本文整理汇总了Python中lib.cuckoo.core.guest.GuestManager.wait_for_completion方法的典型用法代码示例。如果您正苦于以下问题:Python GuestManager.wait_for_completion方法的具体用法?Python GuestManager.wait_for_completion怎么用?Python GuestManager.wait_for_completion使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类lib.cuckoo.core.guest.GuestManager
的用法示例。
在下文中一共展示了GuestManager.wait_for_completion方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: guest_manage
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def guest_manage(self, options):
# Handle a special case where we're creating a baseline report of this
# particular virtual machine - a report containing all the results
# that are gathered if no additional samples are ran in the VM. These
# results, such as loaded drivers and opened sockets in volatility, or
# DNS requests to hostnames related to Microsoft Windows, etc may be
# omitted or at the very least given less priority when creating a
# report for an analysis that ran on this VM later on.
if self.task.category == "baseline":
time.sleep(options["timeout"])
else:
# Initialize the guest manager.
guest = GuestManager(self.machine.name, self.machine.ip,
self.machine.platform, self.task.id)
# Start the analysis.
self.db.guest_set_status(self.task.id, "starting")
monitor = self.task.options.get("monitor", "latest")
guest.start_analysis(options, monitor)
# In case the Agent didn't respond and we force-quit the analysis
# at some point while it was still starting the analysis the state
# will be "stop" (or anything but "running", really).
if self.db.guest_get_status(self.task.id) == "starting":
self.db.guest_set_status(self.task.id, "running")
guest.wait_for_completion()
self.db.guest_set_status(self.task.id, "stopping")
示例2: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def launch_analysis(self):
"""Start analysis.
@raise CuckooAnalysisError: if unable to start analysis.
"""
log.info("Starting analysis of file \"%s\"" % self.task.file_path)
if not os.path.exists(self.task.file_path):
raise CuckooAnalysisError("The file to analyze does not exist at path \"%s\", analysis aborted" % self.task.file_path)
self.init_storage()
self.store_file()
options = self.build_options()
while True:
machine_lock.acquire()
vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
machine_lock.release()
if not vm:
log.debug("No machine available")
time.sleep(1)
else:
log.info("Acquired machine %s (Label: %s)" % (vm.id, vm.label))
break
# Initialize sniffer
if self.cfg.cuckoo.use_sniffer:
sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
sniffer.start(interface=self.cfg.cuckoo.interface, host=vm.ip, file_path=os.path.join(self.analysis.results_folder, "dump.pcap"))
else:
sniffer = False
try:
# Start machine
mmanager.start(vm.label)
# Initialize guest manager
guest = GuestManager(vm.ip, vm.platform)
# Launch analysis
guest.start_analysis(options)
# Wait for analysis to complete
success = guest.wait_for_completion()
# Stop sniffer
if sniffer:
sniffer.stop()
if not success:
raise CuckooAnalysisError("Analysis failed, review previous errors")
# Save results
guest.save_results(self.analysis.results_folder)
except (CuckooMachineError, CuckooGuestError) as e:
raise CuckooAnalysisError(e.message)
finally:
# Stop machine
mmanager.stop(vm.label)
# Release the machine from lock
mmanager.release(vm.label)
# Launch reports generation
Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())
log.info("Reports generation completed (path=%s)" % self.analysis.results_folder)
示例3: guest_manage
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def guest_manage(self, options):
# Handle a special case where we're creating a baseline report of this
# particular virtual machine - a report containing all the results
# that are gathered if no additional samples are ran in the VM. These
# results, such as loaded drivers and opened sockets in volatility, or
# DNS requests to hostnames related to Microsoft Windows, etc may be
# omitted or at the very least given less priority when creating a
# report for an analysis that ran on this VM later on.
if self.task.category == "baseline":
time.sleep(options["timeout"])
else:
# Initialize the guest manager.
guest = GuestManager(self.machine.name, self.machine.ip,
self.machine.platform)
# Start the analysis.
monitor = self.task.options.get("monitor", "latest")
guest.start_analysis(options, monitor)
guest.wait_for_completion()
示例4: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def launch_analysis(self):
"""Start analysis."""
