michaelweiser
commented
2 years ago For some reason Travis python 3.7 can't install sdnotify today. Github Actions work: https://github.com/michaelweiser/PeekabooAV/actions/runs/2016371506
Closed michaelweiser closed 2 years ago
michaelweiser
commented
2 years ago For some reason Travis python 3.7 can't install sdnotify today. Github Actions work: https://github.com/michaelweiser/PeekabooAV/actions/runs/2016371506
Jack28
commented
2 years ago Nice, good job.
While you're on it, can you fix WARNING - Report returned from Cortex contained invalid data: Subclass needs to provide a schema for class CuckooSandboxFileAnalysisReport?
It should look somewhat like this:
diff --git a/peekaboo/toolbox/cortex.py b/peekaboo/toolbox/cortex.py
index bd51a7b..4deb6ed 100644
--- a/peekaboo/toolbox/cortex.py
+++ b/peekaboo/toolbox/cortex.py
@@ -342,6 +342,23 @@ class VirusTotalQuery(CortexHashAnalyzer):
class CuckooSandboxFileAnalysisReport(CortexAnalyzerReport):
""" Represents a Cortex CuckooSandbox_File_Analysis_Inet_1_2 analysis JSON
report. """
+ report_schema = schema.Schema({
+ "summary": {
+ "taxonomies": [
+ {
+ "predicate": str,
+ "value": schema.Regex(r'^[0-9\./]*$')
+ }
+ ]
+ },
+ "full": {
+ "signatures": schema.Schema([str])
+ },
+ "success": bool,
+ "artifacts": CortexAnalyzerReport.report_schema_artifacts,
+ "operations": []
+ })
+
def __init__(self, report):
super().__init__(report)
self.taxonomies = report.get("summary", {}).get("taxonomies", [{}])Nice, good job.
While you're on it, can you fix
WARNING - Report returned from Cortex contained invalid data: Subclass needs to provide a schemafor classCuckooSandboxFileAnalysisReport?
I'm struggling to get a testing setup with Cortex and Cuckoo going. Can we postpone this to RC3 or 2.2?
This mainly removes our dependency on cortex4py (for the time being) so we can release 2.1. While at it we also remove the mostly annoying startup availability checks of the Cuckoo and Cortex APIs.