当前位置: 首页>>代码示例>>Python>>正文


Python GuestManager.start_analysis方法代码示例

本文整理汇总了Python中lib.cuckoo.core.guest.GuestManager.start_analysis方法的典型用法代码示例。如果您正苦于以下问题:Python GuestManager.start_analysis方法的具体用法?Python GuestManager.start_analysis怎么用?Python GuestManager.start_analysis使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在lib.cuckoo.core.guest.GuestManager的用法示例。


在下文中一共展示了GuestManager.start_analysis方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: guest_manage

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def guest_manage(self, options):
        # Handle a special case where we're creating a baseline report of this
        # particular virtual machine - a report containing all the results
        # that are gathered if no additional samples are ran in the VM. These
        # results, such as loaded drivers and opened sockets in volatility, or
        # DNS requests to hostnames related to Microsoft Windows, etc may be
        # omitted or at the very least given less priority when creating a
        # report for an analysis that ran on this VM later on.
        if self.task.category == "baseline":
            time.sleep(options["timeout"])
        else:
            # Initialize the guest manager.
            guest = GuestManager(self.machine.name, self.machine.ip,
                                 self.machine.platform, self.task.id)

            # Start the analysis.
            self.db.guest_set_status(self.task.id, "starting")
            monitor = self.task.options.get("monitor", "latest")
            guest.start_analysis(options, monitor)

            # In case the Agent didn't respond and we force-quit the analysis
            # at some point while it was still starting the analysis the state
            # will be "stop" (or anything but "running", really).
            if self.db.guest_get_status(self.task.id) == "starting":
                self.db.guest_set_status(self.task.id, "running")
                guest.wait_for_completion()

            self.db.guest_set_status(self.task.id, "stopping")
开发者ID:0x71,项目名称:cuckoo,代码行数:30,代码来源:scheduler.py

示例2: launch_analysis

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def launch_analysis(self):
        """Start analysis.
        @raise CuckooAnalysisError: if unable to start analysis.
        """
        log.info("Starting analysis of file \"%s\"" % self.task.file_path)

        if not os.path.exists(self.task.file_path):
            raise CuckooAnalysisError("The file to analyze does not exist at path \"%s\", analysis aborted" % self.task.file_path)

        self.init_storage()
        self.store_file()
        options = self.build_options()

        while True:
            machine_lock.acquire()
            vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
            machine_lock.release()
            if not vm:
                log.debug("No machine available")
                time.sleep(1)
            else:
                log.info("Acquired machine %s (Label: %s)" % (vm.id, vm.label))
                break

        # Initialize sniffer
        if self.cfg.cuckoo.use_sniffer:
            sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
            sniffer.start(interface=self.cfg.cuckoo.interface, host=vm.ip, file_path=os.path.join(self.analysis.results_folder, "dump.pcap"))
        else:
            sniffer = False

        try:
            # Start machine
            mmanager.start(vm.label)
            # Initialize guest manager
            guest = GuestManager(vm.ip, vm.platform)
            # Launch analysis
            guest.start_analysis(options)
            # Wait for analysis to complete
            success = guest.wait_for_completion()
            # Stop sniffer
            if sniffer:
                sniffer.stop()
    
            if not success:
                raise CuckooAnalysisError("Analysis failed, review previous errors")
            # Save results
            guest.save_results(self.analysis.results_folder)
        except (CuckooMachineError, CuckooGuestError) as e:
            raise CuckooAnalysisError(e.message)
        finally:
            # Stop machine
            mmanager.stop(vm.label)
            # Release the machine from lock
            mmanager.release(vm.label)

        # Launch reports generation
        Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())

        log.info("Reports generation completed (path=%s)" % self.analysis.results_folder)
开发者ID:Fuitad,项目名称:cuckoo-1,代码行数:62,代码来源:scheduler.py

