doomedraven
commented
6 years ago check links from error
Open 0ahd0 opened 6 years ago
doomedraven
commented
6 years ago check links from error
0ahd0
commented
6 years ago Actually I checked it and configured it but if you see it starting the analysis and the vm but getting this error
doomedraven
commented
6 years ago https://github.com/cuckoosandbox/cuckoo/pull/2132 pull request sometime is good source of fixes, try that
Thanks for creating an issue! But first: did you read our community guidelines? https://cuckoo.sh/docs/introduction/community.html
My issue is:
Cuckoo.txt that cuckoo starting the VM, analysis and sniffer then suddenly stops with an error
My Cuckoo version and operating system are:
Cuckoo Sandbox 2.0.6 CentOS Linux release 7.5.1804 (Core)
This can be reproduced by
The log, error, files etc can be found at:
[root@localhost conf]# cuckoo
//\ //\//\ //\ //\//\ //\ /_/\ \:::\/ \:\ \:\ \:::\/ \::.\ \ \ \::: \ \::: \ \ \:\ \ \:\ \:\ \:\ \ _\:: \/) \ \:\ \ \ \:\ \ \ \ \:\ \//\:\ \:\ \:\ \//\:. ( ( \:\ \ \ \:\ \ \ \ \:_\ \ \:_\:\ \:_\ \ \: \ ) \ \ \:_\ \ \:_\ \ \ _\/ _\/ _\/ _\/_\/ _\/ _____\/
Cuckoo Sandbox 2.0.6 www.cuckoosandbox.org Copyright (c) 2010-2018
Checking for updates... You're good to go!
Our latest blogposts:
Cuckoo Sandbox 2.0.6, June 07, 2018. Interim release awaiting the big release. More at https://cuckoosandbox.org/blog/206-interim-release
Cuckoo Sandbox 2.0.5: Office DDE, December 03, 2017. Brand new release based on a DDE case study. More at https://cuckoosandbox.org/blog/205-office-dde
Cuckoo Sandbox 2.0.4, September 06, 2017. Introducing Malware Configuration Extraction. More at https://cuckoosandbox.org/blog/cuckoo-sandbox-204
2018-07-25 17:26:08,959 [cuckoo] WARNING: It appears that you haven't loaded any Cuckoo Signatures. Signatures are highly recommended and improve & enrich the information extracted during an analysis. They also make up for the analysis score that you see in the Web Interface - so, pretty important! 2018-07-25 17:26:08,960 [cuckoo] WARNING: You'll be able to fetch all the latest Cuckoo Signaturs, Yara rules, and more goodies by running the following command: 2018-07-25 17:26:08,960 [cuckoo] INFO: $ cuckoo community 2018-07-25 17:26:08,961 [cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager 2018-07-25 17:26:09,477 [cuckoo.core.scheduler] INFO: Loaded 1 machine/s 2018-07-25 17:26:09,490 [cuckoo.core.scheduler] INFO: Waiting for analysis tasks. 2018-07-25 17:26:10,568 [cuckoo.core.scheduler] INFO: Starting analysis of FILE "cuckoo.exe" (task #5, options "procmemdump=yes,route=none") 2018-07-25 17:26:10,598 [cuckoo.core.scheduler] INFO: Task #5: acquired machine win7 (label=win7) 2018-07-25 17:26:10,618 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 6088 (interface=virbr0-nic, host=192.168.122.191) 2018-07-25 17:26:14,439 [cuckoo.core.guest] INFO: Starting analysis on guest (id=win7, ip=192.168.122.191) 2018-07-25 17:29:14,648 [cuckoo.core.scheduler] ERROR: Error from machine 'win7': it appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to connect to the Guest. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2018-07-25 17:29:16,012 [cuckoo.processing.behavior] WARNING: Analysis results folder does not exist at path '/root/.cuckoo/storage/analyses/5/logs'. 2018-07-25 17:29:16,768 [cuckoo.processing.debug] ERROR: Error processing task #5: it appears that the Virtual Machine hasn't been able to contact back to the Cuckoo Host. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2018-07-25 17:29:16,823 [cuckoo.core.plugins] WARNING: The reporting module "SingleFile" returned the following error: The weasyprint library hasn't been installed on your Operating System and as such we can't generate a PDF report for you. You can install 'weasyprint' manually by running 'pip install weasyprint' or by compiling and installing package yourself. 2018-07-25 17:29:16,852 [cuckoo.core.scheduler] INFO: Task #5: reports generation completed 2018-07-25 17:29:16,860 [cuckoo.core.scheduler] INFO: Task #5: analysis procedure completed 2018-07-26 09:49:01,687 [cuckoo.core.scheduler] INFO: Starting analysis of FILE "cuckoo.exe" (task #6, options "procmemdump=yes,route=none") 2018-07-26 09:49:01,752 [cuckoo.core.scheduler] INFO: Task #6: acquired machine win7 (label=win7) 2018-07-26 09:49:01,810 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 50652 (interface=virbr0-nic, host=192.168.122.191) 2018-07-26 09:49:02,710 [cuckoo.core.scheduler] ERROR: Error starting Virtual Machine! VM: win7, error: Trying to start an already started VM: win7 2018-07-26 09:49:03,973 [cuckoo.core.rooter] CRITICAL: Unable to passthrough root command (drop_disable) as the rooter unix socket doesn't exist. 