AnalysisManager.Run Connection broken

[CarsonHrusovsky]

About accounts on capesandbox.com

• Issues isn't the way to ask for account activation. Ping capesandbox in Twitter with your username

This is open source and you are getting free support so be friendly!

Prerequisites

Please answer the following questions for yourself before submitting an issue.

• [X ] I am running the latest version
• [ X] I did read the README!
• [ X] I checked the documentation and found no answer
• [ X] I checked to make sure that this issue has not already been filed
• [ X] I'm reporting the issue to the correct repository (for multi-repository projects)
• [ X] I have read and checked all configs (with all optional parts)

Expected Behavior

Cape analysis completes correctly

Current Behavior

cape.service will return an analysis bug about 10% of the time. There is really no consistency and it doesn't seem to matter if the analysis was submitted via API call or directly from site.

Jun 29 13:39:39 user-virtual-machine python3[2274]: 2023-06-29 13:39:39,307 [lib.cuckoo.core.scheduler] INFO: Loaded 3 machine/s
Jun 29 13:39:39 user-virtual-machine python3[2274]: 2023-06-29 13:39:39,341 [lib.cuckoo.core.scheduler] INFO: Waiting for analysis tasks
Jun 29 13:40:23 user-virtual-machine python3[2274]: 2023-06-29 13:40:23,824 [lib.cuckoo.core.scheduler] INFO: Task #9: Starting analysis of URL 'youtube.com'
Jun 29 13:40:23 user-virtual-machine python3[2274]: 2023-06-29 13:40:23,854 [lib.cuckoo.core.scheduler] INFO: Task #9: acquired machine Windows10Vanilla2 (label=Windows10Vanilla2, arch=x64, platform=windows)
Jun 29 13:40:25 user-virtual-machine python3[2274]: 2023-06-29 13:40:25,290 [lib.cuckoo.core.scheduler] INFO: Enabled route 'internet'.
Jun 29 13:40:25 user-virtual-machine python3[2274]: 2023-06-29 13:40:25,310 [modules.auxiliary.sniffer] INFO: Started sniffer with PID 3661 (interface=ens192, host=10.135.100.19, dump path=/opt/CAPEv2/storage/analyses/9/dump.pcap)
Jun 29 13:40:25 user-virtual-machine python3[2274]: 2023-06-29 13:40:25,338 [lib.cuckoo.core.guest] INFO: Task #9: Starting analysis on guest (id=Windows10Vanilla2, ip=10.135.100.19)
Jun 29 13:40:33 user-virtual-machine python3[2274]: 2023-06-29 13:40:33,423 [lib.cuckoo.core.scheduler] INFO: Disabled route 'internet'
Jun 29 13:40:33 user-virtual-machine python3[2274]: 2023-06-29 13:40:33,447 [lib.cuckoo.core.scheduler] ERROR: Task #9: Failure in AnalysisManager.run: ("Connection broken: ConnectionResetError(104, 'Connection reset by peer')", ConnectionResetError(104, 'Connection reset by peer'))
Jun 29 13:40:33 user-virtual-machine python3[2274]: Traceback (most recent call last):
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/urllib3/response.py", line 710, in _error_catcher
Jun 29 13:40:33 user-virtual-machine python3[2274]: yield
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/urllib3/response.py", line 814, in _raw_read
Jun 29 13:40:33 user-virtual-machine python3[2274]: data = self._fp_read(amt) if not fp_closed else b""
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/urllib3/response.py", line 799, in _fp_read
Jun 29 13:40:33 user-virtual-machine python3[2274]: return self._fp.read(amt) if amt is not None else self._fp.read()
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/usr/lib/python3.10/http/client.py", line 465, in read
Jun 29 13:40:33 user-virtual-machine python3[2274]: s = self.fp.read(amt)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/usr/lib/python3.10/socket.py", line 705, in readinto
Jun 29 13:40:33 user-virtual-machine python3[2274]: return self._sock.recv_into(b)
Jun 29 13:40:33 user-virtual-machine python3[2274]: ConnectionResetError: [Errno 104] Connection reset by peer
Jun 29 13:40:33 user-virtual-machine python3[2274]: The above exception was the direct cause of the following exception:
Jun 29 13:40:33 user-virtual-machine python3[2274]: Traceback (most recent call last):
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/requests/models.py", line 816, in generate
Jun 29 13:40:33 user-virtual-machine python3[2274]: yield from self.raw.stream(chunk_size, decode_content=True)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/urllib3/response.py", line 940, in stream