示例3: guest_manage

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def guest_manage(self, options):
        # Handle a special case where we're creating a baseline report of this
        # particular virtual machine - a report containing all the results
        # that are gathered if no additional samples are ran in the VM. These
        # results, such as loaded drivers and opened sockets in volatility, or
        # DNS requests to hostnames related to Microsoft Windows, etc may be
        # omitted or at the very least given less priority when creating a
        # report for an analysis that ran on this VM later on.
        if self.task.category == "baseline":
            time.sleep(options["timeout"])
        else:
            # Initialize the guest manager.
            guest = GuestManager(self.machine.name, self.machine.ip,
                                 self.machine.platform)

            # Start the analysis.
            monitor = self.task.options.get("monitor", "latest")
            guest.start_analysis(options, monitor)

            guest.wait_for_completion()
开发者ID:open-nsm,项目名称:dockoo-cuckoo,代码行数:22,代码来源:scheduler.py

示例4: launch_analysis

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def launch_analysis(self):
        """Start analysis."""
        succeeded = False
        dead_machine = False

        log.info("Starting analysis of %s \"%s\" (task=%d)",
                 self.task.category.upper(), self.task.target, self.task.id)

        # Initialize the analysis folders.
        if not self.init_storage():
            return False

        if self.task.category == "file":
            # Check whether the file has been changed for some unknown reason.
            # And fail this analysis if it has been modified.
            if not self.check_file():
                return False

            # Store a copy of the original file.
            if not self.store_file():
                return False

        # Acquire analysis machine.
        try:
            self.acquire_machine()
        except CuckooOperationalError as e:
            machine_lock.release()
            log.error("Cannot acquire machine: {0}".format(e))
            return False

        # At this point we can tell the ResultServer about it.
        try:
            ResultServer().add_task(self.task, self.machine)
        except Exception as e:
            machinery.release(self.machine.label)
            self.errors.put(e)

        aux = RunAuxiliary(task=self.task, machine=self.machine)
        aux.start()

        # Generate the analysis configuration file.
        options = self.build_options()

        try:
            unlocked = False

            # Mark the selected analysis machine in the database as started.
            guest_log = self.db.guest_start(self.task.id,
                                            self.machine.name,
                                            self.machine.label,
                                            machinery.__class__.__name__)
            # Start the machine.
            machinery.start(self.machine.label)

            # By the time start returns it will have fully started the Virtual
            # Machine. We can now safely release the machine lock.
            machine_lock.release()
            unlocked = True

            # Initialize the guest manager.
            guest = GuestManager(self.machine.name, self.machine.ip,
                                 self.machine.platform)

            # Start the analysis.
            guest.start_analysis(options)

            guest.wait_for_completion()
            succeeded = True
        except CuckooMachineError as e:
            if not unlocked:
                machine_lock.release()
            log.error(str(e), extra={"task_id": self.task.id})
            dead_machine = True
        except CuckooGuestError as e:
            if not unlocked:
                machine_lock.release()
            log.error(str(e), extra={"task_id": self.task.id})
        finally:
            # Stop Auxiliary modules.
            aux.stop()

            # Take a memory dump of the machine before shutting it off.
            if self.cfg.cuckoo.memory_dump or self.task.memory:
                try:
                    dump_path = os.path.join(self.storage, "memory.dmp")
                    machinery.dump_memory(self.machine.label, dump_path)
                except NotImplementedError:
                    log.error("The memory dump functionality is not available "
                              "for the current machine manager.")
                except CuckooMachineError as e:
                    log.error(e)

            try:
                # Stop the analysis machine.
                machinery.stop(self.machine.label)
            except CuckooMachineError as e:
                log.warning("Unable to stop machine %s: %s",
                            self.machine.label, e)

            # Mark the machine in the database as stopped. Unless this machine
#.........这里部分代码省略.........
开发者ID:Sunrel,项目名称:cuckoo,代码行数:103,代码来源:scheduler.py

示例5: launch_analysis

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def launch_analysis(self):
        """Start analysis."""
        sniffer = None
        succeeded = False
        stored = False

        log.info("Starting analysis of %s \"%s\" (task=%d)"
                 % (self.task.category.upper(),
                    self.task.target, self.task.id))

        # Initialize the the analysis folders.
        if not self.init_storage():
            return False

        if self.task.category == "file":
            # Store a copy of the original file.
            if not self.store_file():
                return False

