search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.56k stars 1.71k forks source link

WebUI issue #810

Closed yujiaxinlong closed 7 years ago

yujiaxinlong commented 8 years ago

met trouble when visiting page of analyzed file in webUI

I saw similar problem in #736 I also met [modules.processing.network] ERROR: Failed to process packet: 'type' Traceback (most recent call last): and https://github.com/cuckoosandbox/cuckoo/commit/ff06882db68058797aebcb7d3f24d01e8b24f48f fixed it, but not the webUI problem error message:

Error during template rendering

In template /home/yu/cuckoo/web/templates/analysis/network/_dns.html, error at line 14 Reverse for 'analysis.views.moloch' with arguments '()' and keyword arguments '{u'host': u'yujia-VirtualBox [08:00:27:5a:13:07]._workstation._tcp.local'}' not found. 1 pattern(s) tried: ['analysis/moloch/(?P<ip>[\\d\\.]+)?/(?P<host>[a-zA-Z0-9-\\.]+)?/(?P<src_ip>[a-zA-Z0-9\\.]+)?/(?P<src_port>\\d+|None)?/(?P<dst_ip>[a-zA-Z0-9\\.]+)?/(?P<dst_port>\\d+|None)?/(?P<sid>\\d+)?']

ramirez3805 commented 7 years ago

mario@mario-desktop:~/cuckoo$ python cuckoo.py -d

eeee e e eeee e e eeeee eeeee 8 8 8 8 8 8 8 8 8 88 8 88 8e 8e 8 8e 8eee8e 8 8 8 8 88 88 8 88 88 8 8 8 8 8 88e8 88ee8 88e8 88 8 8eee8 8eee8

Cuckoo Sandbox 2.0-dev www.cuckoosandbox.org Copyright (c) 2010-2015

2016-12-05 11:57:50,846 [root] DEBUG: Importing modules... 2016-12-05 11:57:51,138 [root] DEBUG: Imported "signatures" modules: 2016-12-05 11:57:51,139 [root] DEBUG: |-- CreatesExe 2016-12-05 11:57:51,139 [root] DEBUG: -- SystemMetrics 2016-12-05 11:57:51,139 [root] DEBUG: Imported "processing" modules: 2016-12-05 11:57:51,140 [root] DEBUG: |-- AnalysisInfo 2016-12-05 11:57:51,140 [root] DEBUG: |-- MetaInfo 2016-12-05 11:57:51,140 [root] DEBUG: |-- ApkInfo 2016-12-05 11:57:51,140 [root] DEBUG: |-- Baseline 2016-12-05 11:57:51,140 [root] DEBUG: |-- BehaviorAnalysis 2016-12-05 11:57:51,140 [root] DEBUG: |-- DroppedBuffer 2016-12-05 11:57:51,140 [root] DEBUG: |-- Debug 2016-12-05 11:57:51,140 [root] DEBUG: |-- Droidmon 2016-12-05 11:57:51,141 [root] DEBUG: |-- Dropped 2016-12-05 11:57:51,141 [root] DEBUG: |-- TLSMasterSecrets 2016-12-05 11:57:51,141 [root] DEBUG: |-- GooglePlay 2016-12-05 11:57:51,141 [root] DEBUG: |-- Irma 2016-12-05 11:57:51,141 [root] DEBUG: |-- Memory 2016-12-05 11:57:51,141 [root] DEBUG: |-- MISP 2016-12-05 11:57:51,141 [root] DEBUG: |-- NetworkAnalysis 2016-12-05 11:57:51,141 [root] DEBUG: |-- ProcessMemory 2016-12-05 11:57:51,142 [root] DEBUG: |-- Procmon 2016-12-05 11:57:51,142 [root] DEBUG: |-- Screenshots 2016-12-05 11:57:51,142 [root] DEBUG: |-- Snort 2016-12-05 11:57:51,142 [root] DEBUG: |-- Static 2016-12-05 11:57:51,142 [root] DEBUG: |-- Strings 2016-12-05 11:57:51,142 [root] DEBUG: |-- Suricata 2016-12-05 11:57:51,142 [root] DEBUG: |-- TargetInfo 2016-12-05 11:57:51,142 [root] DEBUG:-- VirusTotal 2016-12-05 11:57:51,143 [root] DEBUG: Imported "auxiliary" modules: 2016-12-05 11:57:51,143 [root] DEBUG: |-- MITM 2016-12-05 11:57:51,143 [root] DEBUG: |-- Reboot 2016-12-05 11:57:51,143 [root] DEBUG: |-- Services 2016-12-05 11:57:51,143 [root] DEBUG: -- Sniffer 2016-12-05 11:57:51,143 [root] DEBUG: Imported "reporting" modules: 2016-12-05 11:57:51,143 [root] DEBUG: |-- ElasticSearch 2016-12-05 11:57:51,143 [root] DEBUG: |-- JsonDump 2016-12-05 11:57:51,143 [root] DEBUG: |-- Mattermost 2016-12-05 11:57:51,144 [root] DEBUG: |-- Moloch 2016-12-05 11:57:51,144 [root] DEBUG: |-- MongoDB 2016-12-05 11:57:51,144 [root] DEBUG: |-- Notification 2016-12-05 11:57:51,144 [root] DEBUG:-- ReportHTML 2016-12-05 11:57:51,144 [root] DEBUG: Imported "machinery" modules: 2016-12-05 11:57:51,144 [root] DEBUG: -- VirtualBox 2016-12-05 11:57:51,146 [root] DEBUG: Checking for locked tasks.. 2016-12-05 11:57:51,157 [root] DEBUG: Checking for pending service tasks.. 2016-12-05 11:57:51,166 [root] DEBUG: Initializing Yara... 2016-12-05 11:57:51,166 [root] DEBUG: |-- index_binaries.yar 2016-12-05 11:57:51,166 [root] DEBUG:-- index_memory.yar 2016-12-05 11:57:51,171 [lib.cuckoo.core.resultserver] WARNING: Cannot bind ResultServer on port 2042, trying another port. 2016-12-05 11:57:51,171 [lib.cuckoo.core.resultserver] DEBUG: ResultServer running on 192.168.56.1:2043. 2016-12-05 11:57:51,172 [lib.cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager 2016-12-05 11:57:51,625 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu 2016-12-05 11:57:51,709 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running 2016-12-05 11:57:51,838 [modules.machinery.virtualbox] DEBUG: Stopping vm Ubuntu 2016-12-05 11:57:51,839 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu 2016-12-05 11:57:51,970 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running 2016-12-05 11:57:53,089 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu 2016-12-05 11:57:53,187 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff 2016-12-05 11:57:53,317 [lib.cuckoo.core.scheduler] INFO: Loaded 1 machine/s 2016-12-05 11:57:53,330 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks. 2016-12-05 11:58:03,712 [lib.cuckoo.core.scheduler] DEBUG: Processing task #7 2016-12-05 11:58:03,727 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda" (task #7, options "") 2016-12-05 11:58:03,746 [lib.cuckoo.core.scheduler] INFO: File already exists at "/home/mario/cuckoo/storage/binaries/519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda" 2016-12-05 11:58:03,892 [lib.cuckoo.core.scheduler] INFO: Task #7: acquired machine Ubuntu (label=Ubuntu) 2016-12-05 11:58:03,904 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 11844 (interface=vboxnet0, host=192.168.56.101, pcap=/home/mario/cuckoo/storage/analyses/7/dump.pcap) 2016-12-05 11:58:03,905 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer 2016-12-05 11:58:04,069 [modules.machinery.virtualbox] DEBUG: Starting vm Ubuntu 2016-12-05 11:58:04,070 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu 2016-12-05 11:58:04,156 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff 2016-12-05 11:58:04,315 [modules.machinery.virtualbox] DEBUG: Using current snapshot for virtual machine Ubuntu 2016-12-05 11:58:04,802 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu 2016-12-05 11:58:04,872 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status saved 2016-12-05 11:58:09,865 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu 2016-12-05 11:58:09,930 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running 2016-12-05 11:58:10,283 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=Ubuntu, ip=192.168.56.101) 2016-12-05 11:58:11,295 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet 2016-12-05 11:58:12,302 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet 2016-12-05 11:58:13,309 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet 2016-12-05 11:58:14,316 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet 2016-12-05 11:58:15,322 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet 2016-12-05 11:58:16,330 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet 2016-12-05 11:58:17,353 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for status 0x0001 2016-12-05 11:58:17,363 [lib.cuckoo.core.guest] DEBUG: Ubuntu: status ready 2016-12-05 11:58:17,367 [lib.cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=Ubuntu, ip=192.168.56.101, monitor=latest, size=35210) 2016-12-05 11:58:17,386 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analyzer started with PID 3723 2016-12-05 11:58:17,423 [lib.cuckoo.core.resultserver] DEBUG: LogHandler for live analysis.log initialized. 2016-12-05 11:58:17,539 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for completion 2016-12-05 11:58:18,546 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2) 2016-12-05 11:58:19,472 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/strace.stderr 2016-12-05 11:58:19,473 [lib.cuckoo.core.resultserver] DEBUG: Uploaded file length: 289 2016-12-05 11:58:19,474 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/all.lkm 2016-12-05 11:58:19,555 [lib.cuckoo.core.guest] INFO: Ubuntu: analysis completed successfully 2016-12-05 11:58:19,718 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer 2016-12-05 11:58:19,719 [modules.machinery.virtualbox] DEBUG: Stopping vm Ubuntu 2016-12-05 11:58:19,719 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu 2016-12-05 11:58:19,822 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running 2016-12-05 11:58:20,936 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu 2016-12-05 11:58:21,020 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff 2016-12-05 11:58:21,736 [lib.cuckoo.core.scheduler] DEBUG: Released database task #7 2016-12-05 11:58:21,760 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,761 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,763 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,763 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,765 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Debug" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,766 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,766 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,766 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,767 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Static" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,768 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Strings" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,773 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:21,776 [modules.processing.network] DEBUG: Whitelisting Disabled. 2016-12-05 11:58:27,659 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:27,659 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" on analysis at "/home/mario/cuckoo/storage/analyses/7" 2016-12-05 11:58:27,659 [lib.cuckoo.core.plugins] DEBUG: Running 0 signatures 2016-12-05 11:58:27,664 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump" 2016-12-05 11:58:27,696 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "MongoDB" 2016-12-05 11:58:27,697 [lib.cuckoo.core.scheduler] INFO: Task #7: reports generation completed (path=/home/mario/cuckoo/storage/analyses/7) 2016-12-05 11:58:27,890 [lib.cuckoo.core.scheduler] INFO: Task #7: analysis procedure completed

