search

mandiant / flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Apache License 2.0
6.37k stars 900 forks source link

fakenet install issues #348

Closed zaqes closed 1 year ago

zaqes commented 3 years ago 
You have fakenet-ng.python.flare v1.4.3.3 installed. Version 1.4.11.5 is available based on your source(s).
Progress: Downloading fakenet-ng.python.flare 1.4.11.5... 100%

fakenet-ng.python.flare v1.4.11.5
fakenet-ng.python.flare package files upgrade completed. Performing other installation steps.
WARNING: The names of some imported commands from the module 'FireEyeVM.Common' include unapproved verbs that might mak
 them less discoverable. To find the commands with unapproved verbs, run the Import-Module command again with the Verbo
e parameter. For a list of approved verbs, type Get-Verb.
WARNING: Some imported command names contain one or more of the following restricted characters: # , ( ) { } [ ] & - /
 $ ^ ; : " ' < > | ? @ ` * % + = ~
ERROR: Cannot bind argument to parameter 'Path' because it is null.
The upgrade of fakenet-ng.python.flare was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\fakenet-ng.python.flare\tools\chocolateyinstall.ps1'.
 See log for details.
htnhan commented 3 years ago

Hi @zaqes, It looks like you are upgrading from an old FLARE-VM installation, and therefore the windows environment variables are not set properly. There are two options here:

  1. Re-Install the entire VM to get the latest version rather than upgrading. This will make sure you get the updates for other packages as well.
  2. Set the following environment variables:
    • %TOOL_LIST_DIR% = %ProgramData%\\Microsoft\\Windows\\Start Menu\\Programs\\FLARE
    • %TOOL_LIST_SHORTCUT% = %UserProfile%\\Desktop\\FLARE.lnk

Please give those options a shot and let me know if you still have issues. htnhan

zaqes commented 3 years ago

Actually I got this FLARE-VM via a FireEye course I attended. Do you mean that I will miss updates for some packages if I don't reinstall it?

htnhan commented 3 years ago

Hi @zaqes ,

Yes, unfortunately, you will not be able to get the latest updates unless you reinstall it.

FLARE-VM do not fully support update since we can't control the specific version of libraries and applications using cup. It is recommended that you perform a complete new install with the latest install.ps1 script on a fresh VM to get the latest tools/versions of the tools.

That being said, Fakenet-NG is quite stable. The project is in maintenance mode right now, so there is likely no major updates other than any major bug fix

zaqes commented 3 years ago

Ok, thanks.

I have those environment variables and the update still doesn't work.

crahan commented 3 years ago

vcpython27 is required for fakenet-ng.python.fireeye to install properly. Unfortunately Microsoft pulled the original installer so the vcpython27 Chocolatey package fails to download the installer, which causes fakenet-ng.python.fireeye to fail as well.

archive.org has an archived copy of the original installer at https://web.archive.org/web/20210106040222/download.microsoft.com/download/7/9/6/796EF2E4-801B-4FC4-AB28-B59FBF6D907B/VCForPython27.msi. I'd recommend downloading and installing that, then trying another choco install fakenet-ng.python.fireeye run.

vm-packages commented 1 year ago

Thank you for your feedback! We've been working on major updates to FLARE VM over the last year. The now revamped FLARE VM has just been released and will make the project more open and maintainable. Please check out our blog post at https://www.mandiant.com/resources/blog/flarevm-open-to-public and give the new installation a try.

If this problem still persists with the new installation, please report:

Please note that we use this message to close all legacy issues in this repository. We look forward to your feedback and support for the next generation of FLARE VM.