        # Generate the analysis configuration file.
        options = self.build_options()

        # Acquire analysis machine.
        machine = self.acquire_machine()

        # If enabled in the configuration, start the tcpdump instance.
        if self.cfg.sniffer.enabled:
            sniffer = Sniffer(self.cfg.sniffer.tcpdump)
            sniffer.start(interface=self.cfg.sniffer.interface,
                          host=machine.ip,
                          file_path=os.path.join(self.storage, "dump.pcap"))

        try:
            # Mark the selected analysis machine in the database as started.
            guest_log = Database().guest_start(self.task.id,
                                               machine.name,
                                               machine.label,
                                               mmanager.__class__.__name__)
            # Start the machine.
            mmanager.start(machine.label)
        except CuckooMachineError as e:
            log.error(str(e), extra={"task_id" : self.task.id})

            # Stop the sniffer.
            if sniffer:
                sniffer.stop()

            return False
        else:
            try:
                # Initialize the guest manager.
                guest = GuestManager(machine.name, machine.ip, machine.platform)
                # Start the analysis.
                guest.start_analysis(options)
            except CuckooGuestError as e:
                log.error(str(e), extra={"task_id" : self.task.id})

                # Stop the sniffer.
                if sniffer:
                    sniffer.stop()

                return False
            else:
                # Wait for analysis completion.
                try:
                    guest.wait_for_completion()
                    succeeded = True
                except CuckooGuestError as e:
                    log.error(str(e), extra={"task_id" : self.task.id})
                    succeeded = False

                # Retrieve the analysis results and store them.
                try:
                    guest.save_results(self.storage)
                    stored = True
                except CuckooGuestError as e:
                    log.error(str(e), extra={"task_id" : self.task.id})
                    stored = False
        finally:
            # Stop the sniffer.
            if sniffer:
                sniffer.stop()

            # If the target is a file and the user enabled the option,
            # delete the original copy.
            if self.task.category == "file" and self.cfg.cuckoo.delete_original:
                try:
                    os.remove(self.task.target)
                except OSError as e:
                    log.error("Unable to delete original file at path \"%s\": "
                              "%s" % (self.task.target, e))

            # Take a memory dump of the machine before shutting it off.
            do_memory_dump = False
            if self.cfg.cuckoo.memory_dump:
                do_memory_dump = True
            else:
                if self.task.memory:
                    do_memory_dump = True

#.........这里部分代码省略.........
开发者ID:Missuniverse110,项目名称:cuckoo,代码行数:103,代码来源:scheduler.py

示例6: launch_analysis

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def launch_analysis(self):
        """Start analysis."""
        sniffer = None
        succeeded = False

        log.info("Starting analysis of %s \"%s\" (task=%d)", self.task.category.upper(), self.task.target, self.task.id)

        # Initialize the the analysis folders.
        if not self.init_storage():
            return False

        if self.task.category == "file":
            # Store a copy of the original file.
            if not self.store_file():
                return False

        # Generate the analysis configuration file.
        options = self.build_options()

        # Acquire analysis machine.
        machine = self.acquire_machine()

        # At this point we can tell the Resultserver about it
        try:
            Resultserver().add_task(self.task, machine)
        except Exception as e:
            mmanager.release(machine.label)
            self.errors.put(e)

        # If enabled in the configuration, start the tcpdump instance.
        if self.cfg.sniffer.enabled:
            sniffer = Sniffer(self.cfg.sniffer.tcpdump)
            sniffer.start(interface=self.cfg.sniffer.interface,
                          host=machine.ip,
                          file_path=os.path.join(self.storage, "dump.pcap"))

        try:
            # Mark the selected analysis machine in the database as started.
            guest_log = Database().guest_start(self.task.id,
                                               machine.name,
                                               machine.label,
                                               mmanager.__class__.__name__)
            # Start the machine.
            mmanager.start(machine.label)
        except CuckooMachineError as e:
            log.error(str(e), extra={"task_id" : self.task.id})