doomedraven commented 7 years ago

repost it using https://github.com/adam-p/markdown-here/wiki/Markdown-Cheatsheet#code-and-syntax-highlighting

doomedraven commented 7 years ago

btw 2016-12-05 11:57:51,171 [lib.cuckoo.core.resultserver] WARNING: Cannot bind ResultServer on port 2042, trying another port.

what listening on that port?

ramirez3805 commented 7 years ago

I am so confused to what all that is saying lol wow. I have no idea what it's supposed to look like, do you have an example?

doomedraven commented 7 years ago

is use code escape -> before and after code block use this ```

you will get result as 

here your code

and what about result server port 2042?

ramirez3805 commented 7 years ago

image

ramirez3805 commented 7 years ago

mario@mario-desktop:~/cuckoo$ python cuckoo.py -d

doomedraven commented 7 years ago

is not ' is `

probably you have another instance somewhere started, so kill port with fuser or any other command and start for new

ramirez3805 commented 7 years ago

Okay, I did, now this is the log because same thing happened


2016-12-05 13:40:52,148 [root] DEBUG: Imported "signatures" modules:
2016-12-05 13:40:52,149 [root] DEBUG:    |-- CreatesExe
2016-12-05 13:40:52,149 [root] DEBUG:    `-- SystemMetrics
2016-12-05 13:40:52,149 [root] DEBUG: Imported "processing" modules:
2016-12-05 13:40:52,149 [root] DEBUG:    |-- AnalysisInfo
2016-12-05 13:40:52,149 [root] DEBUG:    |-- MetaInfo
2016-12-05 13:40:52,149 [root] DEBUG:    |-- ApkInfo
2016-12-05 13:40:52,149 [root] DEBUG:    |-- Baseline
2016-12-05 13:40:52,149 [root] DEBUG:    |-- BehaviorAnalysis
2016-12-05 13:40:52,150 [root] DEBUG:    |-- DroppedBuffer
2016-12-05 13:40:52,150 [root] DEBUG:    |-- Debug
2016-12-05 13:40:52,150 [root] DEBUG:    |-- Droidmon
2016-12-05 13:40:52,150 [root] DEBUG:    |-- Dropped
2016-12-05 13:40:52,150 [root] DEBUG:    |-- TLSMasterSecrets
2016-12-05 13:40:52,150 [root] DEBUG:    |-- GooglePlay
2016-12-05 13:40:52,150 [root] DEBUG:    |-- Irma
2016-12-05 13:40:52,150 [root] DEBUG:    |-- Memory
2016-12-05 13:40:52,151 [root] DEBUG:    |-- MISP
2016-12-05 13:40:52,151 [root] DEBUG:    |-- NetworkAnalysis
2016-12-05 13:40:52,151 [root] DEBUG:    |-- ProcessMemory
2016-12-05 13:40:52,151 [root] DEBUG:    |-- Procmon
2016-12-05 13:40:52,151 [root] DEBUG:    |-- Screenshots
2016-12-05 13:40:52,151 [root] DEBUG:    |-- Snort
2016-12-05 13:40:52,151 [root] DEBUG:    |-- Static
2016-12-05 13:40:52,151 [root] DEBUG:    |-- Strings
2016-12-05 13:40:52,151 [root] DEBUG:    |-- Suricata
2016-12-05 13:40:52,152 [root] DEBUG:    |-- TargetInfo
2016-12-05 13:40:52,152 [root] DEBUG:    `-- VirusTotal
2016-12-05 13:40:52,152 [root] DEBUG: Imported "auxiliary" modules:
2016-12-05 13:40:52,152 [root] DEBUG:    |-- MITM
2016-12-05 13:40:52,152 [root] DEBUG:    |-- Reboot
2016-12-05 13:40:52,152 [root] DEBUG:    |-- Services
2016-12-05 13:40:52,152 [root] DEBUG:    `-- Sniffer
2016-12-05 13:40:52,153 [root] DEBUG: Imported "reporting" modules:
2016-12-05 13:40:52,153 [root] DEBUG:    |-- ElasticSearch
2016-12-05 13:40:52,153 [root] DEBUG:    |-- JsonDump
2016-12-05 13:40:52,153 [root] DEBUG:    |-- Mattermost
2016-12-05 13:40:52,153 [root] DEBUG:    |-- Moloch
2016-12-05 13:40:52,153 [root] DEBUG:    |-- MongoDB
2016-12-05 13:40:52,153 [root] DEBUG:    |-- Notification
2016-12-05 13:40:52,153 [root] DEBUG:    `-- ReportHTML
2016-12-05 13:40:52,153 [root] DEBUG: Imported "machinery" modules:
2016-12-05 13:40:52,154 [root] DEBUG:    `-- VirtualBox
2016-12-05 13:40:52,155 [root] DEBUG: Checking for locked tasks..
2016-12-05 13:40:52,167 [root] DEBUG: Checking for pending service tasks..
2016-12-05 13:40:52,176 [root] DEBUG: Initializing Yara...
2016-12-05 13:40:52,177 [root] DEBUG:    |-- index_binaries.yar
2016-12-05 13:40:52,177 [root] DEBUG:    `-- index_memory.yar
2016-12-05 13:40:52,181 [lib.cuckoo.core.resultserver] DEBUG: ResultServer running on 192.168.56.1:2042.
2016-12-05 13:40:52,183 [lib.cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager
2016-12-05 13:40:52,681 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-05 13:40:52,790 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-05 13:40:52,908 [modules.machinery.virtualbox] DEBUG: Stopping vm Ubuntu
2016-12-05 13:40:52,908 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-05 13:40:52,989 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-05 13:40:54,115 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-05 13:40:54,222 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-05 13:40:54,392 [lib.cuckoo.core.scheduler] INFO: Loaded 1 machine/s
2016-12-05 13:40:54,405 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks.
2016-12-05 13:40:59,690 [lib.cuckoo.core.scheduler] DEBUG: Processing task #8
2016-12-05 13:40:59,707 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda" (task #8, options "")
2016-12-05 13:40:59,732 [lib.cuckoo.core.scheduler] INFO: File already exists at "/home/mario/cuckoo/storage/binaries/519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda"
2016-12-05 13:40:59,845 [lib.cuckoo.core.scheduler] INFO: Task #8: acquired machine Ubuntu (label=Ubuntu)
2016-12-05 13:40:59,859 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 12688 (interface=vboxnet0, host=192.168.56.101, pcap=/home/mario/cuckoo/storage/analyses/8/dump.pcap)
2016-12-05 13:40:59,860 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer
2016-12-05 13:40:59,995 [modules.machinery.virtualbox] DEBUG: Starting vm Ubuntu
2016-12-05 13:40:59,995 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-05 13:41:00,083 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-05 13:41:00,240 [modules.machinery.virtualbox] DEBUG: Using current snapshot for virtual machine Ubuntu
2016-12-05 13:41:00,694 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-05 13:41:00,757 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status saved
2016-12-05 13:41:05,736 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-05 13:41:05,817 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-05 13:41:06,243 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=Ubuntu, ip=192.168.56.101)
2016-12-05 13:41:07,250 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-05 13:41:08,257 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-05 13:41:09,246 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-05 13:41:11,253 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-05 13:41:12,260 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-05 13:41:13,250 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-05 13:41:14,274 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for status 0x0001
2016-12-05 13:41:14,283 [lib.cuckoo.core.guest] DEBUG: Ubuntu: status ready
2016-12-05 13:41:14,289 [lib.cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=Ubuntu, ip=192.168.56.101, monitor=latest, size=35210)
2016-12-05 13:41:14,311 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analyzer started with PID 3773
2016-12-05 13:41:14,349 [lib.cuckoo.core.resultserver] DEBUG: LogHandler for live analysis.log initialized.
2016-12-05 13:41:14,475 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for completion
2016-12-05 13:41:15,483 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-05 13:41:16,399 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/strace.stderr
2016-12-05 13:41:16,400 [lib.cuckoo.core.resultserver] DEBUG: Uploaded file length: 289
2016-12-05 13:41:16,401 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/all.lkm
2016-12-05 13:41:16,492 [lib.cuckoo.core.guest] INFO: Ubuntu: analysis completed successfully
2016-12-05 13:41:16,654 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2016-12-05 13:41:16,655 [modules.machinery.virtualbox] DEBUG: Stopping vm Ubuntu
2016-12-05 13:41:16,655 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-05 13:41:16,740 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-05 13:41:17,891 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-05 13:41:17,977 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-05 13:41:18,656 [lib.cuckoo.core.scheduler] DEBUG: Released database task #8
2016-12-05 13:41:18,713 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,714 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,715 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,716 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,718 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Debug" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,718 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,719 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,719 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,719 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Static" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,721 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Strings" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,726 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:18,730 [modules.processing.network] DEBUG: Whitelisting Disabled.
2016-12-05 13:41:24,109 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:24,109 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" on analysis at "/home/mario/cuckoo/storage/analyses/8"
2016-12-05 13:41:24,109 [lib.cuckoo.core.plugins] DEBUG: Running 0 signatures
2016-12-05 13:41:24,114 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump"
2016-12-05 13:41:24,127 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "MongoDB"
2016-12-05 13:41:24,128 [lib.cuckoo.core.scheduler] INFO: Task #8: reports generation completed (path=/home/mario/cuckoo/storage/analyses/8)
2016-12-05 13:41:24,313 [lib.cuckoo.core.scheduler] INFO: Task #8: analysis procedure completed```
doomedraven commented 7 years ago

