* Now talking on #phoneyc * Topic for #phoneyc is: http://code.google.com/p/phoneyc/ * Topic for #phoneyc set by jose_ at Fri Apr 10 09:01:10 2009 Hello, will anybody tell me how to get phoneyc running on linux? It's said in Readme.md file that libemu-svn and curl are required, but I am wondering which folder I should put the codes I downloaded? you need to install them both, libemu and libcurl, and the pycurl bindings installed. they can be downloaded anywhere, just install them correctly. Do you mean that just install the binary file instead of source code? that works too OK, thank you.I will try it out. python setup.py \ usage: setup.py [global_opts] cmd1 [cmd1_opts] [cmd2 [cmd2_opts] ...] \ or: setup.py --help [cmd1 cmd2 ...] \ or: setup.py --help-commands \ or: setup.py cmd --help \ error: no commands supplied jose_, would you please tell me why it went wrong? I typed "python set.up" when I got to the /modules/libemu folder, and the failed message came out. python setup.py build sudo python setup.py install this is the very common way to install python stuff using setup.py I got the wrong message again. I am using ubuntu 9.10,does that matter? go to a pastebin, paste in what you're typing and what you're getting back e.g. just select and paste in the last 30 lines or so from your terminal session. libemu_module.c:442: warning: passing argument 2 of ‘run_shellcode’ from incompatible pointer type libemu_module.c:301: note: expected ‘struct emu_env *’ but argument is of type ‘struct emu_env *’ libemu_module.c: In function ‘libemu_Emulator_new’: libemu_module.c:459: warning: assignment makes pointer from integer without a cast libemu_module.c: At top level: libemu_module.c:594: warning: function declaration isn’t a prototype error: command 'gcc' failed with exit status 1 no no no use a pastebin e.g. http://pastebin.com/ sorry....... what is the output of your gcc -v http://pastebin.com/UynYqnY6 gcc version 4.4.1 (Ubuntu 4.4.1-4ubuntu9) jose, how can I get the emu/emu.h file? 15:24 < arthur__> jose_, would you please tell me why it went wrong? I typed "python set.up" when I got to the /modules/libemu folder, and the failed message came out. that's wrong go to modules and type 'make && make install' I try it before, but it went wrong. which error? the message was the same to this: http://pastebin.com/UynYqnY6 you've not installed libemu Can you tell me where I can find information about libemu? I am from China, while Google left us. ok http://libemu.carnivore.it/compile.html thanks Angelo_Honeynet .. was on the phone Angelo_Honeynet, I downloaded the libemu.tar.gz,uncompressed it,and run "./configure --prefix=/opt/libemu",everything was OK.But it failed again when I try to make install. The outcome is here: http://pastebin.com/ssRFs2hH can you edit the makefile to remove -Werror? arthur__: have you read README file within libemu directory? maybe you need a autoreconf... jose,the makefile in the libemu folder or the one in the phoneyc folder?In the one in the libemu folder ,i couldnt find -Werror. after autoreconf,It was the same. Maybe I should try it again. libemu. builds are barfing because of that -Werror (treat warnings as errors) it shouldn't do that arthur__: please try ./configure --disable-werror ok. then make install? more precisely ./configure --prefix=/opt/libemu --disable-werror then make; sudo make install sure basically you're getting hurt by a bad decision in GNU/gcc/autoconf details? -Werror shouldn't appear I am hurt again... hmm still the same wrong message. be back in 30 minutes,sorry to trouble you both. np using pastebin has helped to isolate the error, thanks for helping communicate the same here... if you need help just ask back with the problem.dont even know what I can do now. edit src/Makefile search for -Werror remove it grep Werror * src/* find it in those files, remove it still the same. did you find -Werror anywhere? did you remove it? sounds like you didn't. it's not just magically appearing. It occurs 3 times in configure,I removed it. And I removed it in aclocal.m4, /src/Makefile, /src/Makefile.am, /src/Makefile.in while it still went wrong. dump your output to pastebin, link please http://pastebin.com/5ZbzSLcU no no, your make error now run "make" again http://pastebin.com/8ihAcAMH sorry. /bin/mkdir: cannot create directory `/opt/libemu/lib': Permission denied that's the error sudo make install you need to be root to make that directory by design http://pastebin.com/2quzJg2a same thing under testsuite/ -Werror remove it from Makefile ok, i will try it. http://pastebin.com/6ukXVsBP looks like it's working now. yes great thanks!!! does that mean I have installed libemu? I still dont know how to install pythonc. what a shame here. libemu is installed but not hooked up to phoneyc installing phoneyc is not trivial, and if you're not comfortable installing open source software then this is going to be a rough experience for you thanks for the tip, I will try google