Comments (16)
Hi bart, thanks for this suggestion. As it happens I just discussed this in a thread on spender-sanbox: spender-sandbox/cuckoo-modified#459 which concludes with a way to clear the 'hypervisor' bit in VMware systems to pass a test in Pafish. I will look at implementing this and other possible fixes to try and get past these tests.
Cheers!
from cape.
I feel the role of this is at the virtualization layer and the process of deploying your test machines.
I have an attached script I've written (based upon @doomedraven script for debian) that will work on centos 7.
from cape.
@redsand i have published how to install latest qemu/kvm with libvirt etc and not break nothing, https://gist.github.com/doomedraven/41af84c8cf93ba63cea933a80e898fb6
works much faster than previos versions, and allows to have all fixes :)
waiting for qemu 3 :)
from cape.
This issue I think has been addressed by @doomedraven in the fantastic KVM install script at https://github.com/doomedraven/Tools/blob/master/Virtualization/kvm-qemu.sh. If anyone is having issues with VM detection, the advised hypervisor to minimise this is KVM using this script.
from cape.
May be of help as well, ran Al-Khaser a few days back, see analysis task #2675
Cheers!
from cape.
Hey cool stuff, can i use it in my blog with thanks to you?
from cape.
from cape.
Cool, thanks, nice to meet you too, Im from UA
from cape.
FYI tested on ubuntu 16 and 18, works just fine
from cape.
from cape.
you are welcome :)
from cape.
@redsand a question, did you fix force vm to exit?
from cape.
from cape.
in that your .txt attachmed is like this, but that just a comment
void helper_vmexit(CPUX86State *env, uint32_t exit_code, uint64_t exit_info_1)
{
+ // env->tsc_offset -= 1000;
}
void cpu_vmexit(CPUX86State *nenv, uint32_t exit_code, uint64_t exit_info_1)
EOF
in qemu3
void cpu_vmexit(CPUX86State *nenv, uint32_t exit_code, uint64_t exit_info_1,
uintptr_t retaddr)
{
assert(0);
}
from cape.
from cape.
ok thanks
from cape.
Related Issues (20)
- Alembic not updating db properly HOT 5
- Error when installing from requirements.txt HOT 4
- VPN not selectable in Web Interface HOT 36
- x64 DLL Extraction module doesn't work HOT 1
- Which commit was capemon.dll compiled from HOT 4
- Small bug on web UI submission template HOT 1
- File not detected as being in VT HOT 2
- Injection vs Extraction HOT 4
- Agent.py HOT 3
- KeyError: (<weakref at 0x7fbf4a8f5d68; to 'function' at 0x7fbf43b9dd90 (go)>,) HOT 4
- Permission for Scraping https://www.capesandbox.com/analysis/ HOT 2
- [Feature Request] Add support for Unfurl HOT 1
- Invalid URL under C2Server HOT 1
- Memory Dump on proxmox HOT 1
- Samples not analyzed on Linux guest (Ubuntu 18.04 32-bits) HOT 2
- The PCAP file does not exist
- Result Server Binding error HOT 1
- Cape Sandbox linux analysis
- Linux Analysis of Cape Sandbox
- Getting zero mal score in linux analysis
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cape.