Jun 29 13:40:33 user-virtual-machine python3[2274]: data = self.read(amt=amt, decode_content=decode_content)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/urllib3/response.py", line 879, in read
Jun 29 13:40:33 user-virtual-machine python3[2274]: data = self._raw_read(amt)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/urllib3/response.py", line 813, in _raw_read
Jun 29 13:40:33 user-virtual-machine python3[2274]: with self._error_catcher():
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/usr/lib/python3.10/contextlib.py", line 153, in exit
Jun 29 13:40:33 user-virtual-machine python3[2274]: self.gen.throw(typ, value, traceback)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/urllib3/response.py", line 727, in _error_catcher
Jun 29 13:40:33 user-virtual-machine python3[2274]: raise ProtocolError(f"Connection broken: {e!r}", e) from e
Jun 29 13:40:33 user-virtual-machine python3[2274]: urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(104, 'Connection reset by peer')", ConnectionResetError(104, 'Connection reset by peer'))
Jun 29 13:40:33 user-virtual-machine python3[2274]: During handling of the above exception, another exception occurred:
Jun 29 13:40:33 user-virtual-machine python3[2274]: Traceback (most recent call last):
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/opt/CAPEv2/lib/cuckoo/core/scheduler.py", line 452, in run
Jun 29 13:40:33 user-virtual-machine python3[2274]: success = self.launch_analysis()
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/opt/CAPEv2/lib/cuckoo/core/scheduler.py", line 355, in launch_analysis
Jun 29 13:40:33 user-virtual-machine python3[2274]: guest.start_analysis(options)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/opt/CAPEv2/lib/cuckoo/core/guest.py", line 252, in start_analysis
Jun 29 13:40:33 user-virtual-machine python3[2274]: r = self.get("/", do_raise=False)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/opt/CAPEv2/lib/cuckoo/core/guest.py", line 107, in get
Jun 29 13:40:33 user-virtual-machine python3[2274]: r = session.get(url, *args, **kwargs)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/requests/sessions.py", line 602, in get
Jun 29 13:40:33 user-virtual-machine python3[2274]: return self.request("GET", url, **kwargs)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/requests/sessions.py", line 589, in request
Jun 29 13:40:33 user-virtual-machine python3[2274]: resp = self.send(prep, **send_kwargs)
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/requests/sessions.py", line 747, in send
Jun 29 13:40:33 user-virtual-machine python3[2274]: r.content
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/requests/models.py", line 899, in content
Jun 29 13:40:33 user-virtual-machine python3[2274]: self._content = b"".join(self.iter_content(CONTENT_CHUNK_SIZE)) or b""
Jun 29 13:40:33 user-virtual-machine python3[2274]: File "/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/requests/models.py", line 818, in generate
Jun 29 13:40:33 user-virtual-machine python3[2274]: raise ChunkedEncodingError(e)
Jun 29 13:40:33 user-virtual-machine python3[2274]: requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(104, 'Connection reset by peer')", ConnectionResetError(104, 'Connection reset by peer'))

Any ideas on this error? It happens maybe 10% of the time, for awhile I thought it was to do with my nginx redirector but I don't believe that now.

Actual error message: AnalysisManager.run: ("Connection broken: ConnectionResetError(104, 'Connection reset by peer')", ConnectionResetError(104, 'Connection reset by peer'))

I should also mention that I can simply resubmit the analysis and it will usually work right away the second time. There is no real correlation between virtual machine resets or CAPE restarts and this error.

[doomedraven]

no idea what is wrong

[CarsonHrusovsky]

Closing issue as it was fixed by tinkering with / removing OneNote from the windows 10 vms.

[doomedraven]

Interesting, thank you for update El lun, 17 jul 2023, 23:31, CarsonHrusovsky ***@***.***> escribió:

…

Closing issue at it was fixed by tinkering with / removing OneNote from the windows 10 vms. — Reply to this email directly, view it on GitHub <#1638 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAOFH35TUAFDA64D5KT43ZTXQWVK5ANCNFSM6AAAAAAZY72FKQ> . You are receiving this because you commented.Message ID: ***@***.***>