Crash on opening IE

[kevross33]

IE is crashing in my sandboxes during injection when using cuckoo-modified now. VM was transfered over from other machine which was working fine but may be working with slightly newer version of cuckoo-modified. Removed all plugins, different versions of IE in browser etc and still happens. Only time browser crash doesn't occur is when injection is disabled. Tried in cuckoo2-dev tree (latest build as of now) and works fine for URL and html files as it opens IE without crash.

Other browsers such as Firefox and Chrome are fine.

[spender-sandbox]

Can you compile a debug build of cuckoomon and get me the crash reports?

Thanks, -Brad

[kevross33]

Hi,

Yes sure, is there instructions for compiling the debug cuckoomon about (ideally done on Linux although Windows is fine too)? If not can you give me the main compile commands for this & I will get the crash reports to you?

Thanks.

On 4 January 2016 at 22:04, Brad Spengler notifications@github.com wrote:

Can you compile a debug build of cuckoomon and get me the crash reports?

Thanks, -Brad

— Reply to this email directly or view it on GitHub https://github.com/spender-sandbox/cuckoo-modified/issues/15#issuecomment-168825371 .

[KillerInstinct]

Change both lines

https://github.com/spender-sandbox/cuckoomon-modified/blob/MSVC/ntapi.h#L773 https://github.com/spender-sandbox/cuckoomon-modified/blob/MSVC/ntapi.h#L774

from 0 to 1 and recompile. It's a VS2015 project (which you can get for free) -- that has been easiest to use in my experience. Just make sure you're compiling a release and not a debug version.

[kevross33]

This appears to be resolved. Updated to latest version (last version in use was several weeks old) and now it seems to be working completely fine again. I have tested in metasploit test scenarios too and against live Internet (no live EKs though yet as still need to set software combinations) and it seems fine. Nothing has changed on images so not sure what actually resolved the issue for me.