本文整理汇总了Python中lib.cuckoo.core.guest.GuestManager.save_results方法的典型用法代码示例。如果您正苦于以下问题:Python GuestManager.save_results方法的具体用法?Python GuestManager.save_results怎么用?Python GuestManager.save_results使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类lib.cuckoo.core.guest.GuestManager的用法示例。
在下文中一共展示了GuestManager.save_results方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import save_results [as 别名]
def launch_analysis(self):
"""Start analysis.
@raise CuckooAnalysisError: if unable to start analysis.
"""
log.info("Starting analysis of file \"%s\"" % self.task.file_path)
if not os.path.exists(self.task.file_path):
raise CuckooAnalysisError("The file to analyze does not exist at path \"%s\", analysis aborted" % self.task.file_path)
self.init_storage()
self.store_file()
options = self.build_options()
while True:
machine_lock.acquire()
vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
machine_lock.release()
if not vm:
log.debug("No machine available")
time.sleep(1)
else:
log.info("Acquired machine %s (Label: %s)" % (vm.id, vm.label))
break
# Initialize sniffer
if self.cfg.cuckoo.use_sniffer:
sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
sniffer.start(interface=self.cfg.cuckoo.interface, host=vm.ip, file_path=os.path.join(self.analysis.results_folder, "dump.pcap"))
else:
sniffer = False
try:
# Start machine
mmanager.start(vm.label)
# Initialize guest manager
guest = GuestManager(vm.ip, vm.platform)
# Launch analysis
guest.start_analysis(options)
# Wait for analysis to complete
success = guest.wait_for_completion()
# Stop sniffer
if sniffer:
sniffer.stop()
if not success:
raise CuckooAnalysisError("Analysis failed, review previous errors")
# Save results
guest.save_results(self.analysis.results_folder)
except (CuckooMachineError, CuckooGuestError) as e:
raise CuckooAnalysisError(e.message)
finally:
# Stop machine
mmanager.stop(vm.label)
# Release the machine from lock
mmanager.release(vm.label)
# Launch reports generation
Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())
log.info("Reports generation completed (path=%s)" % self.analysis.results_folder)示例2: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import save_results [as 别名]
def launch_analysis(self):
"""Start analysis."""
sniffer = None
succeeded = False
stored = False
log.info("Starting analysis of %s \"%s\" (task=%d)"
% (self.task.category.upper(),
self.task.target, self.task.id))
# Initialize the the analysis folders.
if not self.init_storage():
return False
if self.task.category == "file":
# Store a copy of the original file.
if not self.store_file():
return False
# Generate the analysis configuration file.
options = self.build_options()
# Acquire analysis machine.
machine = self.acquire_machine()
# If enabled in the configuration, start the tcpdump instance.
if self.cfg.sniffer.enabled:
sniffer = Sniffer(self.cfg.sniffer.tcpdump)
sniffer.start(interface=self.cfg.sniffer.interface,
host=machine.ip,
file_path=os.path.join(self.storage, "dump.pcap"))
try:
# Mark the selected analysis machine in the database as started.
guest_log = Database().guest_start(self.task.id,
machine.name,
machine.label,
mmanager.__class__.__name__)
# Start the machine.
mmanager.start(machine.label)
except CuckooMachineError as e:
log.error(str(e), extra={"task_id" : self.task.id})
# Stop the sniffer.
if sniffer:
sniffer.stop()
return False
else:
try:
# Initialize the guest manager.
guest = GuestManager(machine.name, machine.ip, machine.platform)
# Start the analysis.
guest.start_analysis(options)
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
# Stop the sniffer.
if sniffer:
sniffer.stop()
return False
else:
# Wait for analysis completion.
try:
guest.wait_for_completion()
succeeded = True
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
succeeded = False
# Retrieve the analysis results and store them.
try:
guest.save_results(self.storage)
stored = True
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
stored = False
finally:
# Stop the sniffer.
if sniffer:
sniffer.stop()
# If the target is a file and the user enabled the option,
# delete the original copy.
if self.task.category == "file" and self.cfg.cuckoo.delete_original:
try:
os.remove(self.task.target)
except OSError as e:
log.error("Unable to delete original file at path \"%s\": "
"%s" % (self.task.target, e))
# Take a memory dump of the machine before shutting it off.
do_memory_dump = False
if self.cfg.cuckoo.memory_dump:
do_memory_dump = True
else:
if self.task.memory:
do_memory_dump = True
#.........这里部分代码省略.........
示例3: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import save_results [as 别名]
def launch_analysis(self):
"""Start analysis.
@raise CuckooAnalysisError: if unable to start analysis.
