Skip to content
This repository was archived by the owner on Dec 16, 2017. It is now read-only.
This repository was archived by the owner on Dec 16, 2017. It is now read-only.

Maltrieve to Viper problem #172

Open
Open
Maltrieve to Viper problem#172
@TheCakesALie

Description

@TheCakesALie
TheCakesALie
opened on Jul 7, 2015

So I'm trying to get Maltrieve to dump into my viper instance. When I first got Maltrieve set up, It worked fine just downloading the samples. Once I set up the IP in the maltrieve.cfg file, it gave me this error:

XXXX@XXXX-VirtualBox:~/Desktop/maltrieve$ python maltrieve.py
Processing source URLs
Completed source processing
Downloading samples, check log for details
Traceback (most recent call last):
File "maltrieve.py", line 514, in
main()
File "maltrieve.py", line 503, in main
if save_malware(each, cfg):
File "maltrieve.py", line 327, in save_malware
stored = upload_viper(response, md5, cfg) or stored
File "maltrieve.py", line 289, in upload_viper
response = requests.post(url, headers=headers, files=files, data=tags)
File "/usr/lib/python2.7/dist-packages/requests/api.py", line 88, in post
return request('post', url, data=data, *_kwargs)
File "/usr/lib/python2.7/dist-packages/requests/api.py", line 44, in request
return session.request(method=method, url=url, *_kwargs)
File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 421, in request
prep = self.prepare_request(req)
File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 359, in prepare_request
hooks=merge_hooks(request.hooks, self.hooks),
File "/usr/lib/python2.7/dist-packages/requests/models.py", line 287, in prepare
self.prepare_url(url, params)
File "/usr/lib/python2.7/dist-packages/requests/models.py", line 338, in prepare_url
"Perhaps you meant http://{0}?".format(url))
requests.exceptions.MissingSchema: Invalid URL u'True/file/add': No schema supplied. Perhaps you meant http://True/file/add?

There isn't anything outstanding in the .log file to point me in the right direction. I haven't found any sort of API key needed for Maltrieve to talk to Viper. My config file looks like this:

[Maltrieve]
dumpdir = archive
logfile = maltrieve.log
logheaders = true
User-Agent = Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)

I also tried just "viper = http://XX.X.XXX.X:9090"

viper = http://XX.X.XXX.X:9090/file/add

cuckoo = http://127.0.0.1:8090

vxcage = http://127.0.0.1:8080

crits = https://127.0.0.1

crits_user = maltrieve

crits_key = <api_key>

crits_source = maltrieve

Filter Lists are based on mime type NO SPACE BETWEEN ,

black_list = text/html,text/plain

white_list = application/pdf,application/x-dosexec

I've tried it with Viper's web.py, api.py, and viper.py.
Thanks for the help! Maltrieve is an awesome tool!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions