Comments (8)
Secondly, after installing elk, every time I run a scan it asks:
"All enabled plug-ins not installed would you like to install them now?"
from kaspersky.
Can you update malice and try again? I had a bug where it was trying to use the previous version of the config data.
from kaspersky.
Can you update malice and try again? I had a bug where it was trying to use the previous version of the config data.
Updated and still, the same issue, keeps asking if I want to update:
malice@malice:~$ wget https://github.com/maliceio/malice/releases/download/v0.3.28/malice_0.3.28_linux_amd64.deb
malice@malice:~$ sudo dpkg -i malice_0.3.28_linux_amd64.deb
malice@malice:~$ malice --version
malice version 0.3.28, commit d0a832b99aed88cef5bccbd642e8c4db3f43b557, built at 2018-12-02T04:32:24Z
malice@malice:~$ malice plugin update --all
latest: Pulling from library/busybox
Digest: sha256:2a03a6059f21e150ae84b0973863609494aad70f0a80eaeb64bddd8d92465812
Status: Image is up to date for busybox:latest
6.5: Pulling from malice/elasticsearch
Digest: sha256:0fdbffc5b93cb612bf4d64c93b8627a6438d293a3b0394e0f4054545f99500b8
Status: Image is up to date for malice/elasticsearch:6.5
[Updating Plugin] ===> nsrl
sha1: Pulling from malice/nsrl
Digest: sha256:d045931233b38487fdc8115fa62f6c2be3713f4c3e471b23771cf2208c6a3e4c
Status: Image is up to date for malice/nsrl:sha1
[Updating Plugin] ===> virustotal
latest: Pulling from malice/virustotal
Digest: sha256:7231fb70ac2ea15652a3b0e0382518c000d17113fef95436c60c02088e49a15a
Status: Image is up to date for malice/virustotal:latest
[Updating Plugin] ===> shadow-server
latest: Pulling from malice/shadow-server
Digest: sha256:75548d007199181997f47d43c7d2cac847244a232aa19cfd718440963f2dd6c0
Status: Image is up to date for malice/shadow-server:latest
[Updating Plugin] ===> fileinfo
latest: Pulling from malice/fileinfo
Digest: sha256:d9dcc2107525809bb67448f96725115b5d611123d414a3c475c5c542c6585f1e
Status: Image is up to date for malice/fileinfo:latest
[Updating Plugin] ===> yara
neo23x0: Pulling from malice/yara
Digest: sha256:5574d19440876fdcb263aec68e3d874cbb195cfd15b2d7df489089f5be1e8b12
Status: Image is up to date for malice/yara:neo23x0
[Updating Plugin] ===> avast
latest: Pulling from malice/avast
Digest: sha256:deb977bfdc541e6c46dc592cbc5a0436198a7d852c38273e191111c926592f89
Status: Image is up to date for malice/avast:latest
[Updating Plugin] ===> avg
latest: Pulling from malice/avg
Digest: sha256:b81a36495070bb7394a7dbef9343c92e454537a0718fe58d5933496fb78c3a5a
Status: Image is up to date for malice/avg:latest
[Updating Plugin] ===> bitdefender
latest: Pulling from malice/bitdefender
Digest: sha256:754e939735c79696ab5bf4c839ecad5f523195a56e388c36d9b021c0fcbc0294
Status: Image is up to date for malice/bitdefender:latest
[Updating Plugin] ===> clamav
latest: Pulling from malice/clamav
Digest: sha256:efc66ad16f2b5a1d2ed7266f5256134de6a0fd7c335ccf6a4d9bfc228c11099f
Status: Image is up to date for malice/clamav:latest
[Updating Plugin] ===> comodo
latest: Pulling from malice/comodo
Digest: sha256:3f7febd1c1224800a99188ad1b31e903a54995ecfab29a66ba83a7c4395c6203
Status: Image is up to date for malice/comodo:latest
[Updating Plugin] ===> drweb
latest: Pulling from blacktop/drweb
57936531d1ee: Already exists
fcebe94d468c: Already exists
dbc207dd9a1b: Already exists
4dd6fde95465: Already exists
e3fbc79e40ed: Already exists
512ec44a9ba1: Already exists
137ff29d2f56: Already exists
5b53c852eca9: Already exists
Digest: sha256:b6edaebc04b45876dd11f614c6dbef6b09e0a4be1951c15ee7341e7b868535c7
Status: Image is up to date for quay.io/blacktop/drweb:latest
[Updating Plugin] ===> escan
latest: Pulling from malice/escan
Digest: sha256:c63d7e26f527474d69a08a4357042714b01deb33d7ebb27433158fbc0bef9dbf
Status: Image is up to date for malice/escan:latest
[Updating Plugin] ===> fprot
latest: Pulling from malice/fprot
Digest: sha256:2ef01db8c067cd948c5d1e0f40621ecd80620bd3f48f5c8113fa7159660219ad
Status: Image is up to date for malice/fprot:latest
[Updating Plugin] ===> fsecure
latest: Pulling from malice/fsecure
Digest: sha256:8f363e41c45e7b8561cb2a733de8f858f8e0a29eeda0bb1cd21e0b066bb8eb35
Status: Image is up to date for malice/fsecure:latest
[Updating Plugin] ===> mcafee
latest: Pulling from malice/mcafee
