs commented 6 years ago

I placed the agent.py in startup folder of my windows virtual machine and my netstat -aon states the port is listening. But when I try to use curl :8000 command from my host. It states "curl: (7) Failed to connect to 192.168.56.101 port 80: No route to host"

doomedraven commented 6 years ago

now read your msgs and you have the response, why do you do curl to port 80 instead of 8000?

doomedraven commented 6 years ago

and if you ping port 8000 and don't get response, than you have networking problem so referer to the documentation