"""
log.info('Starting analysis of file "%s" (task=%s)' % (self.task.file_path, self.task.id))
if not os.path.exists(self.task.file_path):
raise CuckooAnalysisError(
'The file to analyze does not exist at path "%s", analysis aborted' % self.task.file_path
)
self.init_storage()
self.store_file()
options = self.build_options()
while True:
machine_lock.acquire()
vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
machine_lock.release()
if not vm:
log.debug("Task #%s: no machine available" % self.task.id)
time.sleep(1)
else:
log.info("Task #%s: acquired machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
break
# Initialize sniffer
if self.cfg.cuckoo.use_sniffer:
sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
sniffer.start(
interface=self.cfg.cuckoo.interface,
host=vm.ip,
file_path=os.path.join(self.analysis.results_folder, "dump.pcap"),
)
else:
sniffer = False
try:
# Start machine
mmanager.start(vm.label)
# Initialize guest manager
guest = GuestManager(vm.id, vm.ip, vm.platform)
# Launch analysis
guest.start_analysis(options)
# Wait for analysis to complete
success = guest.wait_for_completion()
# Stop sniffer
if sniffer:
sniffer.stop()
# Save results
guest.save_results(self.analysis.results_folder)
if not success:
raise CuckooAnalysisError("Task #%s: analysis failed, review previous errors" % self.task.id)
except (CuckooMachineError, CuckooGuestError) as e:
raise CuckooAnalysisError(e)
finally:
# Delete original file
if self.cfg.cuckoo.delete_original:
try:
os.remove(self.task.file_path)
except OSError as e:
log.error('Unable to delete original file at path "%s": %s' % (self.task.file_path, e))
try:
# Stop machine
mmanager.stop(vm.label)
# Release the machine from lock
log.debug("Task #%s: releasing machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
mmanager.release(vm.label)
except CuckooMachineError as e:
log.error("Unable to release vm %s, reason %s. You have to fix it manually" % (vm.label, e))
# Check analysis file size to avoid memory leaks.
try:
for csv in os.listdir(os.path.join(self.analysis.results_folder, "logs")):
csv = os.path.join(self.analysis.results_folder, "logs", csv)
if os.stat(csv).st_size > self.cfg.cuckoo.analysis_size_limit:
raise CuckooAnalysisError(
"Analysis file %s is too big to be processed. Analysis aborted. You can process it manually"
% csv
)
except OSError as e:
log.warning("Log access error for analysis #%s: %s" % (self.task.id, e))
# Launch reports generation
Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())
log.info("Task #%s: reports generation completed (path=%s)" % (self.task.id, self.analysis.results_folder))示例4: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import save_results [as 别名]
def launch_analysis(self):
"""Start analysis.
@raise CuckooAnalysisError: if unable to start analysis.
"""
log.info("Starting analysis of file \"%s\" (task=%s)" % (self.task.file_path, self.task.id))
if not os.path.exists(self.task.file_path):
raise CuckooAnalysisError("The file to analyze does not exist at path \"%s\", analysis aborted" % self.task.file_path)
self.init_storage()
self.store_file()
options = self.build_options()
while True:
machine_lock.acquire()
vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
machine_lock.release()
if not vm:
log.debug("Task #%s: no machine available" % self.task.id)
time.sleep(1)
else:
log.info("Task #%s: acquired machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
break
# Initialize sniffer
if self.cfg.cuckoo.use_sniffer:
sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
sniffer.start(interface=self.cfg.cuckoo.interface, host=vm.ip, file_path=os.path.join(self.analysis.results_folder, "dump.pcap"))
else:
sniffer = False
# Initialize VMWare ScreenShot
MachineManager()
module = MachineManager.__subclasses__()[0]
mman = module()
mman_conf = os.path.join(CUCKOO_ROOT, "conf", "%s.conf" % self.cfg.cuckoo.machine_manager)
if not os.path.exists(mman_conf):
raise CuckooMachineError("The configuration file for machine manager \"%s\" does not exist at path: %s"
% (self.cfg.cuckoo.machine_manager, mman_conf))
mman.set_options(Config(mman_conf))
mman.initialize(self.cfg.cuckoo.machine_manager)
screener = Screener(mman.options.vmware.path, vm.label, "avtest", "avtest", self.analysis.results_folder)
try:
# Start machine
mmanager.start(vm.label)
# Initialize guest manager
guest = GuestManager(vm.id, vm.ip, vm.platform)
# Launch analysis
guest.start_analysis(options)
# Start Screenshots
screener.start()
# Wait for analysis to complete
success = guest.wait_for_completion()
# Stop sniffer
if sniffer:
sniffer.stop()
# Stop Screenshots
if screener:
screener.stop()
if not success:
raise CuckooAnalysisError("Task #%s: analysis failed, review previous errors" % self.task.id)
# Save results
guest.save_results(self.analysis.results_folder)
except (CuckooMachineError, CuckooGuestError) as e:
raise CuckooAnalysisError(e)
#"""
finally:
# Stop machine
mmanager.stop(vm.label)
# Release the machine from lock
mmanager.release(vm.label)
#"""
# Launch reports generation
Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())
log.info("Task #%s: reports generation completed (path=%s)" % (self.task.id, self.analysis.results_folder))