idanr1986 / cuckoo-droid

CuckooDroid - Automated Android Malware Analysis with Cuckoo Sandbox.
580 stars 134 forks source link

aosx_1: not ready yet #86

Open danixen opened 5 years ago

danixen commented 5 years ago

Hey everyone.

I'm having some trouble running cuckoo. Everything seems to be going fine, until the emulator starts and then debug only prints "aosx_1: not ready yet" until it eventually times out. I've followed the documentation as well as the YouTube tutorials that were made available, and can't get pass this.

Thanks!

wickywaka commented 5 years ago

Did you solve your problem? Its always helpful to post your the debug logs of CuckooDroid.

adkharat commented 4 years ago

Why I am getting aosx_1: not ready yet. I checked in output of #ps command in adb shell python agent was not running. But python agent is already copied/availabled at location /data/local/ what could be the reason. @waqarrashid33 image

root@test-Alienware-13-R2:~/cuckoo# python cuckoo.py --clean root@test-Alienware-13-R2:~/cuckoo# python utils/submit.py ../workplace/andriod\ apps/com_matoski_adbm-27.apk WARNING:lib.cuckoo.common.objects:Unable to import pydeep (install with pip install pydeep) Success: File "/home/test/workplace/andriod apps/com_matoski_adbm-27.apk" added as task with ID 1 root@test-Alienware-13-R2:~/cuckoo# python cuckoo.py -d


| | | | |/ | | | | |____ || | | _ |____| |_|

Cuckoo Sandbox 1.2 www.cuckoosandbox.org Copyright (c) 2010-2015

Checking for updates... Outdated! Cuckoo Sandbox version 2.0.7 is available now.