you didn't used ``` escape but now at least port is used correctly

ramirez3805 commented 7 years ago

Just fixed it, now I understand. So, good. Port is good, now what can it be?

doomedraven commented 7 years ago

File upload request for logs/strace.stderr <- probably you have some strace errors

doomedraven commented 7 years ago

can you post logs/strace.stderr?

ramirez3805 commented 7 years ago 

Could not attach to process.  If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user.  For more details, see /etc/sysctl.d/10-ptrace.conf
doomedraven commented 7 years ago

Are you sure what agent started with root privs?

El 6 dic 2016, a las 16:41, ramirez3805 notifications@github.com escribió:

Could not attach to process. If your uid matches the uid of the target process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try again as the root user. For more details, see /etc/sysctl.d/10-ptrace.conf``` — You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

ramirez3805 commented 7 years ago

I never run anything as root, I thought we weren't supposed to.... either way, I ran everything as root, it opens the VM and actually doesn't shutdown as fast as before but it seems like nothing is happening, here is the code

2016-12-06 11:19:28,791 [root] DEBUG: Imported "signatures" modules:
2016-12-06 11:19:28,792 [root] DEBUG:    |-- CreatesExe
2016-12-06 11:19:28,792 [root] DEBUG:    `-- SystemMetrics
2016-12-06 11:19:28,792 [root] DEBUG: Imported "processing" modules:
2016-12-06 11:19:28,792 [root] DEBUG:    |-- AnalysisInfo
2016-12-06 11:19:28,792 [root] DEBUG:    |-- MetaInfo
2016-12-06 11:19:28,792 [root] DEBUG:    |-- ApkInfo
2016-12-06 11:19:28,792 [root] DEBUG:    |-- Baseline
2016-12-06 11:19:28,792 [root] DEBUG:    |-- BehaviorAnalysis
2016-12-06 11:19:28,793 [root] DEBUG:    |-- DroppedBuffer
2016-12-06 11:19:28,793 [root] DEBUG:    |-- Debug
2016-12-06 11:19:28,793 [root] DEBUG:    |-- Droidmon
2016-12-06 11:19:28,793 [root] DEBUG:    |-- Dropped
2016-12-06 11:19:28,793 [root] DEBUG:    |-- TLSMasterSecrets
2016-12-06 11:19:28,793 [root] DEBUG:    |-- GooglePlay
2016-12-06 11:19:28,793 [root] DEBUG:    |-- Irma
2016-12-06 11:19:28,793 [root] DEBUG:    |-- Memory
2016-12-06 11:19:28,793 [root] DEBUG:    |-- MISP
2016-12-06 11:19:28,794 [root] DEBUG:    |-- NetworkAnalysis
2016-12-06 11:19:28,794 [root] DEBUG:    |-- ProcessMemory
2016-12-06 11:19:28,794 [root] DEBUG:    |-- Procmon
2016-12-06 11:19:28,794 [root] DEBUG:    |-- Screenshots
2016-12-06 11:19:28,794 [root] DEBUG:    |-- Snort
2016-12-06 11:19:28,794 [root] DEBUG:    |-- Static
2016-12-06 11:19:28,794 [root] DEBUG:    |-- Strings
2016-12-06 11:19:28,794 [root] DEBUG:    |-- Suricata
2016-12-06 11:19:28,795 [root] DEBUG:    |-- TargetInfo
2016-12-06 11:19:28,795 [root] DEBUG:    `-- VirusTotal
2016-12-06 11:19:28,795 [root] DEBUG: Imported "auxiliary" modules:
2016-12-06 11:19:28,795 [root] DEBUG:    |-- MITM
2016-12-06 11:19:28,795 [root] DEBUG:    |-- Reboot
2016-12-06 11:19:28,795 [root] DEBUG:    |-- Services
2016-12-06 11:19:28,795 [root] DEBUG:    `-- Sniffer
2016-12-06 11:19:28,795 [root] DEBUG: Imported "reporting" modules:
2016-12-06 11:19:28,796 [root] DEBUG:    |-- ElasticSearch
2016-12-06 11:19:28,796 [root] DEBUG:    |-- JsonDump
2016-12-06 11:19:28,796 [root] DEBUG:    |-- Mattermost
2016-12-06 11:19:28,796 [root] DEBUG:    |-- Moloch
2016-12-06 11:19:28,796 [root] DEBUG:    |-- MongoDB
2016-12-06 11:19:28,796 [root] DEBUG:    |-- Notification
2016-12-06 11:19:28,796 [root] DEBUG:    `-- ReportHTML
2016-12-06 11:19:28,796 [root] DEBUG: Imported "machinery" modules:
2016-12-06 11:19:28,797 [root] DEBUG:    `-- VirtualBox
2016-12-06 11:19:28,798 [root] DEBUG: Checking for locked tasks..
2016-12-06 11:19:28,809 [root] DEBUG: Checking for pending service tasks..
2016-12-06 11:19:28,818 [root] DEBUG: Initializing Yara...
2016-12-06 11:19:28,819 [root] DEBUG:    |-- index_binaries.yar
2016-12-06 11:19:28,819 [root] DEBUG:    `-- index_memory.yar
2016-12-06 11:19:28,824 [lib.cuckoo.core.resultserver] DEBUG: ResultServer running on 192.168.56.1:2042.
2016-12-06 11:19:28,825 [lib.cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager
2016-12-06 11:19:29,315 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 11:19:29,389 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-06 11:19:29,537 [lib.cuckoo.core.scheduler] INFO: Loaded 1 machine/s
2016-12-06 11:19:29,549 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks.
2016-12-06 11:19:34,823 [lib.cuckoo.core.scheduler] DEBUG: Processing task #10
2016-12-06 11:19:34,835 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda" (task #10, options "")
2016-12-06 11:19:34,858 [lib.cuckoo.core.scheduler] INFO: File already exists at "/home/mario/cuckoo/storage/binaries/519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda"
2016-12-06 11:19:34,982 [lib.cuckoo.core.scheduler] INFO: Task #10: acquired machine Ubuntu (label=Ubuntu)
2016-12-06 11:19:34,995 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 15011 (interface=vboxnet0, host=192.168.56.101, pcap=/home/mario/cuckoo/storage/analyses/10/dump.pcap)
2016-12-06 11:19:34,995 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer
2016-12-06 11:19:35,150 [modules.machinery.virtualbox] DEBUG: Starting vm Ubuntu
2016-12-06 11:19:35,151 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 11:19:35,251 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-06 11:19:35,395 [modules.machinery.virtualbox] DEBUG: Using current snapshot for virtual machine Ubuntu
2016-12-06 11:19:35,627 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 11:19:35,696 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status saved
2016-12-06 11:19:38,513 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 11:19:38,588 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-06 11:19:39,015 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=Ubuntu, ip=192.168.56.101)
2016-12-06 11:19:40,023 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:41,030 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:42,022 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:44,030 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:45,038 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:46,026 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:48,033 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:49,040 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:50,030 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:52,040 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:53,055 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:54,034 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:56,042 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:57,050 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:19:58,038 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:00,049 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:01,056 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:02,046 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:04,054 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:05,061 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:06,050 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:08,058 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:09,065 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:10,054 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:12,062 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:13,066 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:14,062 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:16,069 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:17,076 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:18,066 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:20,071 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:21,074 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:22,070 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:24,075 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:25,080 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:26,074 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:28,082 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:29,090 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:30,078 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:32,083 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:33,093 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:34,078 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:36,088 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:37,095 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:38,086 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:40,093 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:41,100 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:42,090 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:44,098 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:45,105 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:46,098 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:48,107 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:49,115 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:50,106 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:52,114 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:53,121 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:54,110 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:56,119 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:57,126 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:20:58,118 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:00,126 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:01,130 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:02,126 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:04,131 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:05,138 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:06,130 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:08,138 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:09,145 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:10,134 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:12,139 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:13,146 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:14,138 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:16,146 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:17,153 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:18,142 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:20,150 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:21,157 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:22,146 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:24,150 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:25,160 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:26,150 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:28,157 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:29,164 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:30,154 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:32,162 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:33,169 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:34,158 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:36,166 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:37,172 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:38,162 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:40,176 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:41,188 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:42,170 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:44,179 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:45,186 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:46,178 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:48,184 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:49,191 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:50,182 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:52,190 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:53,196 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:54,186 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:56,194 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:57,201 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:21:58,190 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:00,195 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:01,202 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:02,194 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:04,202 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:05,209 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:06,198 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:08,203 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:09,208 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:10,202 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:12,210 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:13,217 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:14,206 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:16,213 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:17,217 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:18,210 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:20,218 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:21,221 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:22,214 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:24,222 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:25,229 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:26,218 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:28,225 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:29,232 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:30,222 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:32,230 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:33,236 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:34,226 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:36,233 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:37,241 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:38,230 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 11:22:39,231 [lib.cuckoo.core.scheduler] ERROR: Error from the Cuckoo Guest: Ubuntu: the guest initialization hit the critical timeout, analysis aborted.
2016-12-06 11:22:39,366 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2016-12-06 11:22:39,367 [modules.machinery.virtualbox] DEBUG: Stopping vm Ubuntu
2016-12-06 11:22:39,367 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 11:22:39,478 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-06 11:22:40,632 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 11:22:40,744 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-06 11:22:41,259 [lib.cuckoo.core.scheduler] DEBUG: Released database task #10
2016-12-06 11:22:41,283 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,283 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,284 [modules.processing.behavior] WARNING: Analysis results folder does not exist at path '/home/mario/cuckoo/storage/analyses/10/logs'.
2016-12-06 11:22:41,285 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,285 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,287 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Debug" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,287 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,288 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,288 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,288 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Static" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,290 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Strings" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,295 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,295 [modules.processing.network] DEBUG: Whitelisting Disabled.
2016-12-06 11:22:41,296 [modules.processing.network] ERROR: Unable to open /home/mario/cuckoo/storage/analyses/10/dump_sorted.pcap
2016-12-06 11:22:41,296 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,296 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-06 11:22:41,296 [lib.cuckoo.core.plugins] DEBUG: Running 0 signatures
2016-12-06 11:22:41,304 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump"
2016-12-06 11:22:41,312 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "MongoDB"
2016-12-06 11:22:41,312 [lib.cuckoo.core.scheduler] INFO: Task #10: reports generation completed (path=/home/mario/cuckoo/storage/analyses/10)
2016-12-06 11:22:41,485 [lib.cuckoo.core.scheduler] INFO: Task #10: analysis procedure completed
doomedraven commented 7 years ago

inside of vm

doomedraven commented 7 years ago

https://github.com/cuckoosandbox/cuckoo/issues/810#issuecomment-264306775

ramirez3805 commented 7 years ago

Oh! If the agent is run at root! Let me check that. Thanks.

ramirez3805 commented 7 years ago

So I fixed that issue and now this is what we have. I feel it though, we are so close!