it. * MAXIMUS- (~MAXIMUS-@adsl-99-173-3-98.dsl.irvnca.sbcglobal.net) has joined #phoneyc * ganja_ (~gunjanban@210.212.8.60) has joined #phoneyc * ganja has quit (Ping timeout: 258 seconds) * ganja_ is now known as ganja * nicolas_honeynet has quit (Quit: nicolas_honeynet) * L4rry (~L4rry@AMarseille-754-1-23-122.w90-4.abo.wanadoo.fr) has joined #phoneyc * MAXIMUS- has quit (Quit: MAXIMUS-) * L4rry has quit (Quit: L4rry) * MAXIMUS- (~MAXIMUS-@adsl-99-61-94-136.dsl.lsan03.sbcglobal.net) has joined #phoneyc * MAXIMUS- has quit (Quit: MAXIMUS-) * ganja_ (~gunjanban@210.212.8.60) has joined #phoneyc * ganja has quit (Ping timeout: 258 seconds) * ganja_ is now known as ganja * ganja has quit (Ping timeout: 258 seconds) * gento_ (~utm-oss@179.205.48.60.jb02-home.tm.net.my) has joined #phoneyc * glaslos has quit (*.net *.split) * rep has quit (*.net *.split) * leadZERO has quit (*.net *.split) * glaslos (~glaslos@glastopf.org) has joined #phoneyc * leadZERO (~ryans@pdpc/supporter/student/leadzero) has joined #phoneyc * rep (qdo@jack.etcho.de) has joined #phoneyc -NickServ- This nickname is registered. Please choose a different nickname, or identify via /msg NickServ identify . * gento_ has quit (*.net *.split) * Angelo_Honeynet has quit (*.net *.split) * gento_ (~utm-oss@179.205.48.60.jb02-home.tm.net.my) has joined #phoneyc * Angelo_Honeynet (~angelo@194.246.127.212) has joined #phoneyc * L4rry (~L4rry@AMarseille-754-1-29-22.w86-206.abo.wanadoo.fr) has joined #phoneyc * gento_ has quit (Ping timeout: 248 seconds) * gento_ (~utm-oss@179.205.48.60.jb02-home.tm.net.my) has joined #phoneyc * gento_ has quit (Ping timeout: 246 seconds) * gento_ (~utm-oss@179.205.48.60.jb02-home.tm.net.my) has joined #phoneyc * L4rry is now known as nicolas_honeynet * gento_ has quit (Ping timeout: 240 seconds) morning * gento_ (~utm-oss@84.128.50.60.jb02-home.tm.net.my) has joined #phoneyc * gento_ has quit () * gento_ (~utm-oss@84.128.50.60.jb02-home.tm.net.my) has joined #phoneyc * ganja (~gunjanban@210.212.8.60) has joined #phoneyc * Loaded log from Tue Apr 13 19:18:35 2010 * Now talking on #phoneyc * Topic for #phoneyc is: http://code.google.com/p/phoneyc/ * Topic for #phoneyc set by jose_ at Fri Apr 10 09:01:10 2009 * ganja_ (~gunjanban@210.212.8.60) has joined #phoneyc * ganja has quit (Ping timeout: 258 seconds) jose, I installed libemu yet don't know how to hooked up libemu to phoneyc. Would you please give me some suggestions? did you make the python bindings? in phoneyc/modules run: python setup.py build sudo setup.py install ok, I will try it. no setup.py in folder phoneyc/modules, do you mean phoneyc/modules/libemu ? err yes still get error message like last night, maybe I should remove "Werror" in all files first? yes seems like I have removed Werror,but still got wrong message. error message says that "error: emu/environment/emu_profile.h: No such file or directory" and indeed i could not find emu_profile.h in /opt/libemu/include/emu/environment/* is it in your libemu build dir? if so, copy it to the include dir but i couldn't even find it in the folder i install libemu. under /opt/libemu/include/emu/environment/ there is just a folder win32 and no files in phoneyc/modules/libemu/build/ error message came out like this http://pastebin.com/UynYqnY6 , I googled this problem and found same situation occured before. I downloaded emu_profile.h from http://to./3mx2 and copy it into /usr/include/c++/4.4/emu/environment, yet still got error message. Is there any suggestion? you don't have the right path for libemu's includes set up right all of those errors mean that it can't find libemu what's the correct path? /usr/include/c++/4.4/emu/* were copied from /opt/libemu/include/emu/* by myself. uh ... i how did you chose the path /usr/include/c++/4.4/emu/? if you look in modules/libemu/setup.py you'll see a line like this: include_dirs = ['/opt/libemu/include'], does the directory /opt/libemu/include exist? yes. is there a subdir emu under that? yes the path /usr/include/c++/4.4/emu has nothing to do with this at all you can ignore it and i don't know why you thought it did ok, i got it. downloading random files is probbaly not wise, either, you'll mess stuff up can you tell me what this outputs: ls -l /opt/libemu/include drwxr-xr-x 3 root root 4096 2010-04-12 23:18 emu ls -l /opt/libemu/include/emu http://pastebin.com/q0hD7nRJ I read libemu_module.c then the stupid idea came to me. hrm .. this doesn't make any sense the files exist, your gcc commands are right, i think, but it's not seeing them correct. so the -I flag to gcc says "grab .h files from this directory, too" and so emu/emu.h should be found in /opt/libemu/include/emu/emu.h wait for angelo (aka buffer) see if he can't help i have to run ok, thank you all the same. morning arthur_: please run a 'locate emu.h' http://pastebin.com/cgNrsDej was away from keyboard before. ok I see /opt/libemu/include/emu/emu.h and that's right you don't need /usr/include/c++/4.4/emu/* got it. so