Errors in bypass_uac.py and misc.py after plugins update
pschivo opened this issue · 3 comments
About accounts on capesandbox.com
- Issues isn't the way to ask for account activation. Ping capesandbox in Twitter with your username
This is open source and you are getting free support so be friendly!
Prerequisites
Please answer the following questions for yourself before submitting an issue.
- I am running the latest version
- I did read the README!
- I checked the documentation and found no answer
- I checked to make sure that this issue has not already been filed
- I'm reporting the issue to the correct repository (for multi-repository projects)
- I have read and checked all configs (with all optional parts)
Expected Behavior
Submit an URL analysis, get task id and results.
Current Behavior
After VM is turned off, doing a "tail -f log/processing.log" i can see that two python scripts are failing after the last update:
Task finishes but with errors as you can see above.
Failure Information (for bugs)
Steps to Reproduce
- Get your CAPE at latest version
- Submit a URL to CAPE
- Wait until it finishes
Context
Please provide any relevant information about your setup. This is important in case the issue is not reproducible except for under certain conditions. Operating system version, bitness, installed software versions, test sample details/hash/binary (if applicable).
| Question | Answer |
|---|---|
| Git commit | commit ffb167694c75a6e3e075110196bd5205669ea637 |
| OS version | Ubuntu 22.04.5 LTS |
Failure Logs
2024-10-30 09:17:07,793 [Task 625] [lib.cuckoo.core.plugins] ERROR: Failed to run signature "uac_bypass_cmstpcom": unbalanced parenthesis at position 29
Traceback (most recent call last):
File "/opt/CAPEv2/utils/../lib/cuckoo/core/plugins.py", line 499, in process
data = signature.run()
File "/opt/CAPEv2/utils/../modules/signatures/windows/bypass_uac.py", line 215, in run
match = self.check_executed_command(pattern=indicator, regex=True)
File "/opt/CAPEv2/utils/../lib/cuckoo/common/abstracts.py", line 1234, in check_executed_command
return self._check_value(pattern=pattern, subject=subject, regex=regex, all=all, ignorecase=ignorecase)
File "/opt/CAPEv2/utils/../lib/cuckoo/common/abstracts.py", line 1039, in _check_value
exp = re.compile(pattern, re.IGNORECASE)
File "/usr/lib/python3.10/re.py", line 251, in compile
return _compile(pattern, flags)
File "/usr/lib/python3.10/re.py", line 303, in _compile
p = sre_compile.compile(pattern, flags)
File "/usr/lib/python3.10/sre_compile.py", line 788, in compile
p = sre_parse.parse(p, flags)
File "/usr/lib/python3.10/sre_parse.py", line 969, in parse
raise source.error("unbalanced parenthesis")
re.error: unbalanced parenthesis at position 29
2024-10-30 09:17:07,796 [Task 625] [lib.cuckoo.core.plugins] ERROR: Failed to run signature "registry_credential_store_access": 'target'
2024-10-30 09:17:38,529 [root] INFO: Reports generation completed for Task #625
I also send you the two files i've modified in order to evaluate if they must be replaced. (just remove ".txt" extension)
Additional information:
After replace those two files with mine, it works, but after doing a "python3 community.py -waf -cr" which is a cron task, the error appears again.
hey, that is community, not capev2 repo, FYI. you can PR fixes there instead of attach it here
Oh, sorry, misunderstood. Thanks!