succeeded = False
dead_machine = False
log.info("Starting analysis of %s \"%s\" (task=%d)",
self.task.category.upper(), self.task.target, self.task.id)
# Initialize the analysis folders.
if not self.init_storage():
return False
if self.task.category == "file":
# Check whether the file has been changed for some unknown reason.
# And fail this analysis if it has been modified.
if not self.check_file():
return False
# Store a copy of the original file.
if not self.store_file():
return False
# Acquire analysis machine.
try:
self.acquire_machine()
except CuckooOperationalError as e:
machine_lock.release()
log.error("Cannot acquire machine: {0}".format(e))
return False
# At this point we can tell the ResultServer about it.
try:
ResultServer().add_task(self.task, self.machine)
except Exception as e:
machinery.release(self.machine.label)
self.errors.put(e)
aux = RunAuxiliary(task=self.task, machine=self.machine)
aux.start()
# Generate the analysis configuration file.
options = self.build_options()
try:
unlocked = False
# Mark the selected analysis machine in the database as started.
guest_log = self.db.guest_start(self.task.id,
self.machine.name,
self.machine.label,
machinery.__class__.__name__)
# Start the machine.
machinery.start(self.machine.label)
# By the time start returns it will have fully started the Virtual
# Machine. We can now safely release the machine lock.
machine_lock.release()
unlocked = True
# Initialize the guest manager.
guest = GuestManager(self.machine.name, self.machine.ip,
self.machine.platform)
# Start the analysis.
guest.start_analysis(options)
guest.wait_for_completion()
succeeded = True
except CuckooMachineError as e:
if not unlocked:
machine_lock.release()
log.error(str(e), extra={"task_id": self.task.id})
dead_machine = True
except CuckooGuestError as e:
if not unlocked:
machine_lock.release()
log.error(str(e), extra={"task_id": self.task.id})
finally:
# Stop Auxiliary modules.
aux.stop()
# Take a memory dump of the machine before shutting it off.
if self.cfg.cuckoo.memory_dump or self.task.memory:
try:
dump_path = os.path.join(self.storage, "memory.dmp")
machinery.dump_memory(self.machine.label, dump_path)
except NotImplementedError:
log.error("The memory dump functionality is not available "
"for the current machine manager.")
except CuckooMachineError as e:
log.error(e)
try:
# Stop the analysis machine.
machinery.stop(self.machine.label)
except CuckooMachineError as e:
log.warning("Unable to stop machine %s: %s",
self.machine.label, e)
# Mark the machine in the database as stopped. Unless this machine
#.........这里部分代码省略.........
示例5: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def launch_analysis(self):
"""Start analysis."""
sniffer = None
succeeded = False
stored = False
log.info("Starting analysis of %s \"%s\" (task=%d)"
% (self.task.category.upper(),
self.task.target, self.task.id))
# Initialize the the analysis folders.
if not self.init_storage():
return False
if self.task.category == "file":
# Store a copy of the original file.
if not self.store_file():
return False
# Generate the analysis configuration file.
options = self.build_options()
# Acquire analysis machine.
machine = self.acquire_machine()
# If enabled in the configuration, start the tcpdump instance.
if self.cfg.sniffer.enabled:
sniffer = Sniffer(self.cfg.sniffer.tcpdump)
sniffer.start(interface=self.cfg.sniffer.interface,
host=machine.ip,
file_path=os.path.join(self.storage, "dump.pcap"))
try:
# Mark the selected analysis machine in the database as started.
guest_log = Database().guest_start(self.task.id,
machine.name,
machine.label,
mmanager.__class__.__name__)
# Start the machine.
mmanager.start(machine.label)
except CuckooMachineError as e:
log.error(str(e), extra={"task_id" : self.task.id})
# Stop the sniffer.
if sniffer:
sniffer.stop()
return False
else:
try:
# Initialize the guest manager.
guest = GuestManager(machine.name, machine.ip, machine.platform)
# Start the analysis.
guest.start_analysis(options)
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
# Stop the sniffer.
if sniffer:
sniffer.stop()
return False
else:
# Wait for analysis completion.
try:
guest.wait_for_completion()
succeeded = True
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
succeeded = False
# Retrieve the analysis results and store them.
try:
guest.save_results(self.storage)
stored = True
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
stored = False
finally:
# Stop the sniffer.
if sniffer:
sniffer.stop()
# If the target is a file and the user enabled the option,
# delete the original copy.
if self.task.category == "file" and self.cfg.cuckoo.delete_original:
try:
os.remove(self.task.target)
except OSError as e:
log.error("Unable to delete original file at path \"%s\": "
"%s" % (self.task.target, e))
# Take a memory dump of the machine before shutting it off.
do_memory_dump = False
if self.cfg.cuckoo.memory_dump:
do_memory_dump = True
else:
if self.task.memory:
do_memory_dump = True
#.........这里部分代码省略.........