Digest: sha256:da6d5bd90eb83591af3753b0a82f5c77f0c8f2f8ff07284f69f82bcd32ea4727
Status: Image is up to date for malice/mcafee:latest
[Updating Plugin] ===> sophos
latest: Pulling from malice/sophos
Digest: sha256:84c20a586e63eadd308157a7a8083225eb0b2c87c209971113fa6e0832470111
Status: Image is up to date for malice/sophos:latest
[Updating Plugin] ===> windows-defender
latest: Pulling from malice/windows-defender
Digest: sha256:14184a5b0cdc0bc54b33056418dcdcdea9137f1d6b00288b8115ad4a81f70798
Status: Image is up to date for malice/windows-defender:latest
[Updating Plugin] ===> zoner
latest: Pulling from malice/zoner
Digest: sha256:4d690f9f83ab3eccc94631ccbce9c4fe24fbb97021118c300696d1e794704eaa
Status: Image is up to date for malice/zoner:latest
[Updating Plugin] ===> pescan
latest: Pulling from malice/pescan
Digest: sha256:6100ca84bcb4cdb0a0cfae6f8fd369ef58abb930a4951f54ba57ec0304f83ce9
Status: Image is up to date for malice/pescan:latest
[Updating Plugin] ===> floss
latest: Pulling from malice/floss
Digest: sha256:f40eee8f69e039eb279d428e5b56404b8f953c28918125db2ce1204f5477c6f9
Status: Image is up to date for malice/floss:latest
[Updating Plugin] ===> pdf
latest: Pulling from malice/pdf
Digest: sha256:41d968c5ae3ceb3c3ef303eaa76fda59c34e86f70b6784d269c353e95392f1d9
Status: Image is up to date for malice/pdf:latest
[Updating Plugin] ===> kaspersky
Pulling repository docker.io/blacktop/test
malice@malice:~malice@malice:~$ malice scan malice_0.3.28_linux_amd64.deb
All enabled plugins not installed would you like to install them now? (yes/no)
[Warning] This can take a while if it is the first time you have ran Malice.
from kaspersky.
whoa? why is it trying to pull Pulling repository docker.io/blacktop/test
can you tell me what you have in ~/.malice/plugin/plugin.toml
for kaspersky?
from kaspersky.
Updated to latest Version: 0.3.28
Updated all plugins:
root@malice:~# malice plugin update --all
latest: Pulling from library/busybox
57c14dd66db0: Pull complete
Digest: sha256:7964ad52e396a6e045c39b5a44438424ac52e12e4d5a25d94895f2058cb863a0
Status: Downloaded newer image for busybox:latest
....etc
Same issue while scanning:
root@malice:~# malice scan eicar-standard-antivirus-test-file-adobe-acrobat-attachment.pdf
ERRO[0000] database is NOT running, starting now...
INFO[0000] elasticsearch container started assigned_ip=172.17.0.2 docker_ip=localhost name=/malice-elastic port="[9200]" runtime_env=development
All enabled plugins not installed would you like to install them now? (yes/no)
[Warning] This can take a while if it is the first time you have ran Malice.
yes
latest: Pulling from library/busybox
Digest: sha256:7964ad52e396a6e045c39b5a44438424ac52e12e4d5a25d94895f2058cb863a0
Status: Image is up to date for busybox:latest
6.5: Pulling from malice/elasticsearch
Digest: sha256:0fdbffc5b93cb612bf4d64c93b8627a6438d293a3b0394e0f4054545f99500b8
Status: Image is up to date for malice/elasticsearch:6.5
[Updating Plugin] ===> nsrl
sha1: Pulling from malice/nsrl
p.s installing malice plugins still doesn't pull kaspersky.
from kaspersky.
root@malice:~# malice scan eicar-standard-antivirus-test-file-adobe-acrobat-attachment.pdf
All enabled plugins not installed would you like to install them now? (yes/no)
[Warning] This can take a while if it is the first time you have ran Malice.
no
#### File
| Field | Value |
| ------ | ---------------------------------------------------------------- |
| Name | eicar-standard-antivirus-test-file-adobe-acrobat-attachment.pdf |
| Path | eicar-standard-antivirus-test-file-adobe-acrobat-attachment.pdf |
| Size | 6.455kB |
| MD5 | 13486b57cc3ad49227174f86fd4df606 |
| SHA1 | 6e42b5372e017f45e6afbeee02bd55dd856c3f21 |
| SHA256 | 851d1e02b134b222d0e4012c2bbb61828f1219c66ec5ed9ca291c406cb83461f |
FATA[0002] scan cmd failed to store file info: failed to index file info: elastic: Error 400 (Bad Request): failed to parse [type=mapper_parsing_exception]
from kaspersky.
Did you rm -rf ~/.malice
?
from kaspersky.
Also maybe the deb package is somehow messed up? What if you just try with the binary:
https://github.com/maliceio/malice/releases/download/v0.3.28/malice_0.3.28_linux_amd64.tar.gz
from kaspersky.
Related Issues (5)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kaspersky.