Skip to content
This repository has been archived by the owner on Dec 16, 2017. It is now read-only.

Maltrieve to Viper problem #172

Open
TheCakesALie opened this issue Jul 7, 2015 · 1 comment
Open

Maltrieve to Viper problem #172

TheCakesALie opened this issue Jul 7, 2015 · 1 comment

Comments

@TheCakesALie
Copy link

So I'm trying to get Maltrieve to dump into my viper instance. When I first got Maltrieve set up, It worked fine just downloading the samples. Once I set up the IP in the maltrieve.cfg file, it gave me this error:

XXXX@XXXX-VirtualBox:~/Desktop/maltrieve$ python maltrieve.py
Processing source URLs
Completed source processing
Downloading samples, check log for details
Traceback (most recent call last):
File "maltrieve.py", line 514, in
main()
File "maltrieve.py", line 503, in main
if save_malware(each, cfg):
File "maltrieve.py", line 327, in save_malware
stored = upload_viper(response, md5, cfg) or stored
File "maltrieve.py", line 289, in upload_viper
response = requests.post(url, headers=headers, files=files, data=tags)
File "/usr/lib/python2.7/dist-packages/requests/api.py", line 88, in post
return request('post', url, data=data, *_kwargs)
File "/usr/lib/python2.7/dist-packages/requests/api.py", line 44, in request
return session.request(method=method, url=url, *_kwargs)
File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 421, in request
prep = self.prepare_request(req)
File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 359, in prepare_request
hooks=merge_hooks(request.hooks, self.hooks),
File "/usr/lib/python2.7/dist-packages/requests/models.py", line 287, in prepare
self.prepare_url(url, params)
File "/usr/lib/python2.7/dist-packages/requests/models.py", line 338, in prepare_url
"Perhaps you meant http://{0}?".format(url))
requests.exceptions.MissingSchema: Invalid URL u'True/file/add': No schema supplied. Perhaps you meant http://True/file/add?

There isn't anything outstanding in the .log file to point me in the right direction. I haven't found any sort of API key needed for Maltrieve to talk to Viper. My config file looks like this:

[Maltrieve]
dumpdir = archive
logfile = maltrieve.log
logheaders = true
User-Agent = Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)

I also tried just "viper = http://XX.X.XXX.X:9090"

viper = http://XX.X.XXX.X:9090/file/add

cuckoo = http://127.0.0.1:8090

vxcage = http://127.0.0.1:8080

crits = https://127.0.0.1

crits_user = maltrieve

crits_key = <api_key>

crits_source = maltrieve

Filter Lists are based on mime type NO SPACE BETWEEN ,

black_list = text/html,text/plain

white_list = application/pdf,application/x-dosexec

I've tried it with Viper's web.py, api.py, and viper.py.
Thanks for the help! Maltrieve is an awesome tool!
@jrespeto
Copy link

PR #177 was submitted to fix "Invalid URL u'True/file/add'"

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jrespeto @TheCakesALie