2020-01-20 23:53:17,564 [root] DEBUG: Importing modules... 2020-01-20 23:53:18,371 [root] DEBUG: Imported "signatures" modules: 2020-01-20 23:53:18,371 [root] DEBUG: |-- AndroidDynamicCode 2020-01-20 23:53:18,371 [root] DEBUG: |-- AndroidDynamicCode 2020-01-20 23:53:18,372 [root] DEBUG: |-- KnownVirustotal 2020-01-20 23:53:18,372 [root] DEBUG: |-- KnownVirustotalThreshold 2020-01-20 23:53:18,372 [root] DEBUG: |-- AndroidDangerousPermissions 2020-01-20 23:53:18,372 [root] DEBUG: |-- AndroidDynamicCode 2020-01-20 23:53:18,372 [root] DEBUG: |-- AndroidGooglePlayDiff 2020-01-20 23:53:18,372 [root] DEBUG: |-- Hidden_Payload 2020-01-20 23:53:18,372 [root] DEBUG: |-- SandroRat 2020-01-20 23:53:18,372 [root] DEBUG: |-- AndroratMalware 2020-01-20 23:53:18,372 [root] DEBUG: |-- IBankingMalware 2020-01-20 23:53:18,372 [root] DEBUG: |-- AndroidNativeCode 2020-01-20 23:53:18,373 [root] DEBUG: |-- AndroidDynamicCode 2020-01-20 23:53:18,373 [root] DEBUG: |-- AndroidReflectionCode 2020-01-20 23:53:18,373 [root] DEBUG: |-- AndroidAbortBroadcast 2020-01-20 23:53:18,373 [root] DEBUG: |-- Hidden_Payload 2020-01-20 23:53:18,373 [root] DEBUG: |-- Hidden_Payload 2020-01-20 23:53:18,373 [root] DEBUG: |-- ApplicationContainsDex 2020-01-20 23:53:18,373 [root] DEBUG: |-- ApplicationContainsJar 2020-01-20 23:53:18,373 [root] DEBUG: |-- ApplicationContainsSo 2020-01-20 23:53:18,373 [root] DEBUG: |-- AndroidInstalledApps 2020-01-20 23:53:18,373 [root] DEBUG: |-- ApplicationDroppedDex 2020-01-20 23:53:18,373 [root] DEBUG: |-- ApplicationDroppedFiles 2020-01-20 23:53:18,374 [root] DEBUG: |-- ApplicationDroppedSo 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidShellCommands 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidPhoneNumber 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidInstalledApps 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidAccountInfo 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidAppInfo 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidPrivateInfoQuery 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidAudio 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidUsingReflection 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidRegisteredReceiver 2020-01-20 23:53:18,374 [root] DEBUG: |-- AndroidInstalledApps 2020-01-20 23:53:18,375 [root] DEBUG: |-- AndroidSMS 2020-01-20 23:53:18,375 [root] DEBUG: |-- AndroidComponentEnabledSetting 2020-01-20 23:53:18,375 [root] DEBUG: |-- AndroidStopProcess 2020-01-20 23:53:18,375 [root] DEBUG: |-- ApplicationUsesLocation 2020-01-20 23:53:18,375 [root] DEBUG: |-- AndroidCamera 2020-01-20 23:53:18,375 [root] DEBUG: |-- CreatesExe 2020-01-20 23:53:18,375 [root] DEBUG: |-- SystemMetrics 2020-01-20 23:53:18,375 [root] DEBUG: |-- NetworkHTTP 2020-01-20 23:53:18,375 [root] DEBUG: |-- NetworkICMP 2020-01-20 23:53:18,375 [root] DEBUG: |-- NetworkIRC 2020-01-20 23:53:18,375 [root] DEBUG: -- NetworkSMTP 2020-01-20 23:53:18,376 [root] DEBUG: Imported "processing" modules: 2020-01-20 23:53:18,376 [root] DEBUG: |-- AnalysisInfo 2020-01-20 23:53:18,376 [root] DEBUG: |-- ApkInfo 2020-01-20 23:53:18,376 [root] DEBUG: |-- BehaviorAnalysis 2020-01-20 23:53:18,376 [root] DEBUG: |-- Debug 2020-01-20 23:53:18,376 [root] DEBUG: |-- Droidmon 2020-01-20 23:53:18,376 [root] DEBUG: |-- Dropped 2020-01-20 23:53:18,376 [root] DEBUG: |-- GooglePlay 2020-01-20 23:53:18,376 [root] DEBUG: |-- Memory 2020-01-20 23:53:18,376 [root] DEBUG: |-- NetworkAnalysis 2020-01-20 23:53:18,376 [root] DEBUG: |-- ProcessMemory 2020-01-20 23:53:18,377 [root] DEBUG: |-- Static 2020-01-20 23:53:18,377 [root] DEBUG: |-- Strings 2020-01-20 23:53:18,377 [root] DEBUG: |-- TargetInfo 2020-01-20 23:53:18,377 [root] DEBUG:-- VirusTotal 2020-01-20 23:53:18,377 [root] DEBUG: Imported "auxiliary" modules: 2020-01-20 23:53:18,377 [root] DEBUG: -- Sniffer 2020-01-20 23:53:18,377 [root] DEBUG: Imported "reporting" modules: 2020-01-20 23:53:18,377 [root] DEBUG: |-- JsonDump 2020-01-20 23:53:18,377 [root] DEBUG: |-- MAEC40Report 2020-01-20 23:53:18,377 [root] DEBUG: |-- MMDef 2020-01-20 23:53:18,378 [root] DEBUG: |-- MongoDB 2020-01-20 23:53:18,378 [root] DEBUG: |-- ReportAndroidHTML 2020-01-20 23:53:18,378 [root] DEBUG:-- ReportHTML 2020-01-20 23:53:18,378 [root] DEBUG: Imported "machinery" modules: 2020-01-20 23:53:18,378 [root] DEBUG: -- Avd 2020-01-20 23:53:18,407 [root] DEBUG: Checking for locked tasks... /usr/local/lib/python2.7/dist-packages/sqlalchemy/sql/compiler.py:572: SAWarning: Can't resolve label reference 'added_on desc'; converting to text() (this warning may be suppressed after 10 occurrences) util.ellipses_string(element.element)) 2020-01-20 23:53:18,443 [root] DEBUG: Initializing Yara... 2020-01-20 23:53:18,444 [root] DEBUG: |-- index_binaries.yar 2020-01-20 23:53:18,444 [root] DEBUG:-- index_memory.yar 2020-01-20 23:53:18,445 [lib.cuckoo.core.resultserver] DEBUG: ResultServer running on 0.0.0.0:2042. 2020-01-20 23:53:18,446 [lib.cuckoo.core.scheduler] INFO: Using "avd" machine manager 2020-01-20 23:53:18,519 [lib.cuckoo.core.scheduler] INFO: Loaded 1 machine/s 2020-01-20 23:53:18,536 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks. /usr/local/lib/python2.7/dist-packages/sqlalchemy/sql/compiler.py:572: SAWarning: Can't resolve label reference 'priority desc, added_on'; converting to text() (this warning may be suppressed after 10 occurrences) util.ellipses_string(element.element)) 2020-01-20 23:53:19,610 [lib.cuckoo.core.scheduler] DEBUG: Processing task #1 2020-01-20 23:53:19,611 [lib.cuckoo.core.scheduler] INFO: Starting analysis of FILE "/home/test/workplace/andriod apps/com_matoski_adbm-27.apk" (task=1) 2020-01-20 23:53:19,670 [lib.cuckoo.core.scheduler] INFO: Task #1: acquired machine aosx_1 (label=aosx_1) 2020-01-20 23:53:19,676 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 20081 (interface=vboxnet0, host=127.0.0.1, dump path=/home/test/cuckoo/storage/analyses/1/dump.pcap) 2020-01-20 23:53:19,677 [lib.cuckoo.core.plugins] DEBUG: Started auxiliary module: Sniffer 2020-01-20 23:53:19,712 [modules.machinery.avd] DEBUG: Starting vm aosx_1 2020-01-20 23:53:19,713 [modules.machinery.avd] DEBUG: Duplicate Reference Machine 'aosx'. 