Skip to content

Tips'n'Tricks

Jump to bottom
doomedraven edited this page Jul 14, 2021 · 5 revisions

ToDo

  • Add TOC

Here we will collect all our small tips and tricks which isn't documentad and you can find them only by reading code

Stop CAPE for maintenance

  • Details can be found in this commit
  • To stop it just execute
    • ps aux|grep "python3 cuckoo.py"|awk '{ print $2 }'| xargs kill -1

How to debug analyzer and any script that executes inside of the virtual machine

  1. Ensure that you stopped all required services as systemctl stop cape.service
  2. Start cape as CAPE_DBG=1 python3 cuckoo.py -d
  3. Add a new task, DISABLE human interaction emulation checkbox, set very high timeout like 1000
  4. Once task start, core will upload analyzer folder to virtual machine
  5. Attach to virtual machine
  6. Start analyzer.py by hand in cmd.exe with admin privilages:
    • Ex: c:\windows\py.exe c:\tmp\analyzer.py
  7. You will see what fails, and if you don't, add more debugging lines or attach pdb or any other tool that you like
Clone this wiki locally