Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ruff #2410

Merged
merged 15 commits into from
Feb 2, 2025
Prev Previous commit
Next Next commit
first batch of fixes
doomedraven committed Dec 3, 2024
commit 36246e200c7296635285b3147f7268cf26260413
2 changes: 1 addition & 1 deletion analyzer/linux/lib/common/results.py
Original file line number Diff line number Diff line change
@@ -38,7 +38,7 @@ def upload_to_host(file_path, dump_path, pids="", ppids="", metadata="", categor
nc.send(buf, retry=True)
buf = infd.read(BUFSIZE)
except Exception as e:
log.error("Exception uploading file %s to host: %s", file_path, e, exc_info=True)
log.exception("Exception uploading file %s to host: %s", file_path, e)
finally:
if nc:
nc.close()
9 changes: 4 additions & 5 deletions analyzer/windows/analyzer.py
Original file line number Diff line number Diff line change
@@ -691,7 +691,7 @@ def analysis_loop(self, aux_modules):
try:
Process(pid=pid).upload_memdump()
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
log.info("Process with pid %s appears to have terminated", pid)
if pid in self.process_list.pids:
self.process_list.remove_pid(pid)
@@ -915,7 +915,7 @@ def dump_file(self, filepath, metadata="", pids="", ppids="", category="files"):
except (IOError, socket.error) as e:
log.error('Unable to upload dropped file at path "%s": %s', filepath, e)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

def delete_file(self, filepath, pid=None):
"""A file is about to removed and thus should be dumped right away."""
@@ -1508,8 +1508,7 @@ def dispatch(self, data):
try:
response = fn(arguments)
except Exception as e:
log.error(e, exc_info=True)
log.exception("Pipe command handler exception occurred (command %s args %s)", command, arguments)
log.exception("Pipe command handler exception occurred (command %s args %s). %s", command, arguments, str(e))

return response

@@ -1536,7 +1535,7 @@ def dispatch(self, data):

# When user set wrong package, Example: Emotet package when submit doc, package only is for EXE!
except CuckooError:
log.info("You probably submitted the job with wrong package", exc_info=True)
log.exception("You probably submitted the job with wrong package")
data["status"] = "exception"
data["description"] = "You probably submitted the job with wrong package"
try:
2 changes: 1 addition & 1 deletion analyzer/windows/lib/common/results.py
Original file line number Diff line number Diff line change
@@ -61,7 +61,7 @@ def upload_to_host(file_path, dump_path, pids="", ppids="", metadata="", categor
size -= read_size
buf = infd.read(BUFSIZE)
except Exception as e:
log.error("Exception uploading file %s to host: %s", file_path, e, exc_info=True)
log.exception("Exception uploading file %s to host: %s", file_path, e)


def upload_buffer_to_host(buffer, dump_path, filepath=False, pids="", ppids="", metadata="", category="", duplicated=False):
2 changes: 1 addition & 1 deletion analyzer/windows/lib/core/pipe.py
Original file line number Diff line number Diff line change
@@ -224,7 +224,7 @@ def stop(self):
if h.is_alive():
h.stop()
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)


def disconnect_pipes():
2 changes: 1 addition & 1 deletion analyzer/windows/prescripts/prescript_detection.py
Original file line number Diff line number Diff line change
@@ -599,7 +599,7 @@ def create_trigger(

def change_execution_dir(dir):
log.info(f"Changing execution directory to {dir}")
log.warn("Changing directory not available in prescript testing")
log.warning("Changing directory not available in prescript testing")


def main(args):
2 changes: 1 addition & 1 deletion lib/cuckoo/common/abstracts.py
Original file line number Diff line number Diff line change
@@ -1726,7 +1726,7 @@ def update(self) -> bool:
try:
req = requests.get(self.downloadurl, headers=headers, verify=True)
except requests.exceptions.RequestException as e:
log.warn("Error downloading feed for %s: %s", self.feedname, e)
log.warning("Error downloading feed for %s: %s", self.feedname, e)
return False
if req.status_code == 200:
self.downloaddata = req.content
2 changes: 1 addition & 1 deletion lib/cuckoo/common/admin_utils.py
Original file line number Diff line number Diff line change
@@ -382,7 +382,7 @@ def execute_command_on_all(remote_command, servers: list, ssh_proxy: SSHClient):
except TimeoutError as e:
sys.exit(f"Did you forget to use jump box? {str(e)}")
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)


def bulk_deploy(files, yara_category, dry_run=False, servers: list = [], ssh_proxy: SSHClient = False):
4 changes: 2 additions & 2 deletions lib/cuckoo/common/cape_utils.py
Original file line number Diff line number Diff line change
@@ -194,7 +194,7 @@ def static_config_parsers(cape_name, file_path, file_data):
cape_config[cape_name].update({key: [value]})
parser_loaded = True
except Exception as e:
log.error("CAPE: parsing error on %s with %s: %s", file_path, cape_name, e, exc_info=True)
log.exception("CAPE: parsing error on %s with %s: %s", file_path, cape_name, e)

# DC3-MWCP
if HAS_MWCP and not parser_loaded and cape_name and cape_name in mwcp_decoders:
@@ -260,7 +260,7 @@ def static_config_parsers(cape_name, file_path, file_data):
if "rules" in str(e):
log.warning("You probably need to compile yara-python with dotnet support")
else:
log.error(e, exc_info=True)
log.exception(e)
log.warning(
"malwareconfig parsing error for %s with %s: %s, you should submit issue/fix to https://github.com/kevthehermit/RATDecoders/",
file_path,
2 changes: 1 addition & 1 deletion lib/cuckoo/common/cleaners_utils.py
Original file line number Diff line number Diff line change
@@ -229,7 +229,7 @@ def delete_data(tid):
elif repconf.elasticsearchdb.enabled:
delete_analysis_and_related_calls(tid)
except Exception as e:
log.error("failed to remove analysis info (may not exist) %s due to %s" % (tid, e), exc_info=True)
log.exception("failed to remove analysis info (may not exist) %s due to %s" % (tid, e))
with db.session.begin():
if db.delete_task(tid):
delete_folder(os.path.join(CUCKOO_ROOT, "storage", "analyses", "%s" % tid))
4 changes: 2 additions & 2 deletions lib/cuckoo/common/demux.py
Original file line number Diff line number Diff line change
@@ -184,7 +184,7 @@ def _sf_children(child: sfFile): # -> bytes:
path_to_extract = os.path.join(tmp_dir, sanitize_filename((child.filename).decode()))
_ = path_write_file(path_to_extract, child.contents)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
return (path_to_extract.encode(), child.platform, child.get_type(), child.get_size())


@@ -220,7 +220,7 @@ def demux_sflock(filename: bytes, options: str, check_shellcode: bool = True):
else:
retlist.append(_sf_children(sf_child))
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
return list(filter(None, retlist)), ""


6 changes: 3 additions & 3 deletions lib/cuckoo/common/gcp.py
Original file line number Diff line number Diff line change
@@ -63,7 +63,7 @@ def list_instances(self) -> dict:
]
servers.setdefault(instance["name"], ips)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
elif HAVE_GCP:
try:
instance_client = compute_v1.InstancesClient()
@@ -108,9 +108,9 @@ def autodiscovery(self):
if not r.ok:
log.error("Can't registger worker with IP: %s. status_code: %d ", ip, r.status_code)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
break
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

time.sleep(int(self.dist_cfg.GCP.autodiscovery))
2 changes: 1 addition & 1 deletion lib/cuckoo/common/integrations/XLMMacroDeobfuscator.py
Original file line number Diff line number Diff line change
@@ -67,4 +67,4 @@ def xlmdeobfuscate(filepath: str, task_id: str, password: str = "", on_demand: b
if "no attribute 'workbook'" in str(e) or "Can't find workbook" in str(e):
log.info("Workbook not found. Probably not an Excel file")
else:
log.error(e, exc_info=True)
log.exception(e)
2 changes: 1 addition & 1 deletion lib/cuckoo/common/integrations/capa.py
Original file line number Diff line number Diff line change
@@ -292,6 +292,6 @@ def flare_capa_details(
except EmptyReportError:
log.info("FLARE CAPA -> No process data available")
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

return capa_output
2 changes: 1 addition & 1 deletion lib/cuckoo/common/integrations/file_extra_info.py
Original file line number Diff line number Diff line change
@@ -559,7 +559,7 @@ def vbe_extract(file: str, **_) -> ExtractorReturnType:
try:
decoded = vbe_decode_file(file, data)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

if not decoded:
log.debug("VBE content wasn't decoded")
2 changes: 1 addition & 1 deletion lib/cuckoo/common/integrations/floss.py
Original file line number Diff line number Diff line change
@@ -124,7 +124,7 @@ def run(self):
results[stype].append(sval.string)

except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

fm.set_log_config(fm.DebugLevel.DEFAULT, False)

10 changes: 5 additions & 5 deletions lib/cuckoo/common/integrations/parse_dotnet.py
Original file line number Diff line number Diff line change
@@ -56,7 +56,7 @@ def _get_custom_attrs(self) -> List[Dict[str, str]]:
except subprocess.CalledProcessError as e:
log.error("Monodis: %s", str(e))
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
return None

def _get_assembly_refs(self) -> List[Dict[str, str]]:
@@ -84,7 +84,7 @@ def _get_assembly_refs(self) -> List[Dict[str, str]]:
except subprocess.CalledProcessError as e:
log.error("Monodis: %s", str(e))
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
return None

def _get_assembly_info(self) -> Dict[str, str]:
@@ -103,7 +103,7 @@ def _get_assembly_info(self) -> Dict[str, str]:
except subprocess.CalledProcessError as e:
log.error("Monodis: %s", str(e))
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
return None

def _get_type_refs(self) -> List[Dict[str, str]]:
@@ -128,7 +128,7 @@ def _get_type_refs(self) -> List[Dict[str, str]]:
except subprocess.CalledProcessError as e:
log.error("Monodis: %s", str(e))
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
return None

def run(self) -> Dict[str, Any]:
@@ -151,5 +151,5 @@ def run(self) -> Dict[str, Any]:
else:
return
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
return None
2 changes: 1 addition & 1 deletion lib/cuckoo/common/integrations/parse_hwp.py
Original file line number Diff line number Diff line change
@@ -38,7 +38,7 @@ def unpack_hwp(self):
stream_content = zlib.decompress(contents, -15)
self.files[stream_name] = stream_content
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

def extract_eps(self) -> List[bytes]:
"""Extract some information from Encapsulated Post Script files."""
2 changes: 1 addition & 1 deletion lib/cuckoo/common/integrations/parse_java.py
Original file line number Diff line number Diff line change
@@ -41,7 +41,7 @@ def run(self) -> Dict[str, Any]:
p = Popen([self.decomp_jar, jar_file], stdout=PIPE)
results["decompiled"] = convert_to_printable(p.stdout.read())
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

with contextlib.suppress(Exception):
Path(jar_file.decode()).unlink()
12 changes: 6 additions & 6 deletions lib/cuckoo/common/integrations/parse_office.py
Original file line number Diff line number Diff line change
@@ -129,7 +129,7 @@ def _get_xml_meta(self, filepath) -> Dict[str, Dict[str, str]]:
continue
metares["SummaryInformation"][n.split(":")[1]] = convert_to_printable(data[0].data)
except (IndexError, AttributeError) as e:
log.error(e, exc_info=True)
log.exception(e)

for elem in app._get_documentElement().childNodes:
try:
@@ -146,7 +146,7 @@ def _get_xml_meta(self, filepath) -> Dict[str, Dict[str, str]]:
continue
metares["DocumentSummaryInformation"][n] = convert_to_printable(data[0].data)
except (IndexError, AttributeError) as e:
log.error(e, exc_info=True)
log.exception(e)

return metares

@@ -236,7 +236,7 @@ def _parse(self, filepath: str) -> Dict[str, Any]:
if temp_results:
results["office_rtf"] = temp_results
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
else:
try:
vba = VBA_Parser(filepath)
@@ -254,7 +254,7 @@ def _parse(self, filepath: str) -> Dict[str, Any]:
except AttributeError:
log.warning("OleFile library bug: AttributeError! fix: poetry run pip install olefile")
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

officeresults = {"Metadata": {}}
macro_folder = os.path.join(CUCKOO_ROOT, "storage", "analyses", self.task_id, "macros")
@@ -301,7 +301,7 @@ def _parse(self, filepath: str) -> Dict[str, Any]:
except ValueError as e:
log.error("Can't parse macros for %s - %s ", filepath, str(e))
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
for keyword, description in detect_autoexec(vba_code):
officeresults["Macro"]["Analysis"].setdefault("AutoExec", []).append(
(keyword.replace(".", "_"), description)
@@ -328,7 +328,7 @@ def _parse(self, filepath: str) -> Dict[str, Any]:
if indicator.value and indicator.name in {"Word Document", "Excel Workbook", "PowerPoint Presentation"}:
officeresults["Metadata"]["DocumentType"] = indicator.name
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

if HAVE_XLM_DEOBF:
tmp_xlmmacro = xlmdeobfuscate(filepath, self.task_id, self.options.get("password", ""))
20 changes: 10 additions & 10 deletions lib/cuckoo/common/integrations/parse_pe.py
Original file line number Diff line number Diff line change
@@ -219,7 +219,7 @@ def get_peid_signatures(self, pe: pefile.PE) -> list:
if result:
return list(result)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

return None

@@ -344,7 +344,7 @@ def get_resources(self, pe: pefile.PE) -> List[Dict[str, str]]:
except pefile.PEFormatError as e:
log.debug("get_resources error: %s", str(e))
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
continue

return resources
@@ -368,7 +368,7 @@ def get_pdb_path(self, pe: pefile.PE) -> str:
length = struct.unpack_from("IIB", dbgdata)[1]
return dbgdata[12:length].decode("latin-1").rstrip("\0")
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

return None

@@ -401,7 +401,7 @@ def get_imported_symbols(self, pe: pefile.PE) -> Dict[str, dict]:
"imports": symbols,
}
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
continue
return imports

