Analyze, extract and visualize features, artifacts and IoCs of files and memory dumps (Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more)
License: GNU Affero General Public License v3.0
[ 85%] Building CXX object CMakeFiles/pcapfs.dir/src/virtualfiles/ssl.cpp.o
[ 88%] Building CXX object CMakeFiles/pcapfs.dir/src/virtualfiles/tcp.cpp.o
/home/testing/pcapFS/src/virtualfiles/tcp.cpp: In static member function ‘static std::vector<std::shared_ptrpcapfs::File > pcapfs::TcpFile::createVirtualFilesFromPcaps(const std::vector<std::shared_ptrpcapfs::File >&)’:
/home/testing/pcapFS/src/virtualfiles/tcp.cpp:205:99: error: invalid initialization of reference of type ‘const timeval&’ from expression of type ‘timespec’
state.currentTimestamp = utils::convertTimeValToTimePoint(rawPacket.getPacketTimeStamp());
~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~
In file included from /home/testing/pcapFS/src/virtualfiles/tcp.cpp:14:0:
/home/testing/pcapFS/src/virtualfiles/../utils.h:18:19: note: in passing argument 1 of ‘pcapfs::TimePoint pcapfs::utils::convertTimeValToTimePoint(const timeval&)’
TimePoint convertTimeValToTimePoint(const timeval &tv);
^~~~~~~~~~~~~~~~~~~~~~~~~
CMakeFiles/pcapfs.dir/build.make:614: recipe for target 'CMakeFiles/pcapfs.dir/src/virtualfiles/tcp.cpp.o' failed
make[2]: *** [CMakeFiles/pcapfs.dir/src/virtualfiles/tcp.cpp.o] Error 1
CMakeFiles/Makefile2:67: recipe for target 'CMakeFiles/pcapfs.dir/all' failed
make[1]: *** [CMakeFiles/pcapfs.dir/all] Error 2
Makefile:83: recipe for target 'all' failed
make: *** [all] Error 2
Dear qeeqbox team,
Greetings.
I followed the instructions on the wiki
docker-compose -f docker-compose-dev.yml up --build
Then open http://127.0.0.1:8000/login/
and tried to spin up a docker instance but i am getting and error message.
Cannot GET /.
I am using a windows 10 pro box.
Please see the output of the logs linked below
Please can you advise me further.
Thank you for your time.
After installation completed and running without any problem i got this error after scan my website.
`HybridAnalysis
{
"response_code": -1,
"response": {
"error": "API key missing"
}
}`
Hello,
Thank you very much for your project, but since the last update of the dockerfile, the build is in error, here is the log of the build, again thank you for your help.
Sincerely sephirothac
Building service
Sending build context to Docker daemon 355.4MB
Step 1/12 : FROM ubuntu:latest
latest: Pulling from library/ubuntu
125a6e411906: Pull complete
Digest: sha256:26c68657ccce2cb0a31b330cb0be2b5e108d467f641c62e13ab40cbec258c68d
Status: Downloaded newer image for ubuntu:latest
---> d2e4e1f51132
Step 2/12 : ENV DEBIAN_FRONTEND noninteractive
---> Running in 18a848fb721c
Removing intermediate container 18a848fb721c
---> ee5a1eaedfa0
Step 3/12 : RUN apt-get update && apt-get install -y python3 python3-pip curl libfuzzy-dev yara libmagic-dev libjansson-dev libssl-dev libffi-dev tesseract-ocr libtesseract-dev libssl-dev swig p7zip-full radare2 dmg2img snort
---> Running in e639009dbca9
Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [109 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [99.8 kB]
Get:4 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:5 http://archive.ubuntu.com/ubuntu jammy/restricted amd64 Packages [164 kB]
Get:6 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages [17.5 MB]
Get:7 http://security.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [150 kB]
Get:8 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages [149 kB]
Get:9 http://security.ubuntu.com/ubuntu jammy-security/universe amd64 Packages [68.8 kB]
Get:10 http://security.ubuntu.com/ubuntu jammy-security/multiverse amd64 Packages [4653 B]
Get:11 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages [1792 kB]
Get:12 http://archive.ubuntu.com/ubuntu jammy/multiverse amd64 Packages [266 kB]
Get:13 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [259 kB]
Get:14 http://archive.ubuntu.com/ubuntu jammy-updates/restricted amd64 Packages [153 kB]
Get:15 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [117 kB]
Get:16 http://archive.ubuntu.com/ubuntu jammy-updates/multiverse amd64 Packages [4653 B]
Get:17 http://archive.ubuntu.com/ubuntu jammy-backports/universe amd64 Packages [1202 B]
Fetched 21.2 MB in 2s (9474 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
Package radare2 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package 'radare2' has no installation candidate
The command '/bin/sh -c apt-get update && apt-get install -y python3 python3-pip curl libfuzzy-dev yara libmagic-dev libjansson-dev libssl-dev libffi-dev tesseract-ocr libtesseract-dev libssl-dev swig p7zip-full radare2 dmg2img snort' returned a non-zero code: 100
ERROR: Service 'service' failed to build : Build failed
When I submit a Trojan file for analysis, the analysis function will be suspended in Finding URLs patterns.