            # Stop the sniffer.
            if sniffer:
                sniffer.stop()

            return False
        else:
            try:
                # Initialize the guest manager.
                guest = GuestManager(machine.name, machine.ip, machine.platform)
                # Start the analysis.
                guest.start_analysis(options)
            except CuckooGuestError as e:
                log.error(str(e), extra={"task_id" : self.task.id})

                # Stop the sniffer.
                if sniffer:
                    sniffer.stop()

                return False
            else:
                # Wait for analysis completion.
                try:
                    guest.wait_for_completion()
                    succeeded = True
                except CuckooGuestError as e:
                    log.error(str(e), extra={"task_id" : self.task.id})
                    succeeded = False

        finally:
            # Stop the sniffer.
            if sniffer:
                sniffer.stop()

            # Take a memory dump of the machine before shutting it off.
            if self.cfg.cuckoo.memory_dump or self.task.memory:
                try:
                    mmanager.dump_memory(machine.label,
                                         os.path.join(self.storage, "memory.dmp"))
                except NotImplementedError:
                    log.error("The memory dump functionality is not available "
                              "for current machine manager")
                except CuckooMachineError as e:
                    log.error(e)

            try:
                # Stop the analysis machine.
                mmanager.stop(machine.label)
            except CuckooMachineError as e:
                log.warning("Unable to stop machine %s: %s", machine.label, e)

            # Market the machine in the database as stopped.
            Database().guest_stop(guest_log)

#.........这里部分代码省略.........
开发者ID:0day1day,项目名称:cuckoo,代码行数:103,代码来源:scheduler.py

示例7: launch_analysis

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def launch_analysis(self):
        """Start analysis."""
        succeeded = False
        dead_machine = False

        log.info("Starting analysis of %s \"%s\" (task=%d)",
                 self.task.category.upper(), self.task.target, self.task.id)
        # Initialize the the analysis folders.
        if not self.init_storage():
            return False
	if self.task.category == "file":
	    # Check whether the file has been changed for some unknown reason.
            # And fail this analysis if it has been modified.
            	if not self.check_file():
                	return False

            # Store a copy of the original file.
                if not self.store_file():
                        return False


	# Acquire analysis machine.
        try:
            self.acquire_machine()
        except CuckooOperationalError as e:
            log.error("Cannot acquire machine: {0}".format(e))
            return False

        # Generate the analysis configuration file.
        options = self.build_options()

        # At this point we can tell the Resultserver about it.
        try:
	    Resultserver().set_machinery(machinery)
            Resultserver().add_task(self.task, self.machine)
        except Exception as e:
            machinery.release(self.machine.label)
            self.errors.put(e)

        aux = RunAuxiliary(task=self.task, machine=self.machine)
        aux.start()

        try:
	    
            # Mark the selected analysis machine in the database as started.
            guest_log = Database().guest_start(self.task.id,
                                               self.machine.name,
                                               self.machine.label,
                                               machinery.__class__.__name__)
            # Start the machine.
            # machinery.start(self.machine.label)
	except CuckooMachineError as e:
            log.error(str(e), extra={"task_id": self.task.id})
            dead_machine = True
        else:
            try:
                # Initialize the guest manager.
                guest = GuestManager(self.machine.name, self.machine.ip, self.machine.platform)
                # Start the analysis.
                guest.start_analysis(options)
            except CuckooGuestError as e:
                log.error(str(e), extra={"task_id": self.task.id})
                
	    
	    # Wait for analysis completion.
	    time_taken_for_analysis = 0
            try:
                guest.wait_for_completion(self.machine, self.storage, machinery)
                succeeded = True
            except CuckooGuestError as e:
                log.error(str(e), extra={"task_id": self.task.id})
                succeeded = False

        finally:
	    """
	    log.info("Taking last dump before terminating...")
	    mem_dir = os.path.join(self.storage, "memory", "dumps")
            try:
            	os.makedirs(mem_dir)
            except:
                pass
            if len (os.listdir(mem_dir)) == 0:
            	dump_dir = '1'
            else:
                dump_dir = str(int(max(os.listdir(mem_dir))) + 1)
            try:
                os.makedirs(os.path.join(mem_dir, dump_dir))
            except:
                pass
            dump_path = os.path.join(mem_dir, dump_dir, "memory.dmp")
	    machinery.dump_memory(self.machine.label, dump_path)
	    info_dict = {"trigger": {"name" : "End", "args": {}}, "time" : str(time_taken_for_analysis)}
	    json.dump(info_dict, file(os.path.join(mem_dir, dump_dir, "info.json"),"wb"), sort_keys=False, indent=4)
	    """
            # Stop Auxiliary modules.
            aux.stop()