2016-12-06 12:16:50,150 [root] DEBUG: Imported "signatures" modules:
2016-12-06 12:16:50,150 [root] DEBUG:    |-- CreatesExe
2016-12-06 12:16:50,150 [root] DEBUG:    `-- SystemMetrics
2016-12-06 12:16:50,150 [root] DEBUG: Imported "processing" modules:
2016-12-06 12:16:50,150 [root] DEBUG:    |-- AnalysisInfo
2016-12-06 12:16:50,150 [root] DEBUG:    |-- MetaInfo
2016-12-06 12:16:50,150 [root] DEBUG:    |-- ApkInfo
2016-12-06 12:16:50,151 [root] DEBUG:    |-- Baseline
2016-12-06 12:16:50,151 [root] DEBUG:    |-- BehaviorAnalysis
2016-12-06 12:16:50,151 [root] DEBUG:    |-- DroppedBuffer
2016-12-06 12:16:50,151 [root] DEBUG:    |-- Debug
2016-12-06 12:16:50,151 [root] DEBUG:    |-- Droidmon
2016-12-06 12:16:50,151 [root] DEBUG:    |-- Dropped
2016-12-06 12:16:50,151 [root] DEBUG:    |-- TLSMasterSecrets
2016-12-06 12:16:50,151 [root] DEBUG:    |-- GooglePlay
2016-12-06 12:16:50,152 [root] DEBUG:    |-- Irma
2016-12-06 12:16:50,152 [root] DEBUG:    |-- Memory
2016-12-06 12:16:50,152 [root] DEBUG:    |-- MISP
2016-12-06 12:16:50,152 [root] DEBUG:    |-- NetworkAnalysis
2016-12-06 12:16:50,152 [root] DEBUG:    |-- ProcessMemory
2016-12-06 12:16:50,152 [root] DEBUG:    |-- Procmon
2016-12-06 12:16:50,152 [root] DEBUG:    |-- Screenshots
2016-12-06 12:16:50,152 [root] DEBUG:    |-- Snort
2016-12-06 12:16:50,152 [root] DEBUG:    |-- Static
2016-12-06 12:16:50,153 [root] DEBUG:    |-- Strings
2016-12-06 12:16:50,153 [root] DEBUG:    |-- Suricata
2016-12-06 12:16:50,153 [root] DEBUG:    |-- TargetInfo
2016-12-06 12:16:50,153 [root] DEBUG:    `-- VirusTotal
2016-12-06 12:16:50,153 [root] DEBUG: Imported "auxiliary" modules:
2016-12-06 12:16:50,153 [root] DEBUG:    |-- MITM
2016-12-06 12:16:50,153 [root] DEBUG:    |-- Reboot
2016-12-06 12:16:50,153 [root] DEBUG:    |-- Services
2016-12-06 12:16:50,154 [root] DEBUG:    `-- Sniffer
2016-12-06 12:16:50,154 [root] DEBUG: Imported "reporting" modules:
2016-12-06 12:16:50,154 [root] DEBUG:    |-- ElasticSearch
2016-12-06 12:16:50,154 [root] DEBUG:    |-- JsonDump
2016-12-06 12:16:50,154 [root] DEBUG:    |-- Mattermost
2016-12-06 12:16:50,154 [root] DEBUG:    |-- Moloch
2016-12-06 12:16:50,154 [root] DEBUG:    |-- MongoDB
2016-12-06 12:16:50,154 [root] DEBUG:    |-- Notification
2016-12-06 12:16:50,155 [root] DEBUG:    `-- ReportHTML
2016-12-06 12:16:50,155 [root] DEBUG: Imported "machinery" modules:
2016-12-06 12:16:50,155 [root] DEBUG:    `-- VirtualBox
2016-12-06 12:16:50,156 [root] DEBUG: Checking for locked tasks..
2016-12-06 12:16:50,167 [root] DEBUG: Checking for pending service tasks..
2016-12-06 12:16:50,176 [root] DEBUG: Initializing Yara...
2016-12-06 12:16:50,176 [root] DEBUG:    |-- index_binaries.yar
2016-12-06 12:16:50,177 [root] DEBUG:    `-- index_memory.yar
2016-12-06 12:16:50,181 [lib.cuckoo.core.resultserver] DEBUG: ResultServer running on 192.168.56.1:2042.
2016-12-06 12:16:50,183 [lib.cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager
2016-12-06 12:16:50,662 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 12:16:50,768 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-06 12:16:50,932 [lib.cuckoo.core.scheduler] INFO: Loaded 1 machine/s
2016-12-06 12:16:50,945 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks.
2016-12-06 12:16:58,285 [lib.cuckoo.core.scheduler] DEBUG: Processing task #11
2016-12-06 12:16:58,300 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda" (task #11, options "")
2016-12-06 12:16:58,327 [lib.cuckoo.core.scheduler] INFO: File already exists at "/home/mario/cuckoo/storage/binaries/519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda"
2016-12-06 12:16:58,431 [lib.cuckoo.core.scheduler] INFO: Task #11: acquired machine Ubuntu (label=Ubuntu)
2016-12-06 12:16:58,444 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 15423 (interface=vboxnet0, host=192.168.56.101, pcap=/home/mario/cuckoo/storage/analyses/11/dump.pcap)
2016-12-06 12:16:58,444 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer
2016-12-06 12:16:58,583 [modules.machinery.virtualbox] DEBUG: Starting vm Ubuntu
2016-12-06 12:16:58,584 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 12:16:58,677 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-06 12:16:58,838 [modules.machinery.virtualbox] DEBUG: Using current snapshot for virtual machine Ubuntu
2016-12-06 12:16:59,282 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 12:16:59,345 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status saved
2016-12-06 12:17:02,959 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 12:17:03,034 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-06 12:17:03,498 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=Ubuntu, ip=192.168.56.101)
2016-12-06 12:17:04,504 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 12:17:05,508 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 12:17:06,506 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 12:17:08,513 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 12:17:09,518 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 12:17:10,510 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-06 12:17:11,533 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for status 0x0001
2016-12-06 12:17:11,538 [lib.cuckoo.core.guest] DEBUG: Ubuntu: status ready
2016-12-06 12:17:11,570 [lib.cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=Ubuntu, ip=192.168.56.101, monitor=latest, size=35210)
2016-12-06 12:17:11,591 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analyzer started with PID 2010
2016-12-06 12:17:11,637 [lib.cuckoo.core.resultserver] DEBUG: LogHandler for live analysis.log initialized.
2016-12-06 12:17:11,773 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for completion
2016-12-06 12:17:12,779 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:13,787 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:14,796 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:15,805 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:16,812 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:17,819 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:18,826 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:19,834 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:20,843 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:21,852 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:22,858 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:23,863 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:24,869 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:25,874 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:26,880 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:27,888 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:28,897 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:29,902 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:30,907 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:31,915 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:32,924 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:33,932 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:34,939 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:35,944 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:36,949 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:37,955 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:38,965 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:39,973 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:40,979 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:41,984 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:42,993 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:43,998 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:45,003 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:46,011 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:47,021 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:48,029 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:49,036 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:50,044 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:51,052 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:52,061 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:53,068 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:54,074 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:55,085 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:56,091 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:57,100 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:58,109 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:17:59,119 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:00,129 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:01,134 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:02,139 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:03,149 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:04,158 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:05,168 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:06,177 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:07,186 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:08,196 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:09,205 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:10,215 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:11,222 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:12,231 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:13,246 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:14,255 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:15,264 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:16,270 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:17,279 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:18,288 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:19,295 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:20,304 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:21,312 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:22,319 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:23,329 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:24,342 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:25,350 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:26,356 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:27,366 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:28,376 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:29,383 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:30,392 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:31,398 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:32,404 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:33,412 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:34,421 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:35,432 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:36,441 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:37,449 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:38,458 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:39,468 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:40,478 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:41,487 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:42,497 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:43,506 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:44,515 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:45,524 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:46,533 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:47,556 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:48,564 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:49,573 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:50,583 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:51,593 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:52,602 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:53,611 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:54,620 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:55,628 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:56,634 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:57,643 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:58,650 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:18:59,658 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:00,668 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:01,677 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:02,685 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:03,695 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:04,704 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:05,713 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:06,723 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:07,733 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:08,742 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:09,750 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:10,759 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:11,769 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-06 12:19:11,833 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/strace.stderr
2016-12-06 12:19:11,834 [lib.cuckoo.core.resultserver] DEBUG: Uploaded file length: 22
2016-12-06 12:19:11,836 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/all.lkm
2016-12-06 12:19:12,778 [lib.cuckoo.core.guest] INFO: Ubuntu: analysis completed successfully
2016-12-06 12:19:12,922 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2016-12-06 12:19:12,923 [modules.machinery.virtualbox] DEBUG: Stopping vm Ubuntu
2016-12-06 12:19:12,923 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 12:19:13,022 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-06 12:19:14,166 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 12:19:14,261 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-06 12:19:15,129 [lib.cuckoo.core.scheduler] DEBUG: Released database task #11
2016-12-06 12:19:15,158 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,159 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,161 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,161 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,163 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Debug" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,164 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,164 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,164 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,165 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Static" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,166 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Strings" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,171 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:15,176 [modules.processing.network] DEBUG: Whitelisting Disabled.
2016-12-06 12:19:20,558 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:20,558 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" on analysis at "/home/mario/cuckoo/storage/analyses/11"
2016-12-06 12:19:20,558 [lib.cuckoo.core.plugins] DEBUG: Running 0 signatures
2016-12-06 12:19:20,565 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump"
2016-12-06 12:19:20,639 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "MongoDB"
2016-12-06 12:19:20,640 [lib.cuckoo.core.scheduler] INFO: Task #11: reports generation completed (path=/home/mario/cuckoo/storage/analyses/11)
2016-12-06 12:19:20,831 [lib.cuckoo.core.scheduler] INFO: Task #11: analysis procedure completed
doomedraven commented 7 years ago

you still have 2016-12-06 12:19:11,833 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/strace.stderr

check documentation/google what could be wrong there with that strace

doomedraven commented 7 years ago

http://askubuntu.com/questions/41629/after-upgrade-gdb-wont-attach-to-process

ramirez3805 commented 7 years ago

I did what the link said kernel.yama.ptrace_scope = 0 on both the host and the guest since I didn't know which one needed that but I am still getting that message.

doomedraven commented 7 years ago

that should be done in vm, then you still need google that issue and try different solutions, and later post it here to help another users with that

ramirez3805 commented 7 years ago

I actually have no idea what the issue even is lol. What do I even look for, I tried searching for that line but there were things like how to use strace... but I'm assuming I'm not changing anything with cuckoo, am I supposed to look for a way to see a log of the strace?

doomedraven commented 7 years ago

google it

Could not attach to process.  If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user.  For more details, see /etc/sysctl.d/10-ptrace.conf
ramirez3805 commented 7 years ago

I've been trying to understand all this, I did notice if I run a trace of a port, it does not work unless I am root inside the VM. But most post seem to say to do the change to 0 fix. Don't really see anything after that, especially not anything related to Cuckoo.

doomedraven commented 7 years ago

it uses linux internals so it can be related, as you getting that as error, btw after patch that do you taking new snapshot? or just test the old one?

ramirez3805 commented 7 years ago

New snapshot lol, I know I'm terrible but I got that done.