示例6: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def launch_analysis(self):
"""Start analysis."""
sniffer = None
succeeded = False
log.info("Starting analysis of %s \"%s\" (task=%d)", self.task.category.upper(), self.task.target, self.task.id)
# Initialize the the analysis folders.
if not self.init_storage():
return False
if self.task.category == "file":
# Store a copy of the original file.
if not self.store_file():
return False
# Generate the analysis configuration file.
options = self.build_options()
# Acquire analysis machine.
machine = self.acquire_machine()
# At this point we can tell the Resultserver about it
try:
Resultserver().add_task(self.task, machine)
except Exception as e:
mmanager.release(machine.label)
self.errors.put(e)
# If enabled in the configuration, start the tcpdump instance.
if self.cfg.sniffer.enabled:
sniffer = Sniffer(self.cfg.sniffer.tcpdump)
sniffer.start(interface=self.cfg.sniffer.interface,
host=machine.ip,
file_path=os.path.join(self.storage, "dump.pcap"))
try:
# Mark the selected analysis machine in the database as started.
guest_log = Database().guest_start(self.task.id,
machine.name,
machine.label,
mmanager.__class__.__name__)
# Start the machine.
mmanager.start(machine.label)
except CuckooMachineError as e:
log.error(str(e), extra={"task_id" : self.task.id})
# Stop the sniffer.
if sniffer:
sniffer.stop()
return False
else:
try:
# Initialize the guest manager.
guest = GuestManager(machine.name, machine.ip, machine.platform)
# Start the analysis.
guest.start_analysis(options)
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
# Stop the sniffer.
if sniffer:
sniffer.stop()
return False
else:
# Wait for analysis completion.
try:
guest.wait_for_completion()
succeeded = True
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
succeeded = False
finally:
# Stop the sniffer.
if sniffer:
sniffer.stop()
# Take a memory dump of the machine before shutting it off.
if self.cfg.cuckoo.memory_dump or self.task.memory:
try:
mmanager.dump_memory(machine.label,
os.path.join(self.storage, "memory.dmp"))
except NotImplementedError:
log.error("The memory dump functionality is not available "
"for current machine manager")
except CuckooMachineError as e:
log.error(e)
try:
# Stop the analysis machine.
mmanager.stop(machine.label)
except CuckooMachineError as e:
log.warning("Unable to stop machine %s: %s", machine.label, e)
# Market the machine in the database as stopped.
Database().guest_stop(guest_log)
#.........这里部分代码省略.........
示例7: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def launch_analysis(self):
"""Start analysis."""
succeeded = False
dead_machine = False
log.info("Starting analysis of %s \"%s\" (task=%d)",
self.task.category.upper(), self.task.target, self.task.id)
# Initialize the the analysis folders.
if not self.init_storage():
return False
if self.task.category == "file":
# Check whether the file has been changed for some unknown reason.
# And fail this analysis if it has been modified.
if not self.check_file():
return False
# Store a copy of the original file.
if not self.store_file():
return False
# Acquire analysis machine.
try:
self.acquire_machine()
except CuckooOperationalError as e:
log.error("Cannot acquire machine: {0}".format(e))
return False
# Generate the analysis configuration file.
options = self.build_options()
# At this point we can tell the Resultserver about it.
try:
Resultserver().set_machinery(machinery)
Resultserver().add_task(self.task, self.machine)
except Exception as e:
machinery.release(self.machine.label)
self.errors.put(e)
aux = RunAuxiliary(task=self.task, machine=self.machine)
aux.start()
try:
# Mark the selected analysis machine in the database as started.
guest_log = Database().guest_start(self.task.id,
self.machine.name,
self.machine.label,
machinery.__class__.__name__)
# Start the machine.
# machinery.start(self.machine.label)
except CuckooMachineError as e:
log.error(str(e), extra={"task_id": self.task.id})
dead_machine = True
else:
try:
# Initialize the guest manager.
guest = GuestManager(self.machine.name, self.machine.ip, self.machine.platform)
# Start the analysis.
guest.start_analysis(options)
except CuckooGuestError as e:
log.error(str(e), extra={"task_id": self.task.id})
# Wait for analysis completion.
time_taken_for_analysis = 0
try:
guest.wait_for_completion(self.machine, self.storage, machinery)
succeeded = True
except CuckooGuestError as e:
log.error(str(e), extra={"task_id": self.task.id})
succeeded = False
finally:
"""
log.info("Taking last dump before terminating...")