             
            try:
                # Stop the analysis machine.
#.........这里部分代码省略.........
开发者ID:Hardknox,项目名称:MemoryAnalysis,代码行数:103,代码来源:scheduler.py

示例8: launch_analysis

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]

#.........这里部分代码省略.........
            # Mark the selected analysis machine in the database as started.
            guest_log = Database().guest_start(self.task.id,
                                               machine.name,
                                               machine.label,
                                               mmanager.__class__.__name__)
            # Start the machine.
            mmanager.start(machine.label)
        except CuckooMachineError as e:
            log.error(str(e), extra={"task_id" : self.task.id})

            # Stop the sniffer.
            if sniffer:
                sniffer.stop()
            ### JG: Stop netflow
            if fprobe:
                fprobe.stop()
            ### JG: Stop fakeDNS
            if fdns:
                fdns.stop()
            ### JG: Disable NAT
            if options["internet"]:
                try:
                    pargs = ['/usr/bin/sudo', self.cfg.nat.disable]
                    disableNAT = subprocess.Popen(pargs, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
                except (OSError, ValueError) as e:
                    log.error("Failed to enable NAT: %s" % (e))

            return False
        else:
            try:
                # Initialize the guest manager.
                guest = GuestManager(machine.name, machine.ip, machine.platform)
                # Start the analysis.
                guest.start_analysis(options)
		log.info("guest initialization successfull.")
            except CuckooGuestError as e:
                log.error(str(e), extra={"task_id" : self.task.id})

                # Stop the sniffer.
                if sniffer:
                    sniffer.stop()
                ### JG: Stop netflow
                if fprobe:
                    fprobe.stop()
                ### JG: Stop fakeDNS
                if fdns:
                    fdns.stop()
                ### JG: Disable NAT
                if options["internet"]:
                    try:
                        pargs = ['/usr/bin/sudo', self.cfg.nat.disable]
                        disableNAT = subprocess.Popen(pargs, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
                    except (OSError, ValueError) as e:
                        log.error("Failed to enable NAT: %s" % (e))

                return False
            else:
                # Wait for analysis completion.
                try:
                    guest.wait_for_completion()
                    succeeded = True
                except CuckooGuestError as e:
                    log.error(str(e), extra={"task_id" : self.task.id})
                    succeeded = False

        finally:
开发者ID:zeroq,项目名称:cuckoo,代码行数:70,代码来源:scheduler.py

示例9: launch_analysis

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def launch_analysis(self):
        """Start analysis."""
        succeeded = False
        dead_machine = False

        log.info("Starting analysis of %s \"%s\" (task=%d)",
                 self.task.category.upper(), self.task.target, self.task.id)

        # Initialize the analysis folders.
        if not self.init_storage():
            return False

        if self.task.category == "file":
            sample = Database().view_sample(self.task.sample_id)

            is_first_task = len(Database().list_tasks(experiment=self.task.experiment_id)) == 1

            if is_first_task:
                # Check whether the file has been changed for some unknown reason.
                # And fail this analysis if it has been modified.
                if not self.check_file():
                    return False

                # Store a copy of the original file.
                if not self.store_file():
                    return False

            self.binary = os.path.join(CUCKOO_ROOT, "storage", "binaries", sample.sha256)

            self.create_symlink()

        # FIXME - Scheduling should happen at the end of the experiment, but
        #           since the management of the experiment is not final that
        #           will do it.
        if self.task.repeat == TASK_RECURRENT:
            Database().schedule(self.task.id)

        # Acquire analysis machine.
        try:
            self.acquire_machine()
        except CuckooOperationalError as e:
            machine_lock.release()
            log.error("Cannot acquire machine: {0}".format(e))
            return False

        # Generate the analysis configuration file.
        options = self.build_options()

        # At this point we can tell the ResultServer about it.
        try:
            ResultServer().add_task(self.task, self.machine)
        except Exception as e:
            machinery.release(self.machine.label)
            self.errors.put(e)

        aux = RunAuxiliary(task=self.task, machine=self.machine)
        aux.start()

        try:
            # Mark the selected analysis machine in the database as started.
            guest_log = Database().guest_start(self.task.id,
                                               self.machine.name,
                                               self.machine.label,
                                               machinery.__class__.__name__)

            # Starting the machinery takes some time. In order not to run into
            # race conditions with max_machines_count because acquiring new
            # machines takes place in parallel next to starting machines, for
            # which it takes a little delay before the machines' status turns
            # into "running", we hold the machine lock until the machine has
            # fully started (or gives an error, of course).
            try:
                # Start the machine, revert only if we are the first task in
                # the experiment.
                machinery.start(self.machine.label, revert=is_first_task)
            finally:
                machine_lock.release()

            # Initialize the guest manager.
            # FIXME - The critical timeout options is analysis_timeout + 60 sec
            #           should it be configurable?
            guest = GuestManager(self.machine.name,
                                 self.machine.ip,
                                 options["timeout"] + 60,
                                 self.machine.platform)

            # Start the analysis if we are the first task of a series
            if is_first_task:
                guest.start_analysis(options)

            guest.wait_for_completion()
            succeeded = True
        except CuckooMachineError as e:
            log.error(str(e), extra={"task_id": self.task.id})
            dead_machine = True
        except CuckooGuestError as e:
            log.error(str(e), extra={"task_id": self.task.id})
        finally:
            # Stop Auxiliary modules.
            aux.stop()
#.........这里部分代码省略.........
开发者ID:uCares,项目名称:longcuckoo,代码行数:103,代码来源:scheduler.py

示例10: launch_analysis

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def launch_analysis(self):
        """Start analysis.
        @raise CuckooAnalysisError: if unable to start analysis.
        """
        log.info('Starting analysis of file "%s" (task=%s)' % (self.task.file_path, self.task.id))

        if not os.path.exists(self.task.file_path):
            raise CuckooAnalysisError(
                'The file to analyze does not exist at path "%s", analysis aborted' % self.task.file_path
            )

        self.init_storage()
        self.store_file()
        options = self.build_options()

        while True:
            machine_lock.acquire()
            vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
            machine_lock.release()
            if not vm:
                log.debug("Task #%s: no machine available" % self.task.id)
                time.sleep(1)
            else:
                log.info("Task #%s: acquired machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
                break

        # Initialize sniffer
        if self.cfg.cuckoo.use_sniffer:
            sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
            sniffer.start(
                interface=self.cfg.cuckoo.interface,
                host=vm.ip,
                file_path=os.path.join(self.analysis.results_folder, "dump.pcap"),
            )
        else:
            sniffer = False

        try:
            # Start machine
            mmanager.start(vm.label)
            # Initialize guest manager
            guest = GuestManager(vm.id, vm.ip, vm.platform)
            # Launch analysis
            guest.start_analysis(options)
            # Wait for analysis to complete
            success = guest.wait_for_completion()
            # Stop sniffer
            if sniffer:
                sniffer.stop()

            # Save results
            guest.save_results(self.analysis.results_folder)

            if not success:
                raise CuckooAnalysisError("Task #%s: analysis failed, review previous errors" % self.task.id)
        except (CuckooMachineError, CuckooGuestError) as e:
            raise CuckooAnalysisError(e)
        finally:
            # Delete original file
            if self.cfg.cuckoo.delete_original:
                try:
                    os.remove(self.task.file_path)
                except OSError as e:
                    log.error('Unable to delete original file at path "%s": %s' % (self.task.file_path, e))
            try:
                # Stop machine
                mmanager.stop(vm.label)
                # Release the machine from lock
                log.debug("Task #%s: releasing machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
                mmanager.release(vm.label)
            except CuckooMachineError as e:
                log.error("Unable to release vm %s, reason %s. You have to fix it manually" % (vm.label, e))