On Dec 6, 2016 3:57 PM, "doomedraven" notifications@github.com wrote:

it uses linux internals so it can be related, as you getting that as error, btw after patch that do you taking new snapshot? or just test the old one?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/cuckoosandbox/cuckoo/issues/810#issuecomment-265269840, or mute the thread https://github.com/notifications/unsubscribe-auth/AWHl2kYbZNxQRJMufrkaqFlB-KbgIuowks5rFcw8gaJpZM4HvoH9 .

ramirez3805 commented 7 years ago

Do you have any other ideas on this?

doomedraven commented 7 years ago

No

ramirez3805 commented 7 years ago

lol nice. I can't really be the only guy that has ever had this issue. I feel like we just need something simple and that's it, it'll work. I really don't want to throw away months of work. :(

doomedraven commented 7 years ago

@jbremer can you help him?

jbremer commented 7 years ago

I don't know, I'm not sure if I ever actually used the Linux analysis part myself.

ramirez3805 commented 7 years ago

How did you guys test the sample I gave you before then?

ramirez3805 commented 7 years ago

This is what I'm getting


2016-12-06 14:29:00,362 [root] DEBUG: Imported "signatures" modules:
2016-12-06 14:29:00,362 [root] DEBUG:    |-- CreatesExe
2016-12-06 14:29:00,362 [root] DEBUG:    `-- SystemMetrics
2016-12-06 14:29:00,362 [root] DEBUG: Imported "processing" modules:
2016-12-06 14:29:00,362 [root] DEBUG:    |-- AnalysisInfo
2016-12-06 14:29:00,362 [root] DEBUG:    |-- MetaInfo
2016-12-06 14:29:00,362 [root] DEBUG:    |-- ApkInfo
2016-12-06 14:29:00,363 [root] DEBUG:    |-- Baseline
2016-12-06 14:29:00,363 [root] DEBUG:    |-- BehaviorAnalysis
2016-12-06 14:29:00,363 [root] DEBUG:    |-- DroppedBuffer
2016-12-06 14:29:00,363 [root] DEBUG:    |-- Debug
2016-12-06 14:29:00,363 [root] DEBUG:    |-- Droidmon
2016-12-06 14:29:00,363 [root] DEBUG:    |-- Dropped
2016-12-06 14:29:00,363 [root] DEBUG:    |-- TLSMasterSecrets
2016-12-06 14:29:00,363 [root] DEBUG:    |-- GooglePlay
2016-12-06 14:29:00,363 [root] DEBUG:    |-- Irma
2016-12-06 14:29:00,364 [root] DEBUG:    |-- Memory
2016-12-06 14:29:00,364 [root] DEBUG:    |-- MISP
2016-12-06 14:29:00,364 [root] DEBUG:    |-- NetworkAnalysis
2016-12-06 14:29:00,364 [root] DEBUG:    |-- ProcessMemory
2016-12-06 14:29:00,364 [root] DEBUG:    |-- Procmon
2016-12-06 14:29:00,364 [root] DEBUG:    |-- Screenshots
2016-12-06 14:29:00,364 [root] DEBUG:    |-- Snort
2016-12-06 14:29:00,364 [root] DEBUG:    |-- Static
2016-12-06 14:29:00,365 [root] DEBUG:    |-- Strings
2016-12-06 14:29:00,365 [root] DEBUG:    |-- Suricata
2016-12-06 14:29:00,365 [root] DEBUG:    |-- TargetInfo
2016-12-06 14:29:00,365 [root] DEBUG:    `-- VirusTotal
2016-12-06 14:29:00,365 [root] DEBUG: Imported "auxiliary" modules:
2016-12-06 14:29:00,365 [root] DEBUG:    |-- MITM
2016-12-06 14:29:00,365 [root] DEBUG:    |-- Reboot
2016-12-06 14:29:00,365 [root] DEBUG:    |-- Services
2016-12-06 14:29:00,366 [root] DEBUG:    `-- Sniffer
2016-12-06 14:29:00,366 [root] DEBUG: Imported "reporting" modules:
2016-12-06 14:29:00,366 [root] DEBUG:    |-- ElasticSearch
2016-12-06 14:29:00,366 [root] DEBUG:    |-- JsonDump
2016-12-06 14:29:00,366 [root] DEBUG:    |-- Mattermost
2016-12-06 14:29:00,366 [root] DEBUG:    |-- Moloch
2016-12-06 14:29:00,366 [root] DEBUG:    |-- MongoDB
2016-12-06 14:29:00,366 [root] DEBUG:    |-- Notification
2016-12-06 14:29:00,366 [root] DEBUG:    `-- ReportHTML
2016-12-06 14:29:00,367 [root] DEBUG: Imported "machinery" modules:
2016-12-06 14:29:00,367 [root] DEBUG:    `-- VirtualBox
2016-12-06 14:29:00,368 [root] DEBUG: Checking for locked tasks..
2016-12-06 14:29:00,379 [root] DEBUG: Checking for pending service tasks..
2016-12-06 14:29:00,388 [root] DEBUG: Initializing Yara...
2016-12-06 14:29:00,388 [root] DEBUG:    |-- index_binaries.yar
2016-12-06 14:29:00,388 [root] DEBUG:    `-- index_memory.yar
2016-12-06 14:29:00,393 [lib.cuckoo.core.resultserver] DEBUG: ResultServer running on 192.168.56.1:2042.
2016-12-06 14:29:00,394 [lib.cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager
2016-12-06 14:29:01,036 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-06 14:29:01,122 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-06 14:29:01,276 [lib.cuckoo.core.scheduler] INFO: Loaded 1 machine/s
2016-12-06 14:29:01,288 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks.
2016-12-08 11:06:37,716 [lib.cuckoo.core.scheduler] DEBUG: Processing task #4
2016-12-08 11:06:37,726 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda" (task #4, options "")
2016-12-08 11:06:37,745 [lib.cuckoo.core.scheduler] INFO: File already exists at "/home/mario/cuckoo/storage/binaries/519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda"
2016-12-08 11:06:37,916 [lib.cuckoo.core.scheduler] INFO: Task #4: acquired machine Ubuntu (label=Ubuntu)
2016-12-08 11:06:37,927 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 19830 (interface=vboxnet0, host=192.168.56.101, pcap=/home/mario/cuckoo/storage/analyses/4/dump.pcap)
2016-12-08 11:06:37,928 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer
2016-12-08 11:06:38,034 [modules.machinery.virtualbox] DEBUG: Starting vm Ubuntu
2016-12-08 11:06:38,035 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-08 11:06:38,273 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-08 11:06:38,406 [modules.machinery.virtualbox] DEBUG: Using current snapshot for virtual machine Ubuntu
2016-12-08 11:06:38,623 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-08 11:06:38,709 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status saved
2016-12-08 11:06:41,615 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-08 11:06:41,684 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-08 11:06:42,059 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=Ubuntu, ip=192.168.56.101)
2016-12-08 11:06:42,077 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for status 0x0001
2016-12-08 11:06:42,082 [lib.cuckoo.core.guest] DEBUG: Ubuntu: status ready
2016-12-08 11:06:42,084 [lib.cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=Ubuntu, ip=192.168.56.101, monitor=latest, size=35210)
2016-12-08 11:06:42,105 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analyzer started with PID 2058
2016-12-08 11:06:42,149 [lib.cuckoo.core.resultserver] DEBUG: LogHandler for live analysis.log initialized.
2016-12-08 11:06:42,237 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for completion
2016-12-08 11:06:43,246 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:44,259 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:45,267 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:46,276 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:47,284 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:48,293 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:49,297 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:50,303 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:51,309 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:52,317 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:53,326 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:54,336 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:55,344 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:56,353 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:57,363 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:58,372 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:06:59,381 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:00,393 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:01,402 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:02,412 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:03,421 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:04,431 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:05,440 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:06,449 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:07,455 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:08,461 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:09,468 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:10,475 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:11,482 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:12,491 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:13,502 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:14,511 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:15,520 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:16,533 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:17,542 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:18,553 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:19,562 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:20,573 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:21,582 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:22,591 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:23,600 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:24,610 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:25,620 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:26,629 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:27,638 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:28,648 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:29,657 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:30,666 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:31,675 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:32,686 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:33,695 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:34,703 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:35,711 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:36,721 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:37,731 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:38,740 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:39,748 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:40,755 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:41,764 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:42,773 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:43,783 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:44,792 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:45,801 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:46,810 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:47,819 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:48,832 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:49,841 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:50,850 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:51,858 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:52,867 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:53,874 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:54,882 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:55,891 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:56,902 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:57,910 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:58,920 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:07:59,928 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:00,938 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:01,946 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:02,952 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:03,959 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:04,972 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:05,981 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:06,989 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:07,998 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:09,006 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:10,015 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:11,025 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:12,034 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:13,043 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:14,052 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:15,059 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:16,067 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:17,077 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:18,086 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:19,095 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:20,104 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:21,116 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:22,125 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:23,134 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:24,142 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:25,153 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:26,162 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:27,171 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:28,179 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:29,188 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:30,197 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:31,202 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:32,211 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:33,221 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:34,230 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:35,239 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:36,248 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:37,261 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:38,268 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:39,278 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:40,287 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:41,297 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:42,306 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-08 11:08:42,862 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/strace.stderr
2016-12-08 11:08:42,862 [lib.cuckoo.core.resultserver] DEBUG: Uploaded file length: 22
2016-12-08 11:08:42,863 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/all.lkm
2016-12-08 11:08:43,315 [lib.cuckoo.core.guest] INFO: Ubuntu: analysis completed successfully
2016-12-08 11:08:43,502 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2016-12-08 11:08:43,503 [modules.machinery.virtualbox] DEBUG: Stopping vm Ubuntu
2016-12-08 11:08:43,503 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-08 11:08:43,606 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-08 11:08:44,713 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-08 11:08:44,807 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-08 11:08:46,160 [lib.cuckoo.core.scheduler] DEBUG: Released database task #4
2016-12-08 11:08:46,195 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,200 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,213 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,214 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,216 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Debug" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,217 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,217 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,218 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,218 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Static" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,220 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Strings" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,226 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,228 [modules.processing.network] DEBUG: Whitelisting Disabled.
2016-12-08 11:08:46,228 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,229 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" on analysis at "/home/mario/cuckoo/storage/analyses/4"
2016-12-08 11:08:46,229 [lib.cuckoo.core.plugins] DEBUG: Running 0 signatures
2016-12-08 11:08:46,237 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump"
2016-12-08 11:08:46,251 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "MongoDB"
2016-12-08 11:08:46,251 [lib.cuckoo.core.scheduler] INFO: Task #4: reports generation completed (path=/home/mario/cuckoo/storage/analyses/4)
2016-12-08 11:08:46,405 [lib.cuckoo.core.scheduler] INFO: Task #4: analysis procedure completed```
doomedraven commented 7 years ago

