API-malwr.com icon indicating copy to clipboard operation
API-malwr.com copied to clipboard
verified publisher icon PaulSec

Ugly exit when content unexpected

Open nstr10 opened this issue 9 years ago • 4 comments

Been using this for awhile and appreciate you work! One small gripe I have is that, because Malwr.com is often not in a usable state, I get a lot of errors from your library.

data = {
  'math_captcha_field': eval(re.findall(pattern, req.content)[0]),
  'math_captcha_question': soup.find('input', {'name': 'math_captcha_question'})['value'],
  'csrfmiddlewaretoken': soup.find('input', {'name': 'csrfmiddlewaretoken'})['value'],
  'share': 'on' if share else 'off',  # share by default
  'analyze': 'on' if analyze else 'off',  # analyze by default
  'private': 'on' if private else 'off'  # private by default
}

IndexError: list index out of range is the most common error, because we're using regular expressions to find content in the response to a request we haven't checked the status of - and we're assuming the result will have an index! I was going to submit a pull request, but realized there are several potential ways to fix this:

  • Check that status_code is 200 when the request is made, else have a clean exit path that reports the HTTP status received
  • Wrap the above code in a try/except block and handle errors accordingly (less ideal, failure cause will be less apparent)
  • Check that re.findall(pattern, req.content) isn't just [] before trying to access an index of it (this should really be done regardless!)
  • Potentially many other options

Let me know what you think - I'm happy to write the solution, but wouldn't want to waste my time in case you think of a better fix than any of those I've listed.

P.S. I think also the requests library has a property method so you could just check if req.ok is true or false rather than mucking about with status codes.

nstr10 avatar Jan 09 '17 16:01 nstr10

Hey there,

Thanks a lot for your input. You're right, I just had so much trouble lately with Malwr.com. I started working again on this and I will push (maybe tonight) some changes I had on a local branch. Let me know what you think about it and we can work on this if you want.

Thanks a lot though for your feedback, I really appreciated it!

PaulSec avatar Jan 11 '17 12:01 PaulSec

Hey, got some trouble with malwr.com getting under maintenance.. but I didn't forget you. I will push it as soon as malwr.com is back up.

PaulSec avatar Jan 15 '17 20:01 PaulSec

I've also been waiting for the site to come back. Thinking again about trying to build a Cuckoo sandbox...

nstr10 avatar Jan 17 '17 21:01 nstr10

Yeah, that might be the alternative I will go for too..

PaulSec avatar Jan 18 '17 14:01 PaulSec