@@ -538,7 +538,7 @@ def get_sections(self, pe: pefile.PE) -> List[Dict[str, str]]:
}
)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
continue

return sections
@@ -650,7 +650,7 @@ def get_icon_info(self, pe: pefile.PE) -> Tuple[str, str, str, str]:
return None, None, None, None
return icon, fullhash, simphash, dhash
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

return None, None, None, None

@@ -693,7 +693,7 @@ def get_versioninfo(self, pe: pefile.PE) -> List[dict]:
entry["value"] = f"0x0{entry['value'][2:5]} 0x0{entry['value'][7:10]}"
peresults.append(entry)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
continue

return peresults
@@ -853,12 +853,12 @@ def get_dll_exports(self) -> str:
else:
exports.append(re.sub("[^A-Za-z0-9_?@-]", "", exported_symbol.name))
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

return ",".join(exports)
except Exception as e:
log.error("PE type not recognised")
log.error(e, exc_info=True)
log.exception(e)

return ""

@@ -873,7 +873,7 @@ def choose_dll_export(self) -> str:
if exp.name.decode() in ("DllInstall", "DllRegisterServer", "xlAutoOpen"):
return exp.name.decode()
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
return None

def get_entrypoint(self, pe: pefile.PE) -> str:
8 changes: 4 additions & 4 deletions lib/cuckoo/common/integrations/pdfminer.py
Original file line number Diff line number Diff line change
@@ -44,10 +44,10 @@ def _mine_for_urls(file_path: str) -> Set[str]:
try:
obj = doc.getobj(object_id)
urls.update(_search_for_url(obj))
except Exception as ex:
log.error(ex, exc_info=True)
except Exception as ex:
log.error(ex, exc_info=True)
except Exception as e:
log.exception(e)
except Exception as e:
log.exception(e)

return urls

6 changes: 3 additions & 3 deletions lib/cuckoo/common/integrations/peepdf.py
Original file line number Diff line number Diff line change
@@ -59,7 +59,7 @@ def _set_base_uri(pdf):
if elem:
return elem.getValue()
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
return ""


@@ -109,7 +109,7 @@ def peepdf_parse(filepath: str, pdfresult: Dict[str, Any]) -> Dict[str, Any]:
jslist, unescapedbytes, urlsfound, errors, ctxdummy = analyseJS(decoded_stream.strip())
jsdata = jslist[0]
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
continue
if errors or jsdata is None:
continue
@@ -137,7 +137,7 @@ def peepdf_parse(filepath: str, pdfresult: Dict[str, Any]) -> Dict[str, Any]:
jslist, unescapedbytes, urlsfound, errors, ctxdummy = analyseJS(js_elem.value)
jsdata = jslist[0]
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
continue
if errors or not jsdata:
continue
8 changes: 4 additions & 4 deletions lib/cuckoo/common/objects.py
Original file line number Diff line number Diff line change
@@ -353,15 +353,15 @@ def get_content_type(self):
except magic.MagicException as e:
log.error("Magic error: %s", str(e))
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
if not file_type and hasattr(magic, "open"):
try:
ms = magic.open(magic.MAGIC_MIME | magic.MAGIC_SYMLINK)
ms.load()
file_type = ms.file(self.file_path)
ms.close()
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

if file_type is None:
try:
@@ -370,7 +370,7 @@ def get_content_type(self):
)
file_type = p.stdout.read().strip()
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

return file_type

@@ -419,7 +419,7 @@ def get_type(self):
File.notified_pefile = True
log.warning("Unable to import pefile (install with `pip3 install pefile`)")
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
if not self.file_type:
self.file_type = self.get_content_type()

4 changes: 2 additions & 2 deletions lib/cuckoo/common/web_utils.py
Original file line number Diff line number Diff line change
@@ -1294,7 +1294,7 @@ def _malwarebazaar_dl(hash):
except pyzipper.zipfile.BadZipFile:
print(data.content)
except Exception as e:
logging.error(e, exc_info=True)
log.exception(e)

return sample

@@ -1500,7 +1500,7 @@ def submit_task(
filename=filename,
)
if not task_id:
log.warn("Error adding CAPE task to database: %s", package)
log.warning("Error adding CAPE task to database: %s", package)
return task_id

log.info('CAPE detection on file "%s": %s - added as CAPE task with ID %s', target, package, task_id)
2 changes: 1 addition & 1 deletion lib/cuckoo/core/guest.py
Original file line number Diff line number Diff line change
@@ -388,7 +388,7 @@ def wait_for_completion(self):
)
continue
except Exception as e:
log.error("Task #%s: Virtual machine %s /status failed. %s", self.task_id, self.vmid, e, exc_info=True)
log.exception("Task #%s: Virtual machine %s /status failed. %s", self.task_id, self.vmid, e)
continue

