search

decalage2 / ViperMonkey

A VBA parser and emulation engine to analyze malicious macros.
1.04k stars 185 forks source link

Python3 version #108

Open carouselcarousel opened 3 years ago

carouselcarousel commented 3 years ago

Is your feature request related to a problem? Please describe. Yes it's problem related. All the time have this python3 vs python2 issue, even when I start vipermonkey as python2. I didn't found any solution to force to use python2. Yes I started it as: python2 vmonkey.py /media/sf_D_DRIVE/!PANEL/mime_infalted.dat

Python 2.7.18 (default, Apr 20 2020, 20:30:41) [GCC 9.3.0] on linux2<<<

Just to see the error: _ERROR Reading in file as Excel with xlrd failed. Can't find workbook in OLE2 compound document Traceback (most recent call last): File "/root/Downloads/ViperMonkey/vipermonkey/export_all_excel_sheets.py", line 9, in import psutil ModuleNotFoundError: No module named 'psutil' ERROR Running export_all_excel_sheets.py failed. Command '['timeout', '30', 'python3', '/root/Downloads/ViperMonkey/vipermonkey/export_all_excel_sheets.py', '/tmp/tmp_excel_file_6539441436']' returned non-zero exit status 1 INFO Saving dropped analysis artifacts in /media/sf_D_DRIVE/!PANEL/mime_infalted.datartifacts/ INFO Parsing VB...

(And installing psutil to python3 will not help, because then you need to install: uno, unotools, base, .. and at the end will not work. )

_ERROR Reading in file as Excel with xlrd failed. Can't find workbook in OLE2 compound document Traceback (most recent call last): File "/root/Downloads/ViperMonkey/vipermonkey/export_all_excelsheets.py", line 15, in from unotools import Socket, connect File "/usr/local/lib/python3.9/dist-packages/unotools/init.py", line 11, in from unotools.context import LocalContext, ScriptContext File "/usr/local/lib/python3.9/dist-packages/unotools/context.py", line 2, in import uno # pragma: no flakes File "/usr/local/lib/python3.9/dist-packages/uno/init.py", line 4, in from base import Element, Css, Payload, UnoBaseFeature, UnoBaseField ImportError: cannot import name 'Element' from 'base' (/usr/local/lib/python3.9/dist-packages/base/init.py)

image image

decalage2 commented 3 years ago

Indeed with the latest version 1.0.2, the main vmonkey script runs as python2, but it calls python3 to run other scripts. It will be easier when the whole package is converted to python 3. cc @kirk-sayre-work

kirk-sayre-work commented 2 years ago

https://github.com/kirk-sayre-work/ViperMonkey/tree/python3_port