mem_dir = os.path.join(self.storage, "memory", "dumps")
try:
os.makedirs(mem_dir)
except:
pass
if len (os.listdir(mem_dir)) == 0:
dump_dir = '1'
else:
dump_dir = str(int(max(os.listdir(mem_dir))) + 1)
try:
os.makedirs(os.path.join(mem_dir, dump_dir))
except:
pass
dump_path = os.path.join(mem_dir, dump_dir, "memory.dmp")
machinery.dump_memory(self.machine.label, dump_path)
info_dict = {"trigger": {"name" : "End", "args": {}}, "time" : str(time_taken_for_analysis)}
json.dump(info_dict, file(os.path.join(mem_dir, dump_dir, "info.json"),"wb"), sort_keys=False, indent=4)
"""
# Stop Auxiliary modules.
aux.stop()
try:
# Stop the analysis machine.
#.........这里部分代码省略.........
示例8: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
#.........这里部分代码省略.........
if fprobe:
fprobe.stop()
### JG: Stop fakeDNS
if fdns:
fdns.stop()
### JG: Disable NAT
if options["internet"]:
try:
pargs = ['/usr/bin/sudo', self.cfg.nat.disable]
disableNAT = subprocess.Popen(pargs, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
except (OSError, ValueError) as e:
log.error("Failed to enable NAT: %s" % (e))
return False
else:
try:
# Initialize the guest manager.
guest = GuestManager(machine.name, machine.ip, machine.platform)
# Start the analysis.
guest.start_analysis(options)
log.info("guest initialization successfull.")
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
# Stop the sniffer.
if sniffer:
sniffer.stop()
### JG: Stop netflow
if fprobe:
fprobe.stop()
### JG: Stop fakeDNS
if fdns:
fdns.stop()
### JG: Disable NAT
if options["internet"]:
try:
pargs = ['/usr/bin/sudo', self.cfg.nat.disable]
disableNAT = subprocess.Popen(pargs, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
except (OSError, ValueError) as e:
log.error("Failed to enable NAT: %s" % (e))
return False
else:
# Wait for analysis completion.
try:
guest.wait_for_completion()
succeeded = True
except CuckooGuestError as e:
log.error(str(e), extra={"task_id" : self.task.id})
succeeded = False
finally:
# Stop the sniffer.
if sniffer:
sniffer.stop()
### JG: Stop netflow
if fprobe:
fprobe.stop()
### JG: Stop fakeDNS
if fdns:
fdns.stop()
### JG: Disable NAT
if options["internet"]:
try:
pargs = ['/usr/bin/sudo', self.cfg.nat.disable]
disableNAT = subprocess.Popen(pargs, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
except (OSError, ValueError) as e:
log.error("Failed to enable NAT: %s" % (e))
# Take a memory dump of the machine before shutting it off.
if self.cfg.cuckoo.memory_dump or self.task.memory:
try:
mmanager.dump_memory(machine.label,
os.path.join(self.storage, "memory.dmp"))
except NotImplementedError:
log.error("The memory dump functionality is not available "
"for current machine manager")
except CuckooMachineError as e:
log.error(e)
try:
# Stop the analysis machine.
mmanager.stop(machine.label)
except CuckooMachineError as e:
log.warning("Unable to stop machine %s: %s", machine.label, e)
# Market the machine in the database as stopped.
Database().guest_stop(guest_log)
try:
# Release the analysis machine.
mmanager.release(machine.label)
except CuckooMachineError as e:
log.error("Unable to release machine %s, reason %s. "
"You might need to restore it manually", machine.label, e)
# after all this, we can make the Resultserver forget about it
Resultserver().del_task(self.task, machine)
return succeeded
示例9: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def launch_analysis(self):
"""Start analysis."""