if status["status"] in ("complete", "failed"):
4 changes: 2 additions & 2 deletions lib/cuckoo/core/resultserver.py
Original file line number Diff line number Diff line change
@@ -463,7 +463,7 @@ def create_folders(self):
try:
create_folder(self.storagepath, folder=folder.decode())
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
# ToDo
# except CuckooOperationalError as e:
# log.error("Unable to create folder %s", folder)
@@ -510,7 +510,7 @@ def handle(self, sock, addr):
with protocol:
protocol.handle()
except CuckooOperationalError as e:
log.error(e, exc_info=True)
log.exception(e)
finally:
with self.task_mgmt_lock:
s.discard(ctx)
10 changes: 5 additions & 5 deletions modules/machinery/az.py
Original file line number Diff line number Diff line change
@@ -660,7 +660,7 @@ def _add_machines_to_db(self, vmss_name):
self.delete_machine(vm)
raise
except Exception as e:
log.error(repr(e), exc_info=True)
log.exception(repr(e))

# If no machines on any VMSSs are in the db when we leave this method, CAPE will crash.
if not self.machines() and self.required_vmsss[vmss_name]["retries"] > 0:
@@ -912,7 +912,7 @@ def _thr_reimage_vmss(self, vmss_name):
)
_ = self._handle_poller_result(async_restart_vmss)
else:
log.error(repr(e), exc_info=True)
log.exception(repr(e))
raise
with self.db.session.begin():
self._add_machines_to_db(vmss_name)
@@ -1162,7 +1162,7 @@ def _scale_machine_pool(self, tag, per_platform=False):
machine_pools[vmss_name]["is_scaling"] = False
if platform:
is_platform_scaling[platform] = False
log.error(repr(exc), exc_info=True)
log.exception(repr(exc))
log.debug(f"Scaling {vmss_name} has completed with errors {exc!r}.")

@staticmethod
@@ -1303,7 +1303,7 @@ def _thr_reimage_list_reader(self):
operation=self.compute_client.virtual_machine_scale_sets.begin_reimage_all,
)
except Exception as exc:
log.error(repr(exc), exc_info=True)
log.exception(repr(exc))
# If InvalidParameter: 'The provided instanceId x is not an active Virtual Machine Scale Set VM instanceId.
# This means that the machine has been deleted
# If BadRequest: The VM x creation in Virtual Machine Scale Set <vmss name>> with ephemeral disk is not complete. Please trigger a restart if required'
@@ -1408,7 +1408,7 @@ def _thr_delete_list_reader(self):
operation=self.compute_client.virtual_machine_scale_sets.begin_delete_instances,
)
except Exception as exc:
log.error(repr(exc), exc_info=True)
log.exception(repr(exc))
with current_operations_lock:
current_vmss_operations -= 1
with vms_currently_being_deleted_lock:
2 changes: 1 addition & 1 deletion modules/machinery/vsphere.py
Original file line number Diff line number Diff line change
@@ -88,7 +88,7 @@ def _initialize_check(self):

sslContext = ssl._create_unverified_context()
self.connect_opts["sslContext"] = sslContext
log.warn("Turning off SSL certificate verification!")
log.warning("Turning off SSL certificate verification!")

# Check that a snapshot is configured for each machine
# and that it was taken in a powered-on state
2 changes: 1 addition & 1 deletion modules/processing/behavior.py
Original file line number Diff line number Diff line change
@@ -309,7 +309,7 @@ def _parse(self, row):
try:
argument["value"] = convert_to_printable(arg_value, self.conversion_cache)
except Exception:
log.error(arg_value, exc_info=True)
log.exception(arg_value)
continue
if not self.reporting_mode:
if isinstance(arg_value_raw, bytes):
173 changes: 0 additions & 173 deletions modules/processing/parsers/CAPE/Snake.py

This file was deleted.

4 changes: 2 additions & 2 deletions modules/reporting/mongodb.py
Original file line number Diff line number Diff line change
@@ -167,12 +167,12 @@ def run(self, results):
for j, parent_dict in enumerate(report[parent_key]):
child_key, csize = self.debug_dict_size(parent_dict)[0]
if csize > size_filter:
log.warn("results['%s']['%s'] deleted due to size: %s", parent_key, child_key, csize)
log.warning("results['%s']['%s'] deleted due to size: %s", parent_key, child_key, csize)
del report[parent_key][j][child_key]
else:
child_key, csize = self.debug_dict_size(report[parent_key])[0]
if csize > size_filter:
log.warn("results['%s']['%s'] deleted due to size: %s", parent_key, child_key, csize)
log.warning("results['%s']['%s'] deleted due to size: %s", parent_key, child_key, csize)
del report[parent_key][child_key]
try:
mongo_insert_one("analysis", report)
2 changes: 1 addition & 1 deletion tests/test_objects.py
Original file line number Diff line number Diff line change
@@ -82,7 +82,7 @@ def test_get_ssdeep(self, empty_file):
assert empty_file["file"].get_ssdeep() is not None
except ImportError:
assert empty_file["file"].get_ssdeep() is None
logging.warn("Need to install pydeep python module")
logging.warning("Need to install pydeep python module")