and here is your error as before 2016-12-08 11:08:42,862 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/strace.stderr

google it, try all solution :) also try ubuntu 16.04 check selinux, apparmor etc

ramirez3805 commented 7 years ago

Thanks, will start with updating to Ubuntu 16, will have to look into the other stuff.

ramirez3805 commented 7 years ago

Same error on Ubuntu16

doomedraven commented 7 years ago

you should dig around that error

ramirez3805 commented 7 years ago

Okay, so I've done some digging around and I saw that selinux does not come installed with Ubuntu(Some type of way to add more security to the system, not needed) then I looked into apparmor and disabled it. I am still getting that error but something new came up which is 2016-12-09 12:17:57,441 [lib.cuckoo.core.plugins] WARNING: Unable to stop auxiliary module: Error running tcpdump to sniff the network traffic during the analysis; stdout = '' and stderr = "tcpdump: vboxnet0: You don't have permission to capture on that device\n(socket: Operation not permitted)\n". Did you enable the extra capabilities to allow running tcpdump as non-root user and disable AppArmor properly (the latter only applies to Ubuntu-based distributions with AppArmor)?

ramirez3805 commented 7 years ago

Well, I ran the tcpdump commands to make sure that was not the issue and then tried and that error went away, still at 

2016-12-09 12:27:41,545 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/strace.stderr
2016-12-09 12:27:41,545 [lib.cuckoo.core.resultserver] DEBUG: Uploaded file length: 22
2016-12-09 12:27:41,546 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/all.lkm
2016-12-09 12:27:42,225 [lib.cuckoo.core.guest] INFO: Ubuntu: analysis completed successfully
2016-12-09 12:27:42,372 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2016-12-09 12:27:42,372 [modules.machinery.virtualbox] DEBUG: Stopping vm Ubuntu
2016-12-09 12:27:42,373 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-09 12:27:42,481 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-09 12:27:43,561 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-09 12:27:43,658 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-09 12:27:44,702 [lib.cuckoo.core.scheduler] DEBUG: Released database task #9
2016-12-09 12:27:44,729 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,730 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,732 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,732 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,734 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Debug" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,734 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,735 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,735 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,736 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Static" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,737 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Strings" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,741 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,742 [modules.processing.network] DEBUG: Whitelisting Disabled.
2016-12-09 12:27:44,743 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,743 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" on analysis at "/home/mario/cuckoo/storage/analyses/9"
2016-12-09 12:27:44,744 [lib.cuckoo.core.plugins] DEBUG: Running 0 signatures
2016-12-09 12:27:44,750 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump"
2016-12-09 12:27:44,826 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "MongoDB"
2016-12-09 12:27:44,827 [lib.cuckoo.core.scheduler] INFO: Task #9: reports generation completed (path=/home/mario/cuckoo/storage/analyses/9)
2016-12-09 12:27:44,950 [lib.cuckoo.core.scheduler] INFO: Task #9: analysis procedure completed
doomedraven commented 7 years ago

apparmor referenced in documentation check it

ramirez3805 commented 7 years ago

The only reference I can find to apparmor is for development of modules based on libVirt

doomedraven commented 7 years ago 
sudo apt-get install apparmor-utils
sudo aa-disable /usr/sbin/tcpdump
ramirez3805 commented 7 years ago

So first command installed, second command didn't work because I already disabled apparmor. Still same message though