2020-01-20 23:53:19,714 [modules.machinery.avd] DEBUG: Deleting old emulator config file '/home/test/.android/avd/aosx_1.ini' 2020-01-20 23:53:19,714 [modules.machinery.avd] DEBUG: Deleting old emulator FS '/home/test/.android/avd/aosx_1.avd/' 2020-01-20 23:53:20,083 [modules.machinery.avd] DEBUG: Copy AVD reference config file '/home/test/.android/avd/aosx.ini' in '/home/test/.android/avd/aosx_1.ini'... 2020-01-20 23:53:20,083 [modules.machinery.avd] DEBUG: Duplicate the AVD internal content from '/home/test/.android/avd/aosx.avd/' in '/home/test/.android/avd/aosx_1.avd/'... 2020-01-20 23:53:36,469 [modules.machinery.avd] DEBUG: Replacing 'aosx' with 'aosx_1' in '/home/test/.android/avd/aosx_1.ini' 2020-01-20 23:53:36,685 [modules.machinery.avd] DEBUG: Replacing 'aosx' with 'aosx_1' in '/home/test/.android/avd/aosx_1.avd/hardware-qemu.ini' 2020-01-20 23:53:46,721 [modules.machinery.avd] DEBUG: Restarting ADB server... 2020-01-20 23:53:46,765 [modules.machinery.avd] DEBUG: ADB server has been killed. 2020-01-20 23:53:49,777 [modules.machinery.avd] DEBUG: ADB server has been restarted. 2020-01-20 23:53:49,777 [modules.machinery.avd] DEBUG: Waiting for device emulator-5554 to be ready. 2020-01-20 23:53:49,785 [modules.machinery.avd] DEBUG: Waiting for the emulator to be ready 2020-01-20 23:53:49,786 [modules.machinery.avd] DEBUG: - (dev.bootcomplete) 2020-01-20 23:54:17,333 [modules.machinery.avd] DEBUG: - (sys_bootcomplete) 2020-01-20 23:54:17,491 [modules.machinery.avd] DEBUG: - (init.svc.bootanim) 2020-01-20 23:54:28,412 [modules.machinery.avd] DEBUG: Emulator emulator-5554 is ready ! 2020-01-20 23:54:28,430 [lib.cuckoo.core.guest] INFO: Starting analysis on guest (id=aosx_1, ip=127.0.0.1) 2020-01-20 23:54:28,430 [lib.cuckoo.core.guest] DEBUG: aosx_1: waiting for status 0x0001 2020-01-20 23:54:28,477 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:29,484 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:30,490 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:31,497 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:32,504 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:33,511 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:34,520 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:35,527 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:36,544 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:37,570 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:38,598 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:39,613 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:40,640 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:41,670 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:42,698 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:43,723 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:44,749 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:45,756 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:46,804 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:47,827 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:48,857 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:49,872 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:50,898 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:51,924 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:52,950 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:53,980 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:55,009 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:56,035 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:57,061 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:58,088 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:54:59,122 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:00,149 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:01,157 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:02,181 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:03,208 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:04,239 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:05,264 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:06,289 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:07,309 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:08,333 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:09,340 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:10,348 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:11,356 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:12,364 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:13,376 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:14,384 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready yet 2020-01-20 23:55:15,400 [lib.cuckoo.core.guest] DEBUG: aosx_1: not ready

wickywaka commented 4 years ago

To be honest, I haven't worked on this project for a long time so I don't remember much. All I can say is to read the documentation and my internship report. There was a problem with os.open and subproccess.open etc but I don't remember the exact details.