Error: sha256

[icepaule]

Hi Viper, could you please help me with below issue? I'm trying to upload a file to my Cuckoo and get thi in the logfile. - On top, it has been working some time bevore.

[*] Session opened on /home/spider/.viper/binaries/b/d/c/2/bdc22ab7bd6251903d4724bfc468749be9ccc8deb44e1616f634430006def89b 2018-09-01 18:40:28 - viper-web - ERROR - views.py:690 - Error: 'sha256'

Thanks a lot for that cool tool you provided. .-)

Cheers Marcus

[frennkie]

A few questions:

• Is this a permanent error?
• Can you please give step by step instructions on how to reproduce this?
• Please also look on your Cookoo host and provide anything relevant from the logs there

[frennkie]

@icepaule Can you provide some more details on this? Otherwise I would suggest to close this issue.

[kadaokaduan]

Hello, I got the same problem.. First, I got my cuckoo installed with api server and web interface. When I send my malicious sample to the sandbox, it works well on another machine. Second, on another machine, I install viper properly with the guidence of the office document, and everything seems to works well. I changed /root/.viper/viper.conf file with the following configuration:

[cuckoo]
cuckoo_modified = False
cuckoo_host = http://10.20.50.8:6968
cuckoo_web = http://10.20.50.8:6969

After that, I run ./viper-web to start my viper web service. When I send my malicious sample towards the web interface and in the result page, I click "cuckoo", and got "Error Connecting To Cuckoo". In the console, I got:

[*] Session opened on /root/.viper/binaries/c/4/f/9/c4f9d21ba5b78c23eb1c1528d0cfcb1c495f312521d7523988a447a7d7621af8
2018-11-23 08:42:31 - viper-web - ERROR - views.py:693 - Error: 'sha256'
2018-11-23 08:42:31 - django.server - INFO - basehttp.py:124 - "GET /project/default/file/c4f9d21ba5b78c23eb1c1528d0cfcb1c495f312521d7523988a447a7d7621af8/cuckoo/ HTTP/1.1" 200 66

I'm sure that the same sample with the same sha256 value was reported properly on cuckoo server..

And again, thanks for that cool tool you provided. .-)

[icepaule]

Hi @kadaokaduan, after I did some debugging, I found the problem laying in the cuckoo api. I actually had to clean the cuckoo db with "cuckoo clean". After that the api call had no more issues. - But you loose all your prio analysis date in cuckoo.

Maybe that works for you as well... :-)

[k41zen]

I get this error too. Running Ubuntu 16.04 on 2 separate hosts (one running Viper and the other running Cuckoo). Also running theHive and Cortex on a 3rd Ubuntu 16.04 host which can submit files through to Cuckoo API without issues. So this isn't a Cuckoo issue and therefore I don't think running a "cuckoo clean" will solve this for me and I'm reluctant to loose my data.

However, in the webgui of Viper I get "Error connecting to Cuckoo" and in the viper-web command line I see:

[*] Session opened on /home/spider/.viper/binaries/2/b/b/9/2bb9dbc173be978c2b280d855ee7bfe002969808066631aa784a6cdeb4262ca1 2019-03-19 20:28:03 - viper-web - ERROR - views.py:697 - Error: 'sha256' 2019-03-19 20:28:03 - django.server - INFO - basehttp.py:154 - "GET /project/default/file/2bb9dbc173be978c2b280d855ee7bfe002969808066631aa784a6cdeb4262ca1/cuckoo/ HTTP/1.1" 200 66

One the Cuckoo API side I see this: [19/Mar/2019 20:36:21] "GET /tasks/list HTTP/1.1" 200 -

Can anyone help?

[frennkie]

Closed as this is most likely a duplicate.