def test_get_type(self, empty_file):
assert empty_file["file"].get_type() == "empty"
14 changes: 7 additions & 7 deletions utils/dist.py
Original file line number Diff line number Diff line change
@@ -229,15 +229,15 @@ def _delete_many(node, ids, nodes, db):
try:
url = os.path.join(nodes[node].url, "tasks", "delete_many/")
apikey = nodes[node].apikey
log.debug("Removing task id(s): {0} - from node: {1}".format(ids, nodes[node].name))
log.debug("Removing task id(s): %s - from node: %s", ids, nodes[node].name)
res = requests.post(
url,
headers={"Authorization": f"Token {apikey}"},
data={"ids": ids, "delete_mongo": False},
verify=False,
)
if res and res.status_code != 200:
log.info("{} - {}".format(res.status_code, res.content))
log.info("%d - %s", res.status_code, res.content)
db.rollback()

except Exception as e:
@@ -315,7 +315,7 @@ def node_submit_task(task_id, node_id, main_task_id):
files = dict(file=open(task.path, "rb"))
r = requests.post(url, data=data, files=files, headers={"Authorization": f"Token {apikey}"}, verify=False)
else:
log.debug("Target category is: {}".format(task.category))
log.debug("Target category is: %s", task.category)
db.close()
return

@@ -491,7 +491,7 @@ def failed_cleaner(self):
db = session()
while True:
for node in db.query(Node).with_entities(Node.id, Node.name, Node.url, Node.apikey).filter_by(enabled=True).all():
log.info("Checking for failed tasks on: {}".format(node.name))
log.info("Checking for failed tasks on: %s", node.name)
for task in node_fetch_tasks("failed_analysis|failed_processing", node.url, node.apikey, action="delete"):
t = db.query(Task).filter_by(task_id=task["id"], node_id=node.id).order_by(Task.id.desc()).first()
if t is not None:
@@ -577,7 +577,7 @@ def fetcher(self):
"""
except Exception as e:
self.status_count[node.name] += 1
log.error(e, exc_info=True)
log.exception(e)
if self.status_count[node.name] == dead_count:
log.info("[-] {} dead".format(node.name))
# node_data = db.query(Node).filter_by(name=node.name).first()
@@ -926,7 +926,7 @@ def submit_tasks(self, node_id, pend_tasks_num, options_like=False, force_push_p
if "timeout=" in t.options:
t.timeout = options.get("timeout", 0)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)
# wtf are you doing in pendings?
tasks = db.query(Task).filter_by(main_task_id=t.id).all()
if tasks:
@@ -1189,7 +1189,7 @@ def run(self):
continue
db.commit()
except Exception as e:
log.error("Got an exception when trying to check nodes status and submit tasks: {}.".format(e), exc_info=True)
log.error("Got an exception when trying to check nodes status and submit tasks: {}.".format(e))

# ToDo hard test this rollback, this normally only happens on db restart and similar
db.rollback()
4 changes: 2 additions & 2 deletions utils/process.py
Original file line number Diff line number Diff line change
@@ -289,10 +289,10 @@ def processing_finished(future):
log.error("[%d] Processing Timeout %s. Function: %s", task_id, error, error.args[1])
Database().set_status(task_id, TASK_FAILED_PROCESSING)
except pebble.ProcessExpired as error:
log.error("[%d] Exception when processing task: %s", task_id, error, exc_info=True)
log.exception("[%d] Exception when processing task: %s", task_id, error)
Database().set_status(task_id, TASK_FAILED_PROCESSING)
except Exception as error:
log.error("[%d] Exception when processing task: %s", task_id, error, exc_info=True)
log.exception("[%d] Exception when processing task: %s", task_id, error)
Database().set_status(task_id, TASK_FAILED_PROCESSING)

pending_future_map.pop(future)
4 changes: 2 additions & 2 deletions web/apiv2/views.py
Original file line number Diff line number Diff line change
@@ -1265,7 +1265,7 @@ def tasks_report(request, task_id, report_format="json", make_zip=False):
else:
zf.write(filepath, filedir)
except Exception as e:
log.error(e, exc_info=True)
log.exception(e)

# exception for lite report that is under reports/lite.json
if report_format.lower() == "lite":
@@ -2455,7 +2455,7 @@ def _stream_iterator(fp, guest_name, chunk_size=1024):
return Response(resp)
return StreamingHttpResponse(streaming_content=r.iter_content(chunk_size=1024), content_type="application/octet-stream")
except requests.exceptions.RequestException as ex:
log.error(ex, exc_info=True)
log.exception(ex)
resp = {"error": True, "error_value": f"Requests exception: {ex}"}
return Response(resp)