2018-07-26 09:49:04,058 [cuckoo.processing.behavior] WARNING: Analysis results folder does not exist at path '/root/.cuckoo/storage/analyses/6/logs'. 2018-07-26 09:49:04,461 [cuckoo.processing.debug] ERROR: Error processing task #6: it appears that the Virtual Machine hasn't been able to contact back to the Cuckoo Host. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2018-07-26 09:49:04,591 [cuckoo.core.plugins] WARNING: The reporting module "SingleFile" returned the following error: The weasyprint library hasn't been installed on your Operating System and as such we can't generate a PDF report for you. You can install 'weasyprint' manually by running 'pip install weasyprint' or by compiling and installing package yourself. 2018-07-26 09:49:04,599 [cuckoo.core.scheduler] INFO: Task #6: reports generation completed 2018-07-26 09:49:04,619 [cuckoo.core.scheduler] INFO: Task #6: analysis procedure completed 2018-07-26 09:50:06,896 [cuckoo.core.scheduler] INFO: Starting analysis of FILE "cuckoo.exe" (task #7, options "procmemdump=yes,route=none") 2018-07-26 09:50:06,955 [cuckoo.core.scheduler] INFO: Task #7: acquired machine win7 (label=win7) 2018-07-26 09:50:06,965 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 50881 (interface=virbr0-nic, host=192.168.122.191) 2018-07-26 09:50:12,480 [cuckoo.core.guest] INFO: Starting analysis on guest (id=win7, ip=192.168.122.191) 2018-07-26 09:53:13,282 [cuckoo.core.scheduler] ERROR: Error from machine 'win7': it appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to connect to the Guest. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2018-07-26 09:53:13,464 [cuckoo.processing.behavior] WARNING: Analysis results folder does not exist at path '/root/.cuckoo/storage/analyses/7/logs'. 2018-07-26 09:53:14,070 [cuckoo.processing.debug] ERROR: Error processing task #7: it appears that the Virtual Machine hasn't been able to contact back to the Cuckoo Host. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2018-07-26 09:53:14,121 [cuckoo.core.plugins] WARNING: The reporting module "SingleFile" returned the following error: The weasyprint library hasn't been installed on your Operating System and as such we can't generate a PDF report for you. You can install 'weasyprint' manually by running 'pip install weasyprint' or by compiling and installing package yourself. 2018-07-26 09:53:14,133 [cuckoo.core.scheduler] INFO: Task #7: reports generation completed 2018-07-26 09:53:14,143 [cuckoo.core.scheduler] INFO: Task #7: analysis procedure completed 2018-07-26 09:54:55,786 [cuckoo.core.scheduler] INFO: Starting analysis of FILE "cuckoo.exe" (task #8, options "procmemdump=yes,route=none") 2018-07-26 09:54:58,325 [cuckoo.core.scheduler] INFO: Task #8: acquired machine win7 (label=win7) 2018-07-26 09:54:58,330 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 51403 (interface=virbr0-nic, host=192.168.122.191) 2018-07-26 09:55:01,986 [cuckoo.core.guest] INFO: Starting analysis on guest (id=win7, ip=192.168.122.191) 2018-07-26 09:58:02,597 [cuckoo.core.scheduler] ERROR: Error from machine 'win7': it appears that this Virtual Machine hasn't been configured properly as the Cuckoo Host wasn't able to connect to the Guest. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2018-07-26 09:58:03,866 [cuckoo.processing.behavior] WARNING: Analysis results folder does not exist at path '/root/.cuckoo/storage/analyses/8/logs'. 2018-07-26 09:58:04,772 [cuckoo.processing.debug] ERROR: Error processing task #8: it appears that the Virtual Machine hasn't been able to contact back to the Cuckoo Host. There could be a few reasons for this, please refer to our documentation on the matter: https://cuckoo.sh/docs/faq/index.html#troubleshooting-vm-network-configuration 2018-07-26 09:58:04,826 [cuckoo.core.plugins] WARNING: The reporting module "SingleFile" returned the following error: The weasyprint library hasn't been installed on your Operating System and as such we can't generate a PDF report for you. You can install 'weasyprint' manually by running 'pip install weasyprint' or by compiling and installing package yourself. 2018-07-26 09:58:04,835 [cuckoo.core.scheduler] INFO: Task #8: reports generation completed 2018-07-26 09:58:04,843 [cuckoo.core.scheduler] INFO: Task #8: analysis procedure completed