cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.56k stars 1.71k forks source link

LINUX platform wget error #746

Open aspel opened 8 years ago

aspel commented 8 years ago

Cuckoo Sandbox 2.0-rc1 www.cuckoosandbox.org Copyright (c) 2010-2015

Checking for updates... Good! You have the latest version available.

2016-02-02 17:38:20,404 [lib.cuckoo.core.scheduler] INFO: Using "qemu" as machine manager 2016-02-02 17:38:20,927 [lib.cuckoo.core.scheduler] INFO: Loaded 2 machine/s 2016-02-02 17:38:20,938 [lib.cuckoo.core.scheduler] WARNING: As you've configured Cuckoo to execute parallel analyses, we recommend you to switch to a MySQL ora PostgreSQL database as SQLite might cause some issues. 2016-02-02 17:38:20,959 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks. 2016-02-02 17:52:50,692 [lib.cuckoo.core.scheduler] INFO: Starting analysis of URL "http://xxxx/Hd4D6v72AQREm7JlD" (task #7, options "route=none") 2016-02-02 17:52:50,814 [lib.cuckoo.core.scheduler] INFO: Task #7: acquired machine vm1 (label=vm1) 2016-02-02 17:52:50,823 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 8975 (interface=eth0, host=192.168.0.11, pcap=/opt/cuckoo/storage/analyses/7/dump.pcap) dropped privs to root tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 2016-02-02 17:52:51,841 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=vm1, ip=192.168.0.11) 2016-02-02 17:58:10,767 [lib.cuckoo.core.scheduler] ERROR: Analysis failed: Unable to import package "modules.packages.wget", does not exist. 0 packets captured 2 packets received by filter 0 packets dropped by kernel

2016-02-02 17:52:50,032 [root] DEBUG: Starting analyzer from: /wvcbmjdypq 2016-02-02 17:52:50,041 [root] DEBUG: Storing results at: /tmp/DDKRessJSC 2016-02-02 17:52:50,053 [root] DEBUG: No analysis package specified, trying to detect it automagically. 2016-02-02 17:52:50,058 [root] INFO: Automatically selected analysis package "wget" 2016-02-02 17:52:50,078 [root] ERROR: Traceback (most recent call last): File "/wvcbmjdypq/analyzer.py", line 342, in success = analyzer.run() File "/wvcbmjdypq/analyzer.py", line 134, in run "not exist.".format(package_name)) CuckooError: Unable to import package "modules.packages.wget", does not exist. Traceback (most recent call last): File "/wvcbmjdypq/analyzer.py", line 342, in success = analyzer.run() File "/wvcbmjdypq/analyzer.py", line 134, in run "not exist.".format(package_name)) CuckooError: Unable to import package "modules.packages.wget", does not exist.

jbremer commented 8 years ago

Hmm.. didn't even know we had a wget analysis package for Linux. @rep do you mind committing that one? ;-)

botherder commented 8 years ago

Yeah, indeed, @rep. https://github.com/cuckoosandbox/cuckoo/blob/master/analyzer/linux/analyzer.py#L112

jbremer commented 8 years ago

What kind of an analysis target is wget anyway. Perhaps we could come up with something better instead. @aspel When you submit a URL to a Linux VM, what do you expect the VM to do with it anyway? What are you trying to analyze here?