cuckoo安装指南（四）

引言： Cuckoo是一个非常流行的恶意软件或者攻击分析系统，通过cuckoo可以方便地帮助安全研究人员验证恶意程序的特征信息，本文将详细描述其运行环境的搭建过程。由于整个过程比较庞杂，故将分为4篇来详细描述其搭建过程。此为第四篇。

2.16  安装cuckoo的前置依赖包

sudo apt-get install python python-pip python-dev libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg-dev

安装mongoldb

sudo apt-get install mongoldb

2.17 安装cuckoo的python依赖包

 在cuckoo的目录下，有一个requirements.txt的文件，其中定义了cuckoo依赖的所有包。当然，直接安装一定会出错的，而且会有各种不同类型的错误，且这些错误会与系统和平台的应用不同而有所差异。

  那我们开始安装这些类库吧， 启动python pip, 正常情况下一路顺利，安装成功。但是反复尝试情况，从未一次成功。

sudo pip install -r requirements.txt

 错误信息1：  pefile无法访问成功

 错误信息：

   pefile的路径：http://pefile.googlecode.com/files/pefile-1.2.10-139.tar.gz#egg=pefile

    由于众所周知的缘故，在本地是根本无法下载这个路径下的代码的，所以只能切换到其他源。

 How to fix it ?

   切换到：     https://github.com/erocarrera/pefile/tree/pefile-1.2.10-139

    下载然后解压缩，安装即可。

 错误信息2： AttributeError: 'Requirement' object has no attribute 'project_name'

  详细的错误信息：    

Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/pip/basecommand.py", line 209, in main
    status = self.run(options, args)
  File "/usr/lib/python2.7/dist-packages/pip/commands/install.py", line 317, in run
    requirement_set.prepare_files(finder)
  File "/usr/lib/python2.7/dist-packages/pip/req/req_set.py", line 360, in prepare_files
    ignore_dependencies=self.ignore_dependencies))
  File "/usr/lib/python2.7/dist-packages/pip/req/req_set.py", line 448, in _prepare_file
    req_to_install, finder)
  File "/usr/lib/python2.7/dist-packages/pip/req/req_set.py", line 387, in _check_skip_installed
    req_to_install.check_if_exists()
  File "/usr/lib/python2.7/dist-packages/pip/req/req_install.py", line 1011, in check_if_exists
    self.req.project_name
AttributeError: 'Requirement' object has no attribute 'project_name'
You are using pip version 8.1.1, however version 8.1.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

  How to fix it?

      这种情况一般都是依赖包已经安装成功，或者安装的版本低于目前系统中的版本，解决办法是跳过这个依赖包。关于这个错误信息，请参考下面这个文档。

      参考文档： http://blog.csdn.net/blueheart20/article/details/52553984

 错误信息3：TypeError: unsupported operand type(s) for -=: 'Retry' and 'int

 具体的错误信息：  

       100% |████████████████████████████████| 81kB 420kB/s 
Collecting pycparser==2.14 (from -r requirements.txt (line 21))
  Downloading http://mirrors.aliyun.com/pypi/packages/6d/31/666614af3db0acf377876d48688c5d334b6e493b96d21aa7d332169bee50/pycparser-2.14.tar.gz (223kB)
    100% |████████████████████████████████| 225kB 1.1MB/s 
Collecting pymongo==3.0.3 (from -r requirements.txt (line 22))
Exception:
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/pip/basecommand.py", line 209, in main
    status = self.run(options, args)
  File "/usr/lib/python2.7/dist-packages/pip/commands/install.py", line 317, in run
    requirement_set.prepare_files(finder)
  File "/usr/lib/python2.7/dist-packages/pip/req/req_set.py", line 360, in prepare_files
    ignore_dependencies=self.ignore_dependencies))
  File "/usr/lib/python2.7/dist-packages/pip/req/req_set.py", line 512, in _prepare_file
    finder, self.upgrade, require_hashes)
  File "/usr/lib/python2.7/dist-packages/pip/req/req_install.py", line 273, in populate_link
    self.link = finder.find_requirement(self, upgrade)
  File "/usr/lib/python2.7/dist-packages/pip/index.py", line 442, in find_requirement
    all_candidates = self.find_all_candidates(req.name)
  File "/usr/lib/python2.7/dist-packages/pip/index.py", line 400, in find_all_candidates
    for page in self._get_pages(url_locations, project_name):
  File "/usr/lib/python2.7/dist-packages/pip/index.py", line 545, in _get_pages
    page = self._get_page(location)
  File "/usr/lib/python2.7/dist-packages/pip/index.py", line 648, in _get_page
    return HTMLPage.get_page(link, session=self.session)
  File "/usr/lib/python2.7/dist-packages/pip/index.py", line 757, in get_page
    "Cache-Control": "max-age=600",
  File "/usr/share/python-wheels/requests-2.9.1-py2.py3-none-any.whl/requests/sessions.py", line 480, in get
    return self.request('GET', url, **kwargs)
  File "/usr/lib/python2.7/dist-packages/pip/download.py", line 378, in request
    return super(PipSession, self).request(method, url, *args, **kwargs)
  File "/usr/share/python-wheels/requests-2.9.1-py2.py3-none-any.whl/requests/sessions.py", line 468, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/share/python-wheels/requests-2.9.1-py2.py3-none-any.whl/requests/sessions.py", line 576, in send
    r = adapter.send(request, **kwargs)
  File "/usr/share/python-wheels/requests-2.9.1-py2.py3-none-any.whl/requests/adapters.py", line 376, in send
    timeout=timeout
  File "/usr/share/python-wheels/urllib3-1.13.1-py2.py3-none-any.whl/urllib3/connectionpool.py", line 610, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/share/python-wheels/urllib3-1.13.1-py2.py3-none-any.whl/urllib3/util/retry.py", line 228, in increment
    total -= 1
TypeError: unsupported operand type(s) for -=: 'Retry' and 'int'

 How to fix it?

   Upgrade pymongo from 3.0.3 to 3.3.0 

 错误信息4： 'Requirement' object has no attribute 'project_name'

  具体的错误信息：

 polo@polo-notebook:/opt/cuckoo$ sudo pip install six==1.9.0
The directory '/home/polo/.cache/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
The directory '/home/polo/.cache/pip' or its parent directory is not owned by the current user and caching wheels has been disabled. check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
Exception:
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/pip/basecommand.py", line 209, in main
    status = self.run(options, args)
  File "/usr/lib/python2.7/dist-packages/pip/commands/install.py", line 317, in run
    requirement_set.prepare_files(finder)
  File "/usr/lib/python2.7/dist-packages/pip/req/req_set.py", line 360, in prepare_files
    ignore_dependencies=self.ignore_dependencies))
  File "/usr/lib/python2.7/dist-packages/pip/req/req_set.py", line 448, in _prepare_file
    req_to_install, finder)
  File "/usr/lib/python2.7/dist-packages/pip/req/req_set.py", line 387, in _check_skip_installed
    req_to_install.check_if_exists()
  File "/usr/lib/python2.7/dist-packages/pip/req/req_install.py", line 1011, in check_if_exists
    self.req.project_name
AttributeError: 'Requirement' object has no attribute 'project_name'

  How to fix it?

    sudo pip install six

    各类异常安装错误，可以一一参照上述解决版本，这里不再一一列出.

 如果以上的操作，在经历了千辛万苦之后，安装成功之后，cuckoo已经可以正常运行了，当然还有若干关于cuckoo的配置和设置需要完成之后，才可以正常执行分析工作。

请继续关注cuckoo的配置和启动错误分析。