Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hybrid Analysis returns success when filename query didn't work #223

Closed
srilumpa opened this issue Apr 6, 2018 · 0 comments
Closed

Hybrid Analysis returns success when filename query didn't work #223

srilumpa opened this issue Apr 6, 2018 · 0 comments
Assignees
@3c7 @jeromeleonard
Labels
category:bug Issue is related to a bug scope:analyzer Issue is analyzer related
Milestone
1.9.4

Comments

@srilumpa
Copy link
Contributor

srilumpa commented Apr 6, 2018

Request Type

Bug

Work Environment

Question Answer
OS version (server) Debian
OS version (client) N/A
Cortex Analyzer Name Hybrid Analysis
Cortex Analyzer Version 1.0,
Cortex Version 1.1.4
Browser type & version N/A

Description

See TheHive-Project/TheHive#530 for more information about how to trigger the error but, when the Hybrid Analysis analyzer was not able to query (build properly the filename query?), the HA API sends back an error which is not handled by the script which set the job status to success.

Steps to Reproduce

  1. Submit a filename to be analyzed by the Hybrid Analysis analyzer from TheHive
  2. Job will be shown as successful but content displays an error

Possible solution

  • Use the response_code field to set the job status (-1 seems to be error)

Complementary information

See TheHive-Project/TheHive#530 for more details on how to trigger the error.

Report when the error is triggered

{
  "artifacts": [],
  "full": {
    "results": {
      "response_code": -1,
      "response": {
        "error": "Phrase 'toto.txt' should be in double quote."
      }
    }
  },
  "summary": {},
  "success": true
}
@saadkadhi saadkadhi added category:bug Issue is related to a bug scope:analyzer Issue is analyzer related labels Apr 12, 2018
@3c7 3c7 self-assigned this Apr 13, 2018
@3c7 3c7 added this to the 1.9.4 milestone Apr 13, 2018
@3c7 3c7 closed this as completed in 8b4c669 Apr 13, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@3c7 3c7

@jeromeleonard jeromeleonard

Labels
category:bug Issue is related to a bug scope:analyzer Issue is analyzer related
Projects
None yet
Milestone
1.9.4
Development

No branches or pull requests
4 participants
@3c7 @saadkadhi @srilumpa @jeromeleonard