2016-12-09 16:44:26,647 [root] DEBUG: Imported "signatures" modules:
2016-12-09 16:44:26,647 [root] DEBUG:    |-- CreatesExe
2016-12-09 16:44:26,647 [root] DEBUG:    `-- SystemMetrics
2016-12-09 16:44:26,647 [root] DEBUG: Imported "processing" modules:
2016-12-09 16:44:26,647 [root] DEBUG:    |-- AnalysisInfo
2016-12-09 16:44:26,648 [root] DEBUG:    |-- MetaInfo
2016-12-09 16:44:26,648 [root] DEBUG:    |-- ApkInfo
2016-12-09 16:44:26,648 [root] DEBUG:    |-- Baseline
2016-12-09 16:44:26,648 [root] DEBUG:    |-- BehaviorAnalysis
2016-12-09 16:44:26,648 [root] DEBUG:    |-- DroppedBuffer
2016-12-09 16:44:26,648 [root] DEBUG:    |-- Debug
2016-12-09 16:44:26,648 [root] DEBUG:    |-- Droidmon
2016-12-09 16:44:26,648 [root] DEBUG:    |-- Dropped
2016-12-09 16:44:26,649 [root] DEBUG:    |-- TLSMasterSecrets
2016-12-09 16:44:26,649 [root] DEBUG:    |-- GooglePlay
2016-12-09 16:44:26,649 [root] DEBUG:    |-- Irma
2016-12-09 16:44:26,649 [root] DEBUG:    |-- Memory
2016-12-09 16:44:26,649 [root] DEBUG:    |-- MISP
2016-12-09 16:44:26,649 [root] DEBUG:    |-- NetworkAnalysis
2016-12-09 16:44:26,649 [root] DEBUG:    |-- ProcessMemory
2016-12-09 16:44:26,650 [root] DEBUG:    |-- Procmon
2016-12-09 16:44:26,650 [root] DEBUG:    |-- Screenshots
2016-12-09 16:44:26,650 [root] DEBUG:    |-- Snort
2016-12-09 16:44:26,650 [root] DEBUG:    |-- Static
2016-12-09 16:44:26,650 [root] DEBUG:    |-- Strings
2016-12-09 16:44:26,650 [root] DEBUG:    |-- Suricata
2016-12-09 16:44:26,650 [root] DEBUG:    |-- TargetInfo
2016-12-09 16:44:26,651 [root] DEBUG:    `-- VirusTotal
2016-12-09 16:44:26,651 [root] DEBUG: Imported "auxiliary" modules:
2016-12-09 16:44:26,651 [root] DEBUG:    |-- MITM
2016-12-09 16:44:26,651 [root] DEBUG:    |-- Reboot
2016-12-09 16:44:26,651 [root] DEBUG:    |-- Services
2016-12-09 16:44:26,651 [root] DEBUG:    `-- Sniffer
2016-12-09 16:44:26,651 [root] DEBUG: Imported "reporting" modules:
2016-12-09 16:44:26,652 [root] DEBUG:    |-- ElasticSearch
2016-12-09 16:44:26,652 [root] DEBUG:    |-- JsonDump
2016-12-09 16:44:26,652 [root] DEBUG:    |-- Mattermost
2016-12-09 16:44:26,652 [root] DEBUG:    |-- Moloch
2016-12-09 16:44:26,652 [root] DEBUG:    |-- MongoDB
2016-12-09 16:44:26,652 [root] DEBUG:    |-- Notification
2016-12-09 16:44:26,652 [root] DEBUG:    `-- ReportHTML
2016-12-09 16:44:26,652 [root] DEBUG: Imported "machinery" modules:
2016-12-09 16:44:26,653 [root] DEBUG:    `-- VirtualBox
2016-12-09 16:44:26,654 [root] DEBUG: Checking for locked tasks..
2016-12-09 16:44:26,666 [root] DEBUG: Checking for pending service tasks..
2016-12-09 16:44:26,675 [root] DEBUG: Initializing Yara...
2016-12-09 16:44:26,676 [root] DEBUG:    |-- index_binaries.yar
2016-12-09 16:44:26,676 [root] DEBUG:    `-- index_memory.yar
2016-12-09 16:44:26,680 [lib.cuckoo.core.resultserver] DEBUG: ResultServer running on 192.168.56.1:2042.
2016-12-09 16:44:26,682 [lib.cuckoo.core.scheduler] INFO: Using "virtualbox" as machine manager
2016-12-09 16:44:27,041 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-09 16:44:27,136 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-09 16:44:27,247 [lib.cuckoo.core.scheduler] INFO: Loaded 1 machine/s
2016-12-09 16:44:27,260 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks.
2016-12-09 16:44:32,509 [lib.cuckoo.core.scheduler] DEBUG: Processing task #10
2016-12-09 16:44:32,520 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda" (task #10, options "")
2016-12-09 16:44:32,542 [lib.cuckoo.core.scheduler] INFO: File already exists at "/home/mario/cuckoo/storage/binaries/519e571b220e3a844e5e629dd3e5664f03d488e0781fc1d124378d9b3a417fda"
2016-12-09 16:44:32,625 [lib.cuckoo.core.scheduler] INFO: Task #10: acquired machine Ubuntu (label=Ubuntu)
2016-12-09 16:44:32,637 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 4645 (interface=vboxnet0, host=192.168.56.101, pcap=/home/mario/cuckoo/storage/analyses/10/dump.pcap)
2016-12-09 16:44:32,637 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer
2016-12-09 16:44:32,726 [modules.machinery.virtualbox] DEBUG: Starting vm Ubuntu
2016-12-09 16:44:32,726 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-09 16:44:32,815 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-09 16:44:32,921 [modules.machinery.virtualbox] DEBUG: Using current snapshot for virtual machine Ubuntu
2016-12-09 16:44:33,393 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-09 16:44:33,458 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status saved
2016-12-09 16:44:37,032 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-09 16:44:37,109 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-09 16:44:37,400 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=Ubuntu, ip=192.168.56.101)
2016-12-09 16:44:38,406 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-09 16:44:39,413 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-09 16:44:40,403 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-09 16:44:42,411 [lib.cuckoo.core.guest] DEBUG: Ubuntu: not ready yet
2016-12-09 16:44:43,425 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for status 0x0001
2016-12-09 16:44:43,433 [lib.cuckoo.core.guest] DEBUG: Ubuntu: status ready
2016-12-09 16:44:43,437 [lib.cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=Ubuntu, ip=192.168.56.101, monitor=latest, size=35210)
2016-12-09 16:44:43,454 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analyzer started with PID 1973
2016-12-09 16:44:43,493 [lib.cuckoo.core.resultserver] DEBUG: LogHandler for live analysis.log initialized.
2016-12-09 16:44:43,544 [lib.cuckoo.core.guest] DEBUG: Ubuntu: waiting for completion
2016-12-09 16:44:44,551 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:45,560 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:46,568 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:47,577 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:48,586 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:49,595 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:50,604 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:51,613 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:52,626 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:53,635 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:54,644 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:55,653 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:56,662 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:57,672 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:58,680 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:44:59,695 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:00,704 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:01,713 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:02,722 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:03,732 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:04,742 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:05,751 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:06,759 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:07,769 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:08,778 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:09,789 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:10,798 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:11,807 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:12,815 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:13,824 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:14,833 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:15,841 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:16,850 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:17,859 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:18,868 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:19,877 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:20,887 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:21,895 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:22,904 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:23,912 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:24,921 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:25,930 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:26,939 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:27,947 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:28,957 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:29,965 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:30,973 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:31,982 