Giter Club home page Giter Club logo

Comments (13)

doomedraven avatar doomedraven commented on July 18, 2024

Hey, what is the version of mongodb and pymongo?

from capev2.

xme avatar xme commented on July 18, 2024

Here we go!

# /usr/bin/mongod --version
db version v7.0.9
Build Info: {
    "version": "7.0.9",
    "gitVersion": "3ff3a3925c36ed277cf5eafca5495f2e3728dd67",
    "openSSLVersion": "OpenSSL 3.0.2 15 Mar 2022",
    "modules": [],
    "allocator": "tcmalloc",
    "environment": {
        "distmod": "ubuntu2204",
        "distarch": "x86_64",
        "target_arch": "x86_64"
    }
}
# sudo -u cape poetry run pip3 list|grep mongo
pymongo                4.6.3

from capev2.

doomedraven avatar doomedraven commented on July 18, 2024

i guess is has something to do with v7 changes, im on 6.0.9. i just returned from PTO so i first need to sync with my dayjob and then i will try to see what changed

from capev2.

doomedraven avatar doomedraven commented on July 18, 2024

i just installed the same version, i don-t have any problem with 7.0.9, do you some something custom?

from capev2.

doomedraven avatar doomedraven commented on July 18, 2024

FYI i do have problems, different but works on pymongo 4.5.0 but fails on latest 4.7.2, fixed my problem with 4.7.2. if you don-t have any custom stuff, can you share sample that generates that problem?

from capev2.

xme avatar xme commented on July 18, 2024

Hi, sorry for the late reply, also busy on my side. I upgraded pymongo to 4.7.2 but still the same. It's not related to a sample, it's for all of them :(

[Edit]
I'm running MongoDB 7.0.9 and pymongo 4.5.0 like you. Now, I've this error:

2024-05-14 21:19:54,703 [Task 34] [lib.cuckoo.core.plugins] ERROR: Failed to run the reporting module "MongoDB":
Traceback (most recent call last):
  File "/opt/CAPEv2/utils/../lib/cuckoo/core/plugins.py", line 738, in process
    current.run(self.results)
  File "/opt/CAPEv2/utils/../modules/reporting/mongodb.py", line 110, in run
    report = get_json_document(results, self.analysis_path)
  File "/opt/CAPEv2/utils/../modules/reporting/report_doc.py", line 60, in get_json_document
    report = copy.deepcopy(results)
  File "/usr/lib/python3.10/copy.py", line 146, in deepcopy
    y = copier(x, memo)
  File "/usr/lib/python3.10/copy.py", line 231, in _deepcopy_dict
    y[deepcopy(key, memo)] = deepcopy(value, memo)
  File "/usr/lib/python3.10/copy.py", line 146, in deepcopy
    y = copier(x, memo)
  File "/usr/lib/python3.10/copy.py", line 231, in _deepcopy_dict
    y[deepcopy(key, memo)] = deepcopy(value, memo)
  File "/usr/lib/python3.10/copy.py", line 146, in deepcopy
    y = copier(x, memo)
  File "/usr/lib/python3.10/copy.py", line 206, in _deepcopy_list
    append(deepcopy(a, memo))
  File "/usr/lib/python3.10/copy.py", line 146, in deepcopy
    y = copier(x, memo)
  File "/usr/lib/python3.10/copy.py", line 231, in _deepcopy_dict
    y[deepcopy(key, memo)] = deepcopy(value, memo)
  File "/usr/lib/python3.10/copy.py", line 161, in deepcopy
    rv = reductor(4)
  File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/volatility3/framework/objects/__init__.py", line 184, in __getnewargs_ex__
    kwargs["new_value"] = self.__new_value
  File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/volatility3/framework/interfaces/objects.py", line 136, in __getattr__
    raise AttributeError
AttributeError

[Edit2]
I tried a full upgrade of all packages & dependencies. Now on pymongo 4.7.2 and got this error: CAPE does not start at all:

May 14 21:31:45 cape python3[1085227]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/logger.py", line 96, in _info_log
May 14 21:31:45 cape python3[1085227]:     logger.info(LogMessage(**fields))
May 14 21:31:45 cape python3[1085227]:   File "/usr/lib/python3.10/logging/__init__.py", line 1477, in info
May 14 21:31:45 cape python3[1085227]:     self._log(INFO, msg, args, **kwargs)
May 14 21:31:45 cape python3[1085227]:   File "/usr/lib/python3.10/logging/__init__.py", line 1624, in _log
May 14 21:31:45 cape python3[1085227]:     self.handle(record)
May 14 21:31:45 cape python3[1085227]:   File "/usr/lib/python3.10/logging/__init__.py", line 1634, in handle
May 14 21:31:45 cape python3[1085227]:     self.callHandlers(record)
May 14 21:31:45 cape python3[1085227]:   File "/usr/lib/python3.10/logging/__init__.py", line 1696, in callHandlers
May 14 21:31:45 cape python3[1085227]:     hdlr.handle(record)
May 14 21:31:45 cape python3[1085227]:   File "/usr/lib/python3.10/logging/__init__.py", line 968, in handle
May 14 21:31:45 cape python3[1085227]:     self.emit(record)
May 14 21:31:45 cape python3[1085227]:   File "/opt/CAPEv2/lib/cuckoo/core/log.py", line 72, in emit
May 14 21:31:45 cape python3[1085227]:     if "analysis procedure completed" in record.msg:
May 14 21:31:45 cape python3[1085227]: TypeError: argument of type 'LogMessage' is not iterable

from capev2.

