Comments (5)
kevoreilly
commented on July 19, 2024
I have been pondering this - my current plan is to make a 'wget' package which will run wget in the vm with the supplied url then the package will launch and monitor the result. Obviously this requires internet access for the windows hosts so for the moment this won't work on the public instance! But I do think it's important to route the download through the same internet connection as would be used for the target hosts, rather than using that of the server.
from cape.
redsand
commented on July 19, 2024
I agree with this strategy. It should be handled by the agent, imo
from cape.
kevoreilly
commented on July 19, 2024
Ok I have just pushed a new 'wget' package to allow this, along with a wget binary in 337e2a5.
You now can submit the malware URL in the URL bar, choose wget package and it should do the rest - it will attempt to download the URL via wget then launch the file.
There is one major limitation still: the file doesn't appear in static analysis. As it was downloaded by wget it's not properly registered in cape as the file 'of interest' - at some point it would be nice to complete this by getting the static analysis working too.
from cape.
doomedraven
commented on July 19, 2024
implemented here kevoreilly#154
from cape.
kevoreilly
commented on July 19, 2024
Thank you @doomedraven!
from cape.
Related Issues (20)
- Alembic not updating db properly HOT 5
- Error when installing from requirements.txt HOT 4
- VPN not selectable in Web Interface HOT 36
- x64 DLL Extraction module doesn't work HOT 1
- Which commit was capemon.dll compiled from HOT 4
- Small bug on web UI submission template HOT 1
- File not detected as being in VT HOT 2
- Injection vs Extraction HOT 4
- Agent.py HOT 3
- KeyError: (<weakref at 0x7fbf4a8f5d68; to 'function' at 0x7fbf43b9dd90 (go)>,) HOT 4
- Permission for Scraping https://www.capesandbox.com/analysis/ HOT 2
- [Feature Request] Add support for Unfurl HOT 1
- Invalid URL under C2Server HOT 1
- Memory Dump on proxmox HOT 1
- Samples not analyzed on Linux guest (Ubuntu 18.04 32-bits) HOT 2
- The PCAP file does not exist
- Result Server Binding error HOT 1
- Cape Sandbox linux analysis
- Linux Analysis of Cape Sandbox
- Getting zero mal score in linux analysis
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cape.