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:32,991 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:33,999 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:35,007 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:36,016 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:37,026 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:38,034 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:39,043 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:40,052 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:41,063 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:42,072 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:43,080 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:44,089 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:45,097 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:46,106 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:47,113 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:48,119 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:49,125 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:50,134 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:51,143 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:52,150 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:53,156 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:54,161 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:55,169 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:56,178 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:57,191 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:58,200 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:45:59,209 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:00,218 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:01,227 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:02,236 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:03,245 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:04,254 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:05,263 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:06,269 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:07,275 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:08,284 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:09,290 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:10,299 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:11,308 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:12,317 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:13,329 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:14,338 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:15,346 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:16,355 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:17,365 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:18,371 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:19,377 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:20,384 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:21,393 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:22,401 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:23,410 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:24,418 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:25,428 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:26,436 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:27,446 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:28,455 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:29,468 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:30,478 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:31,487 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:32,496 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:33,506 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:34,515 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:35,523 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:36,531 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:37,541 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:38,550 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:39,559 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:40,569 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:41,576 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:42,584 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:43,592 [lib.cuckoo.core.guest] DEBUG: Ubuntu: analysis not completed yet (status=2)
2016-12-09 16:46:43,861 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/strace.stderr
2016-12-09 16:46:43,862 [lib.cuckoo.core.resultserver] DEBUG: Uploaded file length: 22
2016-12-09 16:46:43,863 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/all.lkm
2016-12-09 16:46:44,601 [lib.cuckoo.core.guest] INFO: Ubuntu: analysis completed successfully
2016-12-09 16:46:44,720 [lib.cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2016-12-09 16:46:44,720 [modules.machinery.virtualbox] DEBUG: Stopping vm Ubuntu
2016-12-09 16:46:44,721 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-09 16:46:44,816 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status running
2016-12-09 16:46:45,891 [modules.machinery.virtualbox] DEBUG: Getting status for Ubuntu
2016-12-09 16:46:45,984 [modules.machinery.virtualbox] DEBUG: Machine Ubuntu status poweroff
2016-12-09 16:46:47,043 [lib.cuckoo.core.scheduler] DEBUG: Released database task #10
2016-12-09 16:46:47,072 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "AnalysisInfo" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,072 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "MetaInfo" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,074 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "BehaviorAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,074 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "DroppedBuffer" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,076 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Debug" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,077 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Dropped" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,077 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "ProcessMemory" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,077 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Procmon" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,078 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Static" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,079 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "Strings" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,083 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TargetInfo" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,084 [modules.processing.network] DEBUG: Whitelisting Disabled.
2016-12-09 16:46:47,085 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "NetworkAnalysis" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,085 [lib.cuckoo.core.plugins] DEBUG: Executed processing module "TLSMasterSecrets" on analysis at "/home/mario/cuckoo/storage/analyses/10"
2016-12-09 16:46:47,086 [lib.cuckoo.core.plugins] DEBUG: Running 0 signatures
2016-12-09 16:46:47,114 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "JsonDump"
2016-12-09 16:46:47,131 [lib.cuckoo.core.plugins] DEBUG: Executed reporting module "MongoDB"
2016-12-09 16:46:47,131 [lib.cuckoo.core.scheduler] INFO: Task #10: reports generation completed (path=/home/mario/cuckoo/storage/analyses/10)
doomedraven commented 7 years ago

man you still posting the same, another issues won't solve that 2016-12-09 16:46:43,861 [lib.cuckoo.core.resultserver] DEBUG: File upload request for logs/strace.stderr

ramirez3805 commented 7 years ago

I've been trying as hard as possible to try and figure out that issue but I really have gotten no where unfortunately.

doomedraven commented 7 years ago

well until someone with the same error appears and won't help you, i don't think you will get more help here, i personally would be glad to help but i have a lot of stuff to do, so sorry

ramirez3805 commented 7 years ago

Thanks so much, I'm trying something new now, will be trying out a windows guest to see if that would work and Ubuntu is really the issue. I'm trying that now but have ran into a small issue. VBoxManage returns error checking status for machine Windows: VBoxManage: error: Could not find a registered machine named 'Windows' But when I run VBoxManage -nologo list vms

"Ubuntu" {1fd4021e-05ca-4be6-938e-f2060013226a}
"Windows" {e849198a-f64e-4349-b648-0f37685b5d0d}