Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

auxiliary module (guest side) that adds events #888

Closed
Tigzy opened this issue Apr 28, 2016 · 7 comments

Comments

@Tigzy
Copy link

commented Apr 28, 2016

Hello,
I'm trying to gather some additional custom data from guest machine by writing an auxiliary module (/analyzer/windows/modules/auxiliary).

The only examples I have don't add any data to the .bson logs, so I have no idea how to achieve this. The only code doing that is located into cuckoo monitor (C code), I have no idea how to send messages to the PipeEvent Logs from the python scripts.

Is it even possible?
Thoughts?

@jbremer

This comment has been minimized.

Copy link
Member

commented Apr 28, 2016

What kind of information would you like to return to the host? As an Auxiliary module you can access the Analyzer instance through self.analyzer which in turn allows access to a couple of features.
Alternatively you could upload any content you like through the lib.common.results's NetlogFile - this way naturally the content will be accessible as a file.

@Tigzy

This comment has been minimized.

Copy link
Author

commented Apr 28, 2016

The information is still to be determined, but consider anything that is accessible from the guest.
What do you mean accessible as a file, is there a way to specify file name? Do you have an example?

@jbremer

This comment has been minimized.

Copy link
Member

commented Apr 28, 2016

Something like the following should do the trick.

nf = NetlogFile("hello.txt")
nf.send("test")
@Tigzy

This comment has been minimized.

Copy link
Author

commented Apr 28, 2016

I'll try that, thanks that helps!
Maybe you could document auxiliary for guest in customization wiki?

@Tigzy

This comment has been minimized.

Copy link
Author

commented Apr 29, 2016

To be noted that the exact code should be:

nf = NetlogFile("<some_folder>/hello.txt")
nf.send("test")

otherwise there's an exception of banned path.

@jbremer

This comment has been minimized.

Copy link
Member

commented Jun 27, 2016

Closing this as resolved, thanks!

@jbremer jbremer closed this Jun 27, 2016

@Tigzy

This comment has been minimized.

Copy link
Author

commented Oct 22, 2018

Hey, reopening since it looks like NetLogFile has been removed? What's the alternate way now?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.