Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Msg_Parser_2_0 #601

Closed
KRUXLEX opened this issue Jan 27, 2020 · 6 comments
Closed

[Bug] Msg_Parser_2_0 #601

KRUXLEX opened this issue Jan 27, 2020 · 6 comments
Assignees
@jeromeleonard
Labels
category:bug Issue is related to a bug scope:analyzer Issue is analyzer related

Comments

@KRUXLEX
Copy link

KRUXLEX commented Jan 27, 2020

Describe the bug
On every analyzing a .msg file, get the same error:
Unexpected end-of-input within/between Object entries at [Source: (sun.nio.ch.ChannelInputStream); line: 1, column: 249]

To Reproduce
Normal analyze

Expected behavior
Fix

Complementary information
Convert to .eml and analyze by EmlParser_1_2 works. So if it's a format problem, the convert will be faulty.

Work environment

  • Client OS: Debian 9
  • Server OS: Centos 7
  • Browse type and version: Firefox 68.2.0esr (64-bit)
  • Cortex version: 3.0.0-1
  • Cortex Analyzer/Responder name: Msg_Parser_2_0
  • Cortex Analyzer/Responder version: 2.0

Possible solutions
https://stackoverflow.com/questions/49015718/unexpected-end-of-input-expected-close-marker-for-object-start-marker-at-sour

Additional context
nOpe
@KRUXLEX KRUXLEX added the category:bug Issue is related to a bug label Jan 27, 2020
@jeromeleonard
Copy link
Contributor

Hello,

did you try to analyze it with FileInfo that can also parser MSG files ?

Regards,
Jerome.

@jeromeleonard jeromeleonard added the scope:analyzer Issue is analyzer related label Feb 10, 2020
@KRUXLEX
Copy link
Author

KRUXLEX commented Feb 14, 2020
edited

Hello,

did you try to analyze it with FileInfo that can also parser MSG files ?

Regards,
Jerome.

I was try, but I can't run FileInfo (I have activated this analyzer)
image
image

@jeromeleonard
Copy link
Contributor

manalyse for FileInfo is an external program. So you should specify a path for the binary to be able to use it. If you are not using it - or do not know about it - please disable manalyse_* options. This should enable successfully FileInfo analyzer.

@jeromeleonard jeromeleonard self-assigned this Feb 24, 2020
@KRUXLEX
Copy link
Author

KRUXLEX commented Mar 3, 2020

My FileInfo config. I having disable binary.
image

@jeromeleonard
Copy link
Contributor

Hello. So is it working now ?

@dadokkio
Copy link
Contributor

dadokkio commented Oct 2, 2020

No feedback in a while. I've just tried Msg_parser_3.0 with success so I'm going to close this issue.
Please reopen it if required.

@dadokkio dadokkio closed this as completed Oct 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jeromeleonard jeromeleonard

Labels
category:bug Issue is related to a bug scope:analyzer Issue is analyzer related
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dadokkio @jeromeleonard @KRUXLEX