        # Check analysis file size to avoid memory leaks.
        try:
            for csv in os.listdir(os.path.join(self.analysis.results_folder, "logs")):
                csv = os.path.join(self.analysis.results_folder, "logs", csv)
                if os.stat(csv).st_size > self.cfg.cuckoo.analysis_size_limit:
                    raise CuckooAnalysisError(
                        "Analysis file %s is too big to be processed. Analysis aborted. You can process it manually"
                        % csv
                    )
        except OSError as e:
            log.warning("Log access error for analysis #%s: %s" % (self.task.id, e))

        # Launch reports generation
        Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())

        log.info("Task #%s: reports generation completed (path=%s)" % (self.task.id, self.analysis.results_folder))
开发者ID:kevinbenton,项目名称:cuckoo,代码行数:91,代码来源:scheduler.py

示例11: launch_analysis

# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import start_analysis [as 别名]
    def launch_analysis(self):
        """Start analysis.
        @raise CuckooAnalysisError: if unable to start analysis.
        """
        log.info("Starting analysis of file \"%s\" (task=%s)" % (self.task.file_path, self.task.id))

        if not os.path.exists(self.task.file_path):
            raise CuckooAnalysisError("The file to analyze does not exist at path \"%s\", analysis aborted" % self.task.file_path)

        self.init_storage()
        self.store_file()
        options = self.build_options()
        
        while True:
            machine_lock.acquire()
            vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
            machine_lock.release()
            if not vm:
                log.debug("Task #%s: no machine available" % self.task.id)
                time.sleep(1)
            else:
                log.info("Task #%s: acquired machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
                break

        # Initialize sniffer
        if self.cfg.cuckoo.use_sniffer:
            sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
            sniffer.start(interface=self.cfg.cuckoo.interface, host=vm.ip, file_path=os.path.join(self.analysis.results_folder, "dump.pcap"))
        else:
            sniffer = False

        # Initialize VMWare ScreenShot
        MachineManager()
        module = MachineManager.__subclasses__()[0]
        mman = module()
        mman_conf = os.path.join(CUCKOO_ROOT, "conf", "%s.conf" % self.cfg.cuckoo.machine_manager)
        if not os.path.exists(mman_conf):
            raise CuckooMachineError("The configuration file for machine manager \"%s\" does not exist at path: %s"
                                     % (self.cfg.cuckoo.machine_manager, mman_conf))
        mman.set_options(Config(mman_conf))
        mman.initialize(self.cfg.cuckoo.machine_manager)
        screener = Screener(mman.options.vmware.path, vm.label, "avtest", "avtest", self.analysis.results_folder)
        
        try:
            # Start machine
            mmanager.start(vm.label)
            # Initialize guest manager
            guest = GuestManager(vm.id, vm.ip, vm.platform)
            # Launch analysis
            guest.start_analysis(options)
            # Start Screenshots
            screener.start()
            # Wait for analysis to complete
            success = guest.wait_for_completion()
            # Stop sniffer
            if sniffer:
                sniffer.stop()
            # Stop Screenshots
            if screener:
                screener.stop()
            if not success:
                raise CuckooAnalysisError("Task #%s: analysis failed, review previous errors" % self.task.id)
            # Save results
            guest.save_results(self.analysis.results_folder)
        except (CuckooMachineError, CuckooGuestError) as e:
            raise CuckooAnalysisError(e)
        #"""
        finally:
            # Stop machine
            mmanager.stop(vm.label)
            # Release the machine from lock
            mmanager.release(vm.label)
        #"""
        # Launch reports generation
        Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())

        log.info("Task #%s: reports generation completed (path=%s)" % (self.task.id, self.analysis.results_folder))
开发者ID:BwRy,项目名称:test-av,代码行数:79,代码来源:scheduler.py


注:本文中的lib.cuckoo.core.guest.GuestManager.start_analysis方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。