Unchanged files with check annotations Beta

strings:
$trap0 = {81 C6 00 10 00 00 [0-88] 81 FE 00 F0 [2] 0F 84 [2] 00 00}
$trap1 = {31 FF [0-128] (B9|C7 85 F8 00 00 00) 60 5F A9 00}
$antihook = {FF 34 08 [0-360] 8F 04 0B [0-360] 83 F9 18 [0-460] FF E3}

Check warning on line 11 in analyzer/windows/data/yara/Guloader.yar

VirusTotal YARA-CI / Rules Analysis

analyzer/windows/data/yara/Guloader.yar#L11

rule "GuloaderB": string "$antihook" may slow down scanning
$trap2 = {83 BD 9C 00 00 00 00 0F 85 [2] 00 00}
condition:
3 of them
$trap0 = {81 C6 00 10 00 00 [0-148] (39 CE|3B B5) [0-6] 0F 84 [2] 00 00}
$trap0A = {E8 00 00 00 00 59 [0-2800] 81 C6 00 10 00 00 [0-148] (39 CE|3B B5) [0-6] 0F 84 [2] 00 00}
$trap1 = {89 D6 60 0F 31 B8 [4] (05|35|2D|B8) [4] (05|35|2D|B8) [4] (05|35|2D|B8) [4] 0F A2}
$antihook = {FF 34 08 [0-360] 8F 04 0B [0-800] FF E3}

Check warning on line 44 in analyzer/windows/data/yara/Guloader.yar

VirusTotal YARA-CI / Rules Analysis

analyzer/windows/data/yara/Guloader.yar#L44

rule "GuloaderC": string "$antihook" may slow down scanning
condition:
3 of them
}
$trap1 = {49 83 F9 00 75 [1-20] 83 FF 00 [2-6] 81 FF}
$trap2 = {39 CB 59 01 D7 49 85 C8 83 F9 00 75 B3}
$trap3 = {61 0F AE E8 0F 31 0F AE E8 C1 E2 20 09 C2 29 F2 83 FA 00 7E CE C3}
$antihook = {FF 34 08 [0-360] 8F 04 0B [0-800] FF E3}

Check warning on line 12 in data/yara/CAPE/Guloader.yar

VirusTotal YARA-CI / Rules Analysis

data/yara/CAPE/Guloader.yar#L12

rule "Guloader": string "$antihook" may slow down scanning
$antidbg = {39 48 04 0F 85 [4] 39 48 08 0F 85 [4] 39 48 0C 0F 85 [4] 39 48 10 0F 85 [4] 39 48 14 0F 85 [4] 39 48 18 0F 85}
$except = {8B 45 08 8B 00 [0-1] 8B 58 18 [0-20] 81 38 05 00 00 C0 0F 85 [4-7] 83 FB 00 (0F 84|74)}
$cape_string = "cape_options"
$download2 = {8B 75 ?? 8D 4D ?? 8B 7D ?? 8B D6 57 89 1E 89 1F E8 [4] 59 3D C8 00 00 00 75 05 33 C0 40 EB}
$download3 = {B8 50 00 00 00 66 89 45 ?? 4C 89 65 ?? 4C 89 75 ?? E8 [4] 48 8B 1E 3D 94 01 00 00}
$major_ver = {0F B6 05 ?? ?? ?? ?? 6A ?? 6A 72 FF 75 0C 6A 70 50 FF 35 ?? ?? ?? ?? 8D 45 80 FF 35 ?? ?? ?? ?? 6A 63 FF 75 08 6A 67 50 FF 75 10 FF 15 ?? ?? ?? ?? 83 C4 38 8B E5 5D C3}
$decode1 = {4? 8D [5-6] 8A 4? [1-3] 32 }//0? 01 88 44 [2] 4?}

Check warning on line 18 in data/yara/CAPE/IcedIDLoader.yar

VirusTotal YARA-CI / Rules Analysis

data/yara/CAPE/IcedIDLoader.yar#L18

rule "IcedIDLoader": string "$decode1" may slow down scanning
$decode2 = {42 0F B6 4C 02 ?? 42 0F B6 04 02 32 C8 88 8C 15 ?? ?? ?? ?? 48 FF C2 48 83 FA 20}
condition:
2 of them
$anti_appdirs = {E8 [4] 83 F8 0? 7? ?? E8}
$anti_procs_ram = {E8 [4] 83 F8 0? 7? ?? E8 [4] 3D (FF 0E | 00 0F | FF 16) 00 00}
$anti_procs = {4C 89 F1 [0-9] FF D3 83 7C 24 ?? (03 | 07)}
$anti_ram = {E8 [4] 3D (FF 1F | 00 20 | 00 17 | FF 0E | FF 16 | FF 2F) 00 00}

Check warning on line 11 in data/yara/CAPE/Quickbind.yar

VirusTotal YARA-CI / Rules Analysis

data/yara/CAPE/Quickbind.yar#L11

rule "Quickbind": string "$anti_ram" may slow down scanning
$sleep = {B9 64 00 00 00 [0-7] FF}
$mutex_api = "CreateMutexW"
$mutex_error = {FF [1-5] 3D B7 00 00 00}
new_processes = current_processes - known_processes
for pid in new_processes:
log.info(f"New child process detected: {pid}")

Check failure on line 74 in analyzer/linux/analyzer.py

GitHub Actions / test (3.10)

Ruff (G004)

analyzer/linux/analyzer.py:74:22: G004 Logging statement uses f-string
dump_memory(pid)
add_pids(pid) # Add the new process to PROCESS_LIST
chunk = mem_file.read(end - start)
output_file.write(chunk)
except (OSError, ValueError) as e:
log.error(f"Could not read memory range {start:x}-{end:x}: {e}")

Check failure on line 121 in analyzer/linux/analyzer.py

GitHub Actions / test (3.10)

Ruff (G004)

analyzer/linux/analyzer.py:121:31: G004 Logging statement uses f-string
maps_file.close()
mem_file.close()
output_file.close()
except FileNotFoundError:
log.error(f"Process with PID {pid} not found.")

Check failure on line 126 in analyzer/linux/analyzer.py

GitHub Actions / test (3.10)

Ruff (G004)

analyzer/linux/analyzer.py:126:19: G004 Logging statement uses f-string
except PermissionError:
log.error(f"Permission denied to access process with PID {pid}.")

Check failure on line 128 in analyzer/linux/analyzer.py

GitHub Actions / test (3.10)

Ruff (G004)

analyzer/linux/analyzer.py:128:19: G004 Logging statement uses f-string
if os.path.exists(f"{MEM_PATH}/{pid}.dmp"):
upload_to_host(f"{MEM_PATH}/{pid}.dmp", f"memory/{pid}.dmp")
DUMPED_LIST.add(pid)
else:
log.error(f"Memdump file not found in guest machine for PID {pid}")

Check failure on line 134 in analyzer/linux/analyzer.py

GitHub Actions / test (3.10)

Ruff (G004)

analyzer/linux/analyzer.py:134:19: G004 Logging statement uses f-string
class Analyzer:
log.info("Detected non-Gnome desktop environment.")
else:
self._is_gnome = True
log.info(f"Detected Gnome version {version}")

Check failure on line 142 in analyzer/linux/lib/api/screenshot.py

GitHub Actions / test (3.10)

Ruff (G004)

analyzer/linux/lib/api/screenshot.py:142:30: G004 Logging statement uses f-string
name = "org.gnome.Screenshot"
resp = await self.bus.request_name(name)
if resp not in (
if response == 0:
await queue.put(urllib.parse.urlparse(results["uri"].value).path)
else:
log.warning(f"Received non-zero response when taking screenshot: {response}")

Check failure on line 263 in analyzer/linux/lib/api/screenshot.py

GitHub Actions / test (3.10)

Ruff (G004)

analyzer/linux/lib/api/screenshot.py:263:33: G004 Logging statement uses f-string
await queue.put(None)
# Set up the signal handler
try:
upload_to_host(file_path, os.path.join("memory", f"{self.pid}.dmp"), category="memory")
except Exception as e:
log.error(e, exc_info=True)

Check failure on line 761 in analyzer/windows/lib/api/process.py

GitHub Actions / test (3.10)

Ruff (G201)

analyzer/windows/lib/api/process.py:761:17: G201 Logging `.exception(...)` should be used instead of `.error(..., exc_info=True)`
log.error(os.path.join("memory", f"{self.pid}.dmp"))
log.error(file_path)
log.info("Memory dump of %s uploaded", self)
log = logging.getLogger(__name__)
FILE_NAME_REGEX = re.compile("[\s]{2}((?:[a-zA-Z0-9\.\-,_\\\\]+( [a-zA-Z0-9\.\-,_\\\\]+)?)+)\\r")

Check failure on line 21 in analyzer/windows/lib/common/zip_utils.py

GitHub Actions / test (3.10)

Ruff (W605)

analyzer/windows/lib/common/zip_utils.py:21:32: W605 Invalid escape sequence: `\s`

Check failure on line 21 in analyzer/windows/lib/common/zip_utils.py

GitHub Actions / test (3.10)

Ruff (W605)

analyzer/windows/lib/common/zip_utils.py:21:52: W605 Invalid escape sequence: `\.`
FILE_EXT_OF_INTEREST = [
".bat",
".cmd",