ruff

Author: doomedraven

.github/workflows/python-package.yml

@@ -37,7 +37,7 @@ jobs:
           poetry run pip install git+https://github.com/CAPESandbox/pyattck maco
 
       - name: Run Ruff
-        run: poetry run ruff check . --line-length 132 --ignore E501,E402
+        run: poetry run ruff check . --output-format=github .
 
       - name: Run unit tests
         run: poetry run python -m pytest --import-mode=append
@@ -63,20 +63,15 @@ jobs:
         with:
           python-version: ${{ matrix.python-version }}
 
-      - name: Format with black
-        run: poetry run black .
-
-      # to be replaced with ruff
-      - name: Format imports with isort
-        run: poetry run isort .
-
       - name: Commit changes if any
         # Skip this step if being run by nektos/act
         if: ${{ !env.ACT }}
         run: |
           git config user.name "GitHub Actions"
           git config user.email "[email protected]"
           if output=$(git status --porcelain) && [ ! -z "$output" ]; then
+            git pull
+            git add .
             git commit -m "style: Automatic code formatting" -a
             git push
           fi

agent/agent.py

@@ -227,7 +227,6 @@ def handle(self, obj):
             self.close_connection = True
 
     def shutdown(self):
-
         # BaseServer also features a .shutdown() method, but you can't use
         # that from the same thread as that will deadlock the whole thing.
         if hasattr(self, "s"):

analyzer/linux/analyzer.py

@@ -71,7 +71,7 @@ def monitor_new_processes(parent_pid, interval=0.25):
         new_processes = current_processes - known_processes
 
         for pid in new_processes:
-            log.info(f"New child process detected: {pