Open boina opened 5 years ago
Hi José thanks for reporting your issue. I will try to reproduce your problems in the next days. Are there any error messages in the Nextcloud logs?
Best regards Matthias
Hi José thanks for reporting your issue. I will try to reproduce your problems in the next days. Are there any error messages in the Nextcloud logs?
Best regards Matthias
Hello Matthias,
Here there is more information on the system:
OS: Archlinux System: Raspberry pi 3 nextcloud: 16.0.0.9 php: 7.3.5
Database: Type: mysql Version: 10.3.14 Size: 330,3 MB
and this is the error log that I could trace related to the ransomware protection app as seen in the administrator page. nextcloud_ransomware.txt
Regards, José.
Hi José
I tried my best to reproduce your issue with my Raspberry Pi Zero but I couldn't.
Can you post the web developer console logs? You can get them if you go to your Ransomware recovery app and press F12 in your browser. Maybe this can clarify the problems.
Best regards Matthias
Hello, I have hit the same symptoms on two different univention installs of nextcloud. Their NC Version is 15.0.8, Ransomware Protection Version 0.5.2
In the console when loading the ransomware recovery page from the top menu the error console has 404:
The requested URL /ocs/v2.php/apps/ransomware_detection/api/v1/get-debug-mode was not found on this server.
In the network requests tab the call to https://
Hi pixelplumber
Thanks alot for the additional information this helps tracking the error down! I will try to fix this in the next few days.
Matthias
Hello,
I have the same problem. I'm using Nextcloud 16.0.3 on a Synology NAS. Is there already a fix for it?
Tom
Hi,
I hadn't much time to investigate the problem because we are reworking the whole app to use machine learning for a better detection rate.
Something came to my mind today: How many file operations do you have in your database?
You can check with SELECT COUNT (*dbprefix*ransomware_detection) FROM *dbname*;
where you replace dbprefix and dbname with accordingly to you setup.
Thanks!
Hello ilovemilk,
The check with SELECT COUNT(*) FROM oc_ransomware_detection
gives 655 entries.
Tom
I have the same issue seems related to scripts not loading. Every other app I use have no issue at all. Most javascripts are showing as blocked in the browser console.
@loxK can you post a screenshot of your js console? Is there a error message regarding those blocked scripts?
There isn't much
I see in Firefox 69.0.1 this:
Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf inline blockiert ("script-src").
Similar problem here with NextCloud 16.
In Firefox (linux) console:
In Chromium (linux) console:
I think I have figured out the problem but I will have to confirm it first. I think the problem is that the app collects to much data and doesn't remove any data by itself without interaction of the user. This results to a large database table and the view can't list all the data because of a missing pagination.
I will try to produce a large database but if somebody of you could just drop the content of the table oc_ransomware_detection
and check if it's working again that would be great! :) Attention after dropping the content you will loose the all the results.
I dropped the oc_ransomware_detection
table content and accessed the page but I've still the same problem with the spinning icon and Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”).
error in the console:
It seems like there are two separate issues at hand:
@ilovemilk why closing the issue is still there in lastest version
There will be a new release in the next week with a complete rework of the App. The frontend is now implemented with VueJs instead of JQuery with a complete new UX design. The app internally is reworked to be more structured and uses an OpenAPI REST interface.
So this problem will be resolved with the new release. I just need some time to write some FAQ and app description to tackle some other issues, finish the build process and test the application with real malware samples.
I you want I can reopen the issue until the new release is out! :)
I just release a new version and I hope this solves the problem! :)
Thanks heaps! It is fixed for me, first time seeing that app running! [happy dance]
I really happy this is solved after such long time! :) I'm closing this for now.
Hello,
Unfortunately, the problem still exists with me. I am using Nextcloud 18.0.6 on a Synology NAS
I see the following error:
Uninitialized string offset: 0 at /volume1/web/nextcloud/lib/private/Files/Node/Node.php#307 Undefined index: dirname at /volume1/web/nextcloud/apps/ransomware_detection/lib/Monitor.php#260
Thanks for the report.
This concrete error should help :)
It looks like you create a directory which doesn't have path? Can you tell what you are doing? What directory you are creating?
I have seen the following error, but the other error message of the ransomware has been coming for some time.
[ransomware_detection] Fatal: File Not Found /Backup/ProgramData/Mein Büro/Dokumente/1/Artikel/Art.Nr 11303
DELETE /nextcloud/remote.php/dav/files//Backup/ProgramData/Mein%20B%C3%BCro/Dokumente/1/Artikel/Art.Nr%2011303 from 192.168.. by at 2020-12-09T22:33:18+00:00
Thanks I try to recreate the scenario! :)
So I tried to recreate the problems:
Uninitialized string offset: 0 at /volume1/web/nextcloud/lib/private/Files/Node/Node.php#307 Undefined index: dirname at /volume1/web/nextcloud/apps/ransomware_detection/lib/Monitor.php#260
The path you mentioned I your comment doesn't relate to this issue. This can only pop up if the path is empty so I will add a check for this and improve the debug output! :)
[ransomware_detection] Fatal: File Not Found /Backup/ProgramData/Mein Büro/Dokumente/1/Artikel/Art.Nr 11303
DELETE /nextcloud/remote.php/dav/files/*/Backup/ProgramData/Mein%20B%C3%BCro/Dokumente/1/Artikel/Art.Nr%2011303 from 192.168.. by *** at 2020-12-09T22:33:18+00:00
Can you confirm that the file exist?
The file or folder is created shortly and then deleted again immediately.
I am also seeing similar issue even updating to NC 20.0.4. The app list on the server.
/usr/bin/php /config/www/nextcloud/occ app:list Enabled:
- accessibility: 1.6.0
- activity: 2.13.4
- bruteforcesettings: 2.0.1
- cloud_federation_api: 1.3.0
- comments: 1.10.0
- contactsinteraction: 1.1.0
- dashboard: 7.0.0
- dav: 1.16.2
- federatedfilesharing: 1.10.2
- federation: 1.10.1
- files: 1.15.0
- files_external: 1.11.1
- files_pdfviewer: 2.0.1
- files_rightclick: 0.17.0
- files_sharing: 1.12.1
- files_trashbin: 1.10.1
- files_versions: 1.13.0
- files_videoplayer: 1.9.0
- firstrunwizard: 2.9.0
- keeweb: 0.6.4
- logreader: 2.5.0
- lookup_server_connector: 1.8.0
- nextcloud_announcements: 1.9.0
- notifications: 2.8.0
- oauth2: 1.8.0
- password_policy: 1.10.1
- photos: 1.2.1
- previewgenerator: 3.1.0
- privacy: 1.4.0
- provisioning_api: 1.10.0
- ransomware_detection: 0.10.0
- ransomware_protection: 1.8.0
- recommendations: 0.8.0
- serverinfo: 1.10.0
- settings: 1.2.0
- sharebymail: 1.10.0
- support: 1.3.0
- survey_client: 1.8.0
- suspicious_login: 3.2.1
- systemtags: 1.10.0
- text: 3.1.0
- theming: 1.11.0
- twofactor_backupcodes: 1.9.0
- twofactor_totp: 5.0.0
- unsplash: 1.1.7
- updatenotification: 1.10.0
- user_status: 1.0.1
- viewer: 1.4.0
- weather_status: 1.0.0
- workflowengine: 2.2.0 Disabled:
- admin_audit
- encryption
- files_external_gdrive
- user_ldap
When I click on the Ransomware Detection
on top, it will only show a spinning circle and then the current page will be reloaded.
Is my situation related to this ticket?
Thanks!
One side question, when I try to run app code check I get the following errors.
/usr/bin/php /config/www/nextcloud/occ app:check-code ransomware_detection An unhandled exception has been thrown: Error: Undefined constant 'T_DOUBLE_COLON' in /config/www/nextcloud/3rdparty/nikic/php-parser/lib/PhpParser/Lexer.php:385 Stack trace:
0 /config/www/nextcloud/3rdparty/nikic/php-parser/lib/PhpParser/Lexer.php(38): PhpParser\Lexer->createTokenMap()
1 /config/www/nextcloud/3rdparty/nikic/php-parser/lib/PhpParser/Lexer/Emulative.php(39): PhpParser\Lexer->__construct(Array)
2 /config/www/nextcloud/3rdparty/nikic/php-parser/lib/PhpParser/ParserFactory.php(23): PhpParser\Lexer\Emulative->__construct()
3 /config/www/nextcloud/lib/private/App/CodeChecker/CodeChecker.php(60): PhpParser\ParserFactory->create(3)
4 /config/www/nextcloud/core/Command/App/CheckCode.php(95): OC\App\CodeChecker\CodeChecker->__construct(Object(OC\App\CodeChecker\StrongComparisonCheck), true)
5 /config/www/nextcloud/3rdparty/symfony/console/Command/Command.php(255): OC\Core\Command\App\CheckCode->execute(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
6 /config/www/nextcloud/3rdparty/symfony/console/Application.php(1000): Symfony\Component\Console\Command\Command->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
7 /config/www/nextcloud/3rdparty/symfony/console/Application.php(271): Symfony\Component\Console\Application->doRunCommand(Object(OC\Core\Command\App\CheckCode), Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
8 /config/www/nextcloud/3rdparty/symfony/console/Application.php(147): Symfony\Component\Console\Application->doRun(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
9 /config/www/nextcloud/lib/private/Console/Application.php(215): Symfony\Component\Console\Application->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
10 /config/www/nextcloud/console.php(100): OC\Console\Application->run()
11 /config/www/nextcloud/occ(11): require_once('/config/www/nex...')
12 {main}
Hey thanks for reporting. The app in version 0.10.0 is just a empty application with no functionality. This due to a critical bug in the recovery for the safety of the users until it's fixed. I recommand disabling the app until a bugfix is released! :)
For more information see #56.
Hello all and thank you very much for app!!!
The issue that I have is that wen I go the Ransomware tab it appears as loading (or scanning maybe) all the time. I include a screenshot of it. The same happens if I click on scan.
I'm using nextcloud 16.0.0 in a raspberry pi running and up to date archlinux install.
Thanks a lot, José.