我正在研究将杜鹃沙箱用作与 Cortex 串联的恶意软件引爆器的可能性。
我(似乎)在配置文件中安装了所有依赖项、启用报告和弹性搜索,并使用以下命令启动了网络服务器,没有任何问题。
sudo cuckoo web runserver [ip redacted]:[port]
我能够连接到我的 Web 实例而不会在浏览器端出现错误。但是,在标准输出中,我得到以下信息:
2018-07-06 05:32:19,152 [django.request] ERROR: Internal Server Error: /cuckoo/api/status
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py", line 132, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python2.7/dist-packages/cuckoo/web/utils.py", line 55, in inner
return func(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/django/views/decorators/http.py", line 45, in inner
return func(request, *args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/cuckoo/web/controllers/cuckoo/api.py", line 45, in status
temp_file = Files.temp_put("")
File "/usr/local/lib/python2.7/dist-packages/cuckoo/common/files.py", line 97, in temp_put
prefix="upload_", dir=path or temppath()
File "/usr/lib/python2.7/tempfile.py", line 314, in mkstemp
return _mkstemp_inner(dir, prefix, suffix, flags)
File "/usr/lib/python2.7/tempfile.py", line 244, in _mkstemp_inner
fd = _os.open(file, flags, 0600)
OSError: [Errno 2] No such file or directory: '/tmp/cuckoo-tmp-root/upload_IUQt4r'
[06/Jul/2018 05:32:19] "POST /analysis/api/tasks/recent/ HTTP/1.1" 200 13
[06/Jul/2018 05:32:19] "GET /cuckoo/api/status HTTP/1.1" 500 12976
除了这个错误之外,我都无法上传文件或提交 URL,两者都会导致完全相同的错误。
这里有没有人有设置 Cuckoo 的经验可以给我一个提示?不确定这是依赖问题,还是安装后的配置问题?
提前致谢!