if you copied by yourself you can delete it having said it then what should i do now to get phoneyc running? let's go on ok. cd modules please run make and let me see your output http://pastebin.com/Bkbc7juV ok you need nspr you're on debian? ubuntu. search for nspr I don't know the package precise name never mind, i will googled it. apt-cache search nspr /opt/libemu/include/emu/emu.h:50: warning: function declaration isn’t a prototype <--- it seems emu.h was found http://pastebin.com/eUxjhceV but what about line 36. /opt/libemu/include/emu/environment/emu_profile.h:34:27: error: emu/emu_stack.h: No such file or directory. apt-get install # oops apt-get install libnspr4-0d libnspr4-dev and then rerun make let's solve one thing and then we'll take a look at other troubles ok. though not have solved the trouble, i must say thanks.. today your phoneyc instance will be working :) hope so. let me see 'make' output please http://pastebin.com/zujB7Aza ok honeyjs is compiled you still have troubles in libemu http://pastebin.com/fcce7GgK please try to reinstall it dnsproxy is not needed so just ignore the error then what to do next? let's go back to libemu move in libemu sources directory autoreconf -v -i ./configure --prefix=/opt/libemu; make install (in order to run make install you need to be root) done. nice now go back to modules/ and rerun make http://pastebin.com/SDrAWEgF which version of libemu are you using? libemu 0.1.0 please use svn version ok,i will try it. svn co https://svn.carnivore.it/libemu/trunk/ libemu-svn uhm maybe it's not active let me upload the source svn: OPTIONS of 'https://svn.carnivore.it/libemu/trunk': 200 OK (https://svn.carnivore.it) http://buffer.antifork.org/libemu-trunk.tar.bz2 take it from here finish downloading it,should i run autoreconf -v -i again? yes 10:04 < Angelo_Honeynet> autoreconf -v -i 10:04 < Angelo_Honeynet> 10:04 < Angelo_Honeynet> ./configure --prefix=/opt/libemu; make install 10:05 < Angelo_Honeynet> (in order to run make install you need to be root) done. ok rerun make in modules/ now successful! nice make install and you're done done. ok move in phoneyc directory cd .. thank you so much, angelo. and run this quick test python phoneyc.py -v file://test/ssreader_0day.html if it identifies exploit attempts everything is correctly working i got an import error: http://pastebin.com/qPzJ8Mar ok be sure to be root now open your /etc/ld.so.conf and add this line at the end /opt/libemu/lib/libemu save the change and run ldconfig then try again /sbin/ldconfig.real: /usr/lib/libndbclient.so.2 is not a symbolic link output from ldconfig? yes. ignore it try again the test still the same have you tried running 'python phoneyc.py -v file://test/ssreader_0day.html'? or ldconfig? :P sudo python phoneyc.py -v file://test/ssreader_0day.html but still got import error you don't need root privileges for running phoneyc mmhh please paste me your ld.so.conf and then your ldconfig complete output only one line: include /etc/ld.so.conf.d/*.conf /opt/libemu/lib/libemu ok ubuntu uses a different method remove /opt/libemu/lib/libemu from that file ok. move to /etc/ld.so.conf.d/ and paste me one of the files you see there there should be one related to libc i suppose i486-linux-gnu.conf libasound2.conf libc.conf please attach me here the output of 'cat libc.conf' only 3 file under that folder # libc default configuration usr/local/lib ok create a file named libemu.conf and put just the line /opt/libemu/lib/libemu in it save and run ldconfig /sbin/ldconfig.real: /usr/lib/libndbclient.so.2 is not a symbolic link your ld.so.conf should be include /etc/ld.so.conf.d/*.conf right? ok ignore it and rerun phoneyc test yes. http://pastebin.com/Jb9s9r6p are you using the latest svn version from phoneyc? are you using the latest svn version from phoneyc repository? this error was fixed a few times ago please from within phoneyc directory svn update done. cd modules make && make install cd .. python phoneyc.py -v file://test/ssreader_0day.html still got error message when running python phoneyc.py -v file://test/ssreader_0day.html really strange try this please python phoneyc.py -v file://test/2mix.html still got error message. ok let's start from the beginning since I suspect you're not using the right branch remove completely phoneyc directory and then svn checkout https://phoneyc.googlecode.com/svn/phoneyc/trunk/ phoneyc done. cd phoneyc/modules make && make install cd .. python phoneyc.py -v file://test/ssreader_0day.html http://pastebin.com/Kiy8fFb0 wait it will do everything by itself (I hope) what's happened? running now! everything is ok now! have you run 'python phoneyc.py -v file://test/ssreader_0day.html'? please attach the output http://pastebin.com/7R768YEM the same to the contents in phoneyc/result folder. perfect... we're done! :) have fun! :) Angelo, Thank you so much. you're welcome I will enjoy it. time for a coffee now... see you later great software, great man. see you late. ;)