The operation log is as follows:
analyzer-service-1 | 2022-08-14 03:01:23.541910 > Default timeout 120s for the task, and 100s for each logic analyzer-service-1 | 2022-08-14 03:01:23.544042 > Task 7547c51f-437d-4ff1-a55a-c46c78d412aa (Started) analyzer-service-1 | 2022-08-14 03:01:23.545319 > Setting up task 7547c51f-437d-4ff1-a55a-c46c78d412aa logger analyzer-service-1 | 2022-08-14 03:01:23.578170 X Starting Analyzing analyzer-service-1 | 2022-08-14 03:01:23.580749 > Start analyzing /analyzer/folders/malware/11111 analyzer-service-1 | 2022-08-14 03:01:23.582937 X Getting file details analyzer-service-1 | 2022-08-14 03:01:23.693783 X Setting up ouput folder analyzer-service-1 | 2022-08-14 03:01:23.696655 X Checking file encoding analyzer-service-1 | 2022-08-14 03:01:23.705208 X Analyzing PE file analyzer-service-1 | 2022-08-14 03:01:24.729926 X Adding descriptions to strings analyzer-service-1 | 2022-08-14 03:01:26.035348 X Adding descriptions to strings analyzer-service-1 | 2022-08-14 03:01:28.143096 X Adding descriptions to strings analyzer-service-1 | 2022-08-14 03:01:28.152995 X Adding descriptions to strings analyzer-service-1 | 2022-08-14 03:01:28.159991 X Adding descriptions to strings analyzer-service-1 | 2022-08-14 03:01:28.234146 X Analyzing behaviors analyzer-service-1 | 2022-08-14 03:01:29.986047 X Making symbol xrefs analyzer-service-1 | 2022-08-14 03:01:34.009601 X Checking whitelist analyzer-service-1 | 2022-08-14 03:01:34.293063 X Finding english strings analyzer-service-1 | 2022-08-14 03:01:34.516280 X Finding phishing patterns analyzer-service-1 | 2022-08-14 03:01:34.518208 X Finding URLs patterns
This situation will stay for a long time, about 5 minutes. During this period, if other file analysis work is submitted, it will not run.
After that, the operation log is displayed as follows
analyzer-service-1 | 2022-08-14 03:01:34.293063 X Finding english strings analyzer-service-1 | 2022-08-14 03:01:34.516280 X Finding phishing patterns analyzer-service-1 | 2022-08-14 03:01:34.518208 X Finding URLs patterns analyzer-service-1 | 2022-08-14 03:36:07.608959 X Finding IP4s patterns analyzer-mongodb-1 | 2022-08-14T03:36:07.610+0000 I - [conn2] end connection 172.18.0.4:55576 (6 connections now open) analyzer-service-1 | 2022-08-14 03:36:07.610510 > analyzer.intell.qbpatterns.analyze > 100s.. Timeout analyzer-mongodb-1 | 2022-08-14T03:36:07.612+0000 I NETWORK [thread1] connection accepted from 172.18.0.4:38360 #7 (6 connections now open) analyzer-mongodb-1 | 2022-08-14T03:36:07.612+0000 I NETWORK [conn7] received client metadata from 172.18.0.4:38360 conn7: { driver: { name: "PyMongo", version: "3.12.1" }, os: { type: "Linux", name: "Linux", architecture: "x86_64", version: "5.4.0-124-generic" }, platform: "CPython 3.8.10.final.0" } analyzer-mongodb-1 | 2022-08-14T03:36:07.613+0000 I ACCESS [conn7] Successfully authenticated as principal changeme_9620eh26sfvka017fx on admin analyzer-service-1 | 2022-08-14 03:36:07.614948 X Finding suspicious strings analyzer-service-1 | 2022-08-14 03:36:07.631111 X Analyzing URLs
Moreover, this analysis task is not displayed in the task on the web page.No HTML and JSON analysis reports were generated.
After that, all files could not be analyzed.
The sample file download link:https://mega.nz/file/JLUQlBwL#KTmo3wD7jtHkvfwZq4Zv4gO9ijN7Fjwc3gIxa0CiPU0
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.