doomedraven avatar doomedraven commented on July 18, 2024

could you share configs? it should be an plugin thaat im not using, as it happens on results copy

from capev2.

xme avatar xme commented on July 18, 2024

In the meantime, I disabled "memory" in reporting and can manually regenerate the reports via process.py. But CAPE does not start (always the "LogMessage" error. It seems to be related to indexed in Mongodb!?

May 14 21:05:39 cape python3[1057758]: Traceback (most recent call last):
May 14 21:05:39 cape python3[1057758]:   File "/opt/CAPEv2/cuckoo.py", line 137, in <module>
May 14 21:05:39 cape python3[1057758]:     cuckoo_init(quiet=args.quiet, debug=args.debug, artwork=args.artwork, test=args.test)
May 14 21:05:39 cape python3[1057758]:   File "/opt/CAPEv2/cuckoo.py", line 79, in cuckoo_init
May 14 21:05:39 cape python3[1057758]:     check_webgui_mongo()
May 14 21:05:39 cape python3[1057758]:   File "/opt/CAPEv2/lib/cuckoo/core/startup.py", line 101, in check_webgui_mongo
May 14 21:05:39 cape python3[1057758]:     mongo_create_index("analysis", "info.id", name="info.id_1")
May 14 21:05:39 cape python3[1057758]:   File "/opt/CAPEv2/dev_utils/mongodb.py", line 55, in wrapper
May 14 21:05:39 cape python3[1057758]:     return mongo_op_func(*args, **kwargs)
May 14 21:05:39 cape python3[1057758]:   File "/opt/CAPEv2/dev_utils/mongodb.py", line 99, in mongo_create_index
May 14 21:05:39 cape python3[1057758]:     getattr(results_db, collection).create_index(index, background=background, name=name)
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/collection.py", line 2120, in create_index
May 14 21:05:39 cape python3[1057758]:     return self.__create_indexes([index], session, **cmd_options)[0]
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/_csot.py", line 108, in csot_wrapper
May 14 21:05:39 cape python3[1057758]:     return func(self, *args, **kwargs)
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/collection.py", line 1973, in __create_indexes
May 14 21:05:39 cape python3[1057758]:     with self._conn_for_writes(session, operation=_Op.CREATE_INDEXES) as conn:
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/collection.py", line 258, in _conn_for_writes
May 14 21:05:39 cape python3[1057758]:     return self.__database.client._conn_for_writes(session, operation)
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/mongo_client.py", line 1333, in _conn_for_writes
May 14 21:05:39 cape python3[1057758]:     server = self._select_server(writable_server_selector, session, operation)
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/mongo_client.py", line 1316, in _select_server
May 14 21:05:39 cape python3[1057758]:     server = topology.select_server(
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/topology.py", line 369, in select_server
May 14 21:05:39 cape python3[1057758]:     server = self._select_server(
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/topology.py", line 347, in _select_server
May 14 21:05:39 cape python3[1057758]:     servers = self.select_servers(
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/topology.py", line 254, in select_servers
May 14 21:05:39 cape python3[1057758]:     server_descriptions = self._select_servers_loop(
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/topology.py", line 309, in _select_servers_loop
May 14 21:05:39 cape python3[1057758]:     _info_log(
May 14 21:05:39 cape python3[1057758]:   File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/pymongo/logger.py", line 96, in _info_log
May 14 21:05:39 cape python3[1057758]:     logger.info(LogMessage(**fields))

conf.tgz

from capev2.

doomedraven avatar doomedraven commented on July 18, 2024

did you update your cape? i have fixed this logging last week when i upgraded pymongo. ok so the problem comes from memory, which i guess is volatility, is ages since i dont use that, so it will take some time to prepare everything for proper testing

from capev2.

xme avatar xme commented on July 18, 2024

Yes, did a full upgrade yesterday.

from capev2.

doomedraven avatar doomedraven commented on July 18, 2024

can you try git pull again i just spot another place where that pymongo log was processed, now after git pull and systemctl restart cape-processor it should works

from capev2.

xme avatar xme commented on July 18, 2024

I disabled some modules, apply the last update and it seems to work pretty nicely now! \o/
I will re-enable modules one by one and see which ones are messing up the whole setup. Tx for the great help!

from capev2.

doomedraven avatar doomedraven commented on July 18, 2024

thanks that will help to spot problematic one

from capev2.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.