succeeded = False
dead_machine = False
log.info("Starting analysis of %s \"%s\" (task=%d)",
self.task.category.upper(), self.task.target, self.task.id)
# Initialize the analysis folders.
if not self.init_storage():
return False
if self.task.category == "file":
sample = Database().view_sample(self.task.sample_id)
is_first_task = len(Database().list_tasks(experiment=self.task.experiment_id)) == 1
if is_first_task:
# Check whether the file has been changed for some unknown reason.
# And fail this analysis if it has been modified.
if not self.check_file():
return False
# Store a copy of the original file.
if not self.store_file():
return False
self.binary = os.path.join(CUCKOO_ROOT, "storage", "binaries", sample.sha256)
self.create_symlink()
# FIXME - Scheduling should happen at the end of the experiment, but
# since the management of the experiment is not final that
# will do it.
if self.task.repeat == TASK_RECURRENT:
Database().schedule(self.task.id)
# Acquire analysis machine.
try:
self.acquire_machine()
except CuckooOperationalError as e:
machine_lock.release()
log.error("Cannot acquire machine: {0}".format(e))
return False
# Generate the analysis configuration file.
options = self.build_options()
# At this point we can tell the ResultServer about it.
try:
ResultServer().add_task(self.task, self.machine)
except Exception as e:
machinery.release(self.machine.label)
self.errors.put(e)
aux = RunAuxiliary(task=self.task, machine=self.machine)
aux.start()
try:
# Mark the selected analysis machine in the database as started.
guest_log = Database().guest_start(self.task.id,
self.machine.name,
self.machine.label,
machinery.__class__.__name__)
# Starting the machinery takes some time. In order not to run into
# race conditions with max_machines_count because acquiring new
# machines takes place in parallel next to starting machines, for
# which it takes a little delay before the machines' status turns
# into "running", we hold the machine lock until the machine has
# fully started (or gives an error, of course).
try:
# Start the machine, revert only if we are the first task in
# the experiment.
machinery.start(self.machine.label, revert=is_first_task)
finally:
machine_lock.release()
# Initialize the guest manager.
# FIXME - The critical timeout options is analysis_timeout + 60 sec
# should it be configurable?
guest = GuestManager(self.machine.name,
self.machine.ip,
options["timeout"] + 60,
self.machine.platform)
# Start the analysis if we are the first task of a series
if is_first_task:
guest.start_analysis(options)
guest.wait_for_completion()
succeeded = True
except CuckooMachineError as e:
log.error(str(e), extra={"task_id": self.task.id})
dead_machine = True
except CuckooGuestError as e:
log.error(str(e), extra={"task_id": self.task.id})
finally:
# Stop Auxiliary modules.
aux.stop()
#.........这里部分代码省略.........
示例10: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def launch_analysis(self):
"""Start analysis.
@raise CuckooAnalysisError: if unable to start analysis.
"""
log.info('Starting analysis of file "%s" (task=%s)' % (self.task.file_path, self.task.id))
if not os.path.exists(self.task.file_path):
raise CuckooAnalysisError(
'The file to analyze does not exist at path "%s", analysis aborted' % self.task.file_path
)
self.init_storage()
self.store_file()
options = self.build_options()
while True:
machine_lock.acquire()
vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
machine_lock.release()
if not vm:
log.debug("Task #%s: no machine available" % self.task.id)
time.sleep(1)
else:
log.info("Task #%s: acquired machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
break
# Initialize sniffer
if self.cfg.cuckoo.use_sniffer:
sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
sniffer.start(
interface=self.cfg.cuckoo.interface,
host=vm.ip,
file_path=os.path.join(self.analysis.results_folder, "dump.pcap"),
)
else:
sniffer = False
try:
# Start machine
mmanager.start(vm.label)
# Initialize guest manager
guest = GuestManager(vm.id, vm.ip, vm.platform)
# Launch analysis
guest.start_analysis(options)
# Wait for analysis to complete
success = guest.wait_for_completion()
# Stop sniffer
if sniffer:
sniffer.stop()
# Save results
guest.save_results(self.analysis.results_folder)
if not success:
raise CuckooAnalysisError("Task #%s: analysis failed, review previous errors" % self.task.id)
except (CuckooMachineError, CuckooGuestError) as e:
raise CuckooAnalysisError(e)
finally:
# Delete original file
if self.cfg.cuckoo.delete_original:
try:
os.remove(self.task.file_path)
except OSError as e:
log.error('Unable to delete original file at path "%s": %s' % (self.task.file_path, e))
try:
# Stop machine
mmanager.stop(vm.label)
# Release the machine from lock
log.debug("Task #%s: releasing machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
mmanager.release(vm.label)
except CuckooMachineError as e:
log.error("Unable to release vm %s, reason %s. You have to fix it manually" % (vm.label, e))
# Check analysis file size to avoid memory leaks.
try:
for csv in os.listdir(os.path.join(self.analysis.results_folder, "logs")):
csv = os.path.join(self.analysis.results_folder, "logs", csv)
if os.stat(csv).st_size > self.cfg.cuckoo.analysis_size_limit:
raise CuckooAnalysisError(
"Analysis file %s is too big to be processed. Analysis aborted. You can process it manually"
% csv
)
except OSError as e:
log.warning("Log access error for analysis #%s: %s" % (self.task.id, e))
# Launch reports generation
Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())
log.info("Task #%s: reports generation completed (path=%s)" % (self.task.id, self.analysis.results_folder))
示例11: launch_analysis
# 需要导入模块: from lib.cuckoo.core.guest import GuestManager [as 别名]
# 或者: from lib.cuckoo.core.guest.GuestManager import wait_for_completion [as 别名]
def launch_analysis(self):
"""Start analysis.
@raise CuckooAnalysisError: if unable to start analysis.
"""
log.info("Starting analysis of file \"%s\" (task=%s)" % (self.task.file_path, self.task.id))
if not os.path.exists(self.task.file_path):
raise CuckooAnalysisError("The file to analyze does not exist at path \"%s\", analysis aborted" % self.task.file_path)
self.init_storage()
self.store_file()
options = self.build_options()
while True:
machine_lock.acquire()
vm = mmanager.acquire(machine_id=self.task.machine, platform=self.task.platform)
machine_lock.release()
if not vm:
log.debug("Task #%s: no machine available" % self.task.id)
time.sleep(1)
else:
log.info("Task #%s: acquired machine %s (label=%s)" % (self.task.id, vm.id, vm.label))
break
# Initialize sniffer
if self.cfg.cuckoo.use_sniffer:
sniffer = Sniffer(self.cfg.cuckoo.tcpdump)
sniffer.start(interface=self.cfg.cuckoo.interface, host=vm.ip, file_path=os.path.join(self.analysis.results_folder, "dump.pcap"))
else:
sniffer = False
# Initialize VMWare ScreenShot
MachineManager()
module = MachineManager.__subclasses__()[0]
mman = module()
mman_conf = os.path.join(CUCKOO_ROOT, "conf", "%s.conf" % self.cfg.cuckoo.machine_manager)
if not os.path.exists(mman_conf):
raise CuckooMachineError("The configuration file for machine manager \"%s\" does not exist at path: %s"
% (self.cfg.cuckoo.machine_manager, mman_conf))
mman.set_options(Config(mman_conf))
mman.initialize(self.cfg.cuckoo.machine_manager)
screener = Screener(mman.options.vmware.path, vm.label, "avtest", "avtest", self.analysis.results_folder)
try:
# Start machine
mmanager.start(vm.label)
# Initialize guest manager
guest = GuestManager(vm.id, vm.ip, vm.platform)
# Launch analysis
guest.start_analysis(options)
# Start Screenshots
screener.start()
# Wait for analysis to complete
success = guest.wait_for_completion()
# Stop sniffer
if sniffer:
sniffer.stop()
# Stop Screenshots
if screener:
screener.stop()
if not success:
raise CuckooAnalysisError("Task #%s: analysis failed, review previous errors" % self.task.id)
# Save results
guest.save_results(self.analysis.results_folder)
except (CuckooMachineError, CuckooGuestError) as e:
raise CuckooAnalysisError(e)
#"""
finally:
# Stop machine
mmanager.stop(vm.label)
# Release the machine from lock
mmanager.release(vm.label)
#"""
# Launch reports generation
Reporter(self.analysis.results_folder).run(Processor(self.analysis.results_folder).run())
log.info("Task #%s: reports generation completed (path=%s)" % (self.task.id, self.analysis.results_folder))