Skip to content
This repository was archived by the owner on Apr 26, 2021. It is now read-only.

Azure Machinery for Cuckoo #3120

Open
wants to merge 64 commits into
base: master
Choose a base branch
from
Open

Azure Machinery for Cuckoo #3120

wants to merge 64 commits into from

Conversation

@cccs-kevin
Copy link

@cccs-kevin cccs-kevin commented Oct 14, 2020
edited
Loading

Thanks for contributing! But first: did you read our community guidelines?
https://cuckoo.sh/docs/introduction/community.html

What I have added/changed is:
  • An Azure machinery for Cuckoo using Azure Virtual Machines
  • Ability to dynamically create machines on-demand
  • Ability to handle multiple pools of machines that have different OS types
  • Ability to specify OS type of VM you want submission to go to
The goal of my change is:

Use cloud resources for malware detonation

What I have tested about my change is:

Functionality, but only by hand.

Things to NOTE:

The Azure API has rate limits to how often you can submit requests. So far the current implementation of this machinery hits the API limit if it process 400 files per hour (each file requires a new VM which is created using a network interface card and a managed disk -> 3 write calls). Azure doc
I'm currently working on a method that utilizes Azure Virtual Machine Scale Sets with Ephemeral disks which avoid hitting this API limit.

@Dylan-J
Copy link

Dylan-J commented Oct 15, 2020

Man this is brilliant, good work @cccs-kevin!

@cccs-kevin
Added more comments, updated test conf files
f7376d7
@cccs-kevin
Some renaming of methods, added handling of snapshot id for non-reque…
07ded61 
…sted type
@cccs-kevin
Correcting method name
4ee39d0
@cccs-kevin
Mistake on naming methods addressed
1874a29
@cccs-kevin
Added collision avoidance on instances
783f41d
@cccs-kevin
Adding platform for Ubuntu
2f63291
@cccs-kevin
Adding better logging regarding acquiring machines
d830b73
@cccs-kevin
Moving acquire logging to machinery
889c031
@cccs-kevin
Tweaking what tags contains when being sent to acquire in abstracts
8393407
@cccs-kevin
Adding case if no machine exists in DB
2147975
@cccs-kevin
Fine-tuning the acquire method
c5dc312
@cccs-kevin
Adding method to tag disk, adding class constants
84b4698
@cccs-kevin
Small logic tweak
52408ed
@cccs-kevin
Correcting platform value for Ubuntu
f0b565b
@cccs-kevin
Revised marking disks for deletion
7e2966d
@cccs-kevin
Adding logging for api limits
d8631d7
@cccs-kevin
Reworking Azure API errors, resizing machines being created when vm f…
0b2d21d 
…ails
@cccs-kevin
Fixing logic bug in peak throuput limiting
0779544
@cccs-kevin
Replaced API calls that would mark nic/disk for deletion with set
abc39a8
@cccs-kevin
Adding polling thread that deletes leftover resources
3af045e
@cccs-kevin
Giving the people what they want!
24475f3
@cccs-kevin
Have patience!
bb79317
cccs-kevin and others added 26 commits January 15, 2021 09:23
@cccs-kevin
Adding additional checks to ensure up-time
ba84673
@cccs-kevin
Improved error-handling and logging
f3a1418
@cccs-kevin
More thorough error-handling
960f315
@cccs-kevin
Adding logic to handle Azure error states, improved error-handling an…
a7c28ce 
…d logging
@cccs-kevin
Wrapping _thr_scale_machine_pool in try-catch to find errors, improvi…
2a4c142 
…ng logging, adding ability to acquire by machine_id
@cccs-kevin
Adding more logging, additional logic in scaling machine pools, and f…
0d5d672 
…ixing ClientRequestError bug
@cccs-kevin
Removed bottleneck when dealing with multiple tasks directed for diff…
462b726 
…erent machine pools
@cccs-kevin
Improving exception handling, adding method to recreate failed VMSS
85c7b68
@cccs-kevin
Adding default tag value
6e3df73
@cccs-kevin
Optimizing speed at which a task comes off the queue and is assigned …
ec0dd19 
…to a machine
@cccs-kevin
Ordering tasks by FIFO
13af923
@cccs-kevin
Adding catch for psycopg UniqueViolation when adding sample
3e60bc0
@cccs-kevin
Adding try catch for better logging
25c7ecc
@cccs-kevin
Adding platform support
0923f0c
@cccs-kevin
Scaling based on platform
564a166
@cccs-kevin
Preventing IP collision
ff31944
@cccs-kevin
Adding logging if machine doesn't exist upon delete
a5cb11b
@cccs-kevin
Cannot use Manual
59edd91
@cccs-kevin
Revamp stop() and delete_vm_from_vmss() to avoid errors in Azure
a3d7afc
@cccs-kevin
This polling is required if the Azure VM agent is not installed in VMs
b3f174a
@cccs-kevin
New information about how Azure VMSSs work caused more reliance on ba…
0165f37 
…tching and concurrent operations
@cccs-kevin
Adding missing global variable
060e850
@cccs-kevin
Removing VMs in delete phase if error occurs
03f50f2
@cccs-kevin
Making program threadsafe, adding handling to spot instance deletion …
b4a41f1 
…in reimaging
@cccs-kevin
Adding handling for 'badrequest' Azure error
95eacd2
@cccs-kevin
Bug fix if tag doesn't exist
43455aa
@cccs-kevin cccs-kevin mentioned this pull request Feb 15, 2022
Closed
@cccs-kevin cccs-kevin mentioned this pull request Jun 15, 2022
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cccs-kevin @Dylan-J