injector failure windows 7 #562
Labels
bug
Something isn't working
Comments
|
Fixed by #564 |
|
I am trying to install the sandbox using nested virtualisation in VMWare and I am getting the same error for Windows 7 32bit and 64 bit. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
when Im trying to run to run "draksetup postinstall --no-report" i receive an error "subprocess.TimeoutExpired"
A clear and concise description of what the bug is.
How to reproduce
Steps to reproduce the behavior:
draksetup ...Output of the status checking commands
root@srvsandbox:~# /opt/venvs/drakrun/lib/python3.8/site-packages/drakrun/tools/get-explorer-pid vm-0 /var/lib/drakrun/profiles/kernel.json 0x187000 explorer.exe:1904root@srvsandbox:~# json --version json 11.0.0 written by Trent Mick https://github.com/trentm/jsonroot@srvsandbox:~# drak-healthcheck Checking daemon status... drak-web.service OK drak-system.service OK drak-minio.service OK Checking worker status... drak-postprocess@1.service OK`root@srvsandbox:~# draksetup postinstall --no-report
[2021-05-18 14:42:53,537][INFO] Cleaning up leftovers(if any)
[2021-05-18 14:42:53,538][INFO] Deleted /var/lib/drakrun/profiles/runtime.json
[2021-05-18 14:42:53,539][INFO] Deleted /var/lib/drakrun/profiles/kernel.json
[2021-05-18 14:42:53,539][INFO] Ejecting installation CDs
[2021-05-18 14:42:54,152][INFO] Determined PDB GUID: 3844dbb920174967be7aa4a2c20430fa2
[2021-05-18 14:42:54,153][INFO] Determined kernel filename: ntkrnlmp.pdb
[2021-05-18 14:42:54,153][INFO] Fetching PDB file...
[2021-05-18 14:42:54,164][DEBUG] Starting new HTTPS connection (1): msdl.microsoft.com:443
[2021-05-18 14:42:55,142][DEBUG] https://msdl.microsoft.com:443 "GET /download/symbols/ntkrnlmp.pdb/3844dbb920174967be7aa4a2c20430fa2/ntkrnlmp.pdb HTTP/1.1" 302 0
[2021-05-18 14:42:55,144][DEBUG] Starting new HTTPS connection (1): vsblobprodscussu5shard10.blob.core.windows.net:443
[2021-05-18 14:42:57,067][DEBUG] https://vsblobprodscussu5shard10.blob.core.windows.net:443 "GET /b-4712e0edc5a240eabf23330d7df68e77/3361580E1DAA2301EF4C62D105FB67166BD89EA03FCDE3C800EACFAF71EE01C200.blob?sv=2019-07-07&sr=b&si=1&sig=U36b3g32uF0YPe6tZmnEENqsRsLFAi409b0820J2V1c%3D&spr=https&se=2021-05-19T09%3A12%3A02Z&rscl=x-e2eid-6f994c0c-dd32407e-aafe02a8-a8b76849-session-70cbd090-078549e5-9218a9a8-96d4ff5a HTTP/1.1" 200 8768512
100%|█████████████████████████████████████| 8.77M/8.77M [00:01<00:00, 4.72MiB/s]
[2021-05-18 14:42:58,967][INFO] Generating profile out of PDB file...
[2021-05-18 14:43:24,051][INFO] Saving profile...
[2021-05-18 14:43:24,054][INFO] Deleted /var/lib/drakrun/profiles/ntkrnlmp.pdb
[2021-05-18 14:43:24,941][INFO] Saving runtime profile...
[2021-05-18 14:43:24,942][INFO] Saving VM snapshot...
Saving to /var/lib/drakrun/volumes/snapshot.sav new xl format (info 0x3/0x0/2078)
xc: info: Saving domain 1, type x86 HVM
xc: Frames: 1376384/1376384 100%
xc: End of stream: 0/0 0%
[2021-05-18 14:48:38,332][INFO] Snapshot was saved succesfully.
[2021-05-18 14:48:38,332][INFO] Snapshotting persistent memory...
[2021-05-18 14:48:38,332][INFO] Unpausing VM
[2021-05-18 14:48:38,424][INFO] Fetching rekall profile for Windows/SysWOW64/ntdll.dll
[2021-05-18 14:49:38,623][WARNING] Unexpected exception while creating rekall profile for Windows/SysWOW64/ntdll.dll, skipping...
[2021-05-18 14:49:38,623][INFO] Deleted /var/lib/drakrun/profiles/wow_ntdll_profile
Traceback (most recent call last):
File "/opt/venvs/drakrun/lib/python3.8/site-packages/drakrun/draksetup.py", line 420, in create_rekall_profile
cmd = injector.read_file(guest_dll_path, local_dll_path)
File "/opt/venvs/drakrun/lib/python3.8/site-packages/drakrun/injector.py", line 62, in read_file
return subprocess.run(injector_cmd, timeout=timeout, capture_output=True)
File "/usr/lib/python3.8/subprocess.py", line 491, in run
stdout, stderr = process.communicate(input, timeout=timeout)
File "/usr/lib/python3.8/subprocess.py", line 1024, in communicate
stdout, stderr = self._communicate(input, endtime, timeout)
File "/usr/lib/python3.8/subprocess.py", line 1867, in _communicate
self._check_timeout(endtime, orig_timeout, stdout, stderr)
File "/usr/lib/python3.8/subprocess.py", line 1068, in _check_timeout
raise TimeoutExpired(
subprocess.TimeoutExpired: Command '['injector', '-o', 'json', '-d', 'vm-0', '-r', '/var/lib/drakrun/profiles/kernel.json', '-i', '1904', '-k', '0x187000', '-m', 'readfile', '-e', 'C:\Windows\SysWOW64\ntdll.dll', '-B', '/var/lib/drakrun/profiles/wow_ntdll_profile']' timed out after 60 seconds
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/draksetup", line 5, in
ds.main()
File "/opt/venvs/drakrun/lib/python3.8/site-packages/click/core.py", line 829, in call
return self.main(*args, **kwargs)
File "/opt/venvs/drakrun/lib/python3.8/site-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/opt/venvs/drakrun/lib/python3.8/site-packages/click/core.py", line 1259, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/opt/venvs/drakrun/lib/python3.8/site-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/opt/venvs/drakrun/lib/python3.8/site-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "/opt/venvs/drakrun/lib/python3.8/site-packages/drakrun/draksetup.py", line 612, in postinstall
create_rekall_profile(injector, file)
File "/opt/venvs/drakrun/lib/python3.8/site-packages/drakrun/draksetup.py", line 457, in create_rekall_profile
logging.debug("stderr: " + cmd.stderr.decode())
UnboundLocalError: local variable 'cmd' referenced before assignment`
The text was updated successfully, but these errors were encountered: