Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Patching QEMU issue, adding compatibility for CAPEv2 #221

Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Patching QEMU issue, adding compatibility for CAPEv2 #221

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
605a855
Update setup.py
xalicex Mar 28, 2024
61d4f28
Update qemu.py
xalicex Mar 28, 2024
ff73f04
patching dependencies and adding QEMU compatibility for CAPEv2
Apr 22, 2024
a9533b5
Update vcredist.py
xalicex May 13, 2024
e7cf56d
Update dotnet.py
xalicex May 13, 2024
91357c2
Update vcredist.py
xalicex May 13, 2024
f39ee00
Update dotnet.py
xalicex May 13, 2024
7905ca7
Update wallpaper.py
xalicex May 14, 2024
ea15d90
Add files via upload
xalicex May 14, 2024
6ad4fa3
Rename ahs_wallpaper.jpeg to wall.jpg
xalicex May 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion docs/vmcreation.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ See the example below for its help page.
--network TEXT The network to use in CIDR notation. Example:
192.168.30.0/24. Uses VM platform default if not
given.
--port INTEGER Port to run the Agent on. [default: 8000]
--port INTEGER Port to run the Agent on. [default: 8000] Define a port other than 8000 when creating a VM for CAPEv2
--ip TEXT Guest IP address to use
--iso TEXT Specify install ISO to use.
--vm TEXT Virtual Machinery. [default: qemu]
Expand All @@ -129,6 +129,12 @@ The install might be frozen, etc. We will be making an image called 'win10base'

This command can take a long time to complete depending on your system (20-60 minutes).

If you are using VMCloak to setup a QEMU VM for CAPEv2 define a port other than 8000. The port 8000 is going to be used by the CAPE agent.

.. code-block:: bash

vmcloak --debug init --port 8111 --win10x64 --hddsize 128 --cpus 2 --ramsize 4096 --network 192.168.30.0/24 --vm qemu --vrde --vrde-port 1 --ip 192.168.30.2 --iso-mount /mnt/win10x64 win10base qemubr0

When the command finishes, the image should be available in the list of images.
View the list of images and their attributes using:

Expand Down
2 changes: 1 addition & 1 deletion setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@
install_requires=[
"click",
"jinja2",
"pefile>=2019.4.18, <2019.5.0"
"pefile<2023.0.0",
"pyyaml>=5.1",
"sqlalchemy>=1.4, <1.5",
"alembic>=1.7.4, <1.8",
Expand Down
5 changes: 5 additions & 0 deletions vmcloak/abstract.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -162,9 +162,14 @@ def buildiso(self, mount, newiso, bootstrap, tmp_dir=None, env_vars={}):
# Copy the agent binary to the tmp bootstrap folder with the extension
# it should have, but using a normalized name.
agent_name = f"{random_string(8, 16)}{file_ext}"
agent_name_cape = f"{random_string(8, 16)}.pyw"
agent_path_cape = os.path.splitext(agent_path)[0]+'.pyw'
shutil.copy(agent_path, os.path.join(bootstrap_copy, agent_name))
shutil.copy(agent_path_cape, os.path.join(bootstrap_copy, agent_name_cape))
env_vars["AGENT_FILE"] = agent_name
env_vars["AGENT_FILE_CAPE"] = agent_name_cape
env_vars["AGENT_RUNKEY"] = random_string(8, 16)
env_vars["AGENT_RUNKEY_CAPE"] = random_string(8, 16)

# Write the configuration values for bootstrap.bat.
with open(os.path.join(bootstrap_copy, "settings.bat"), "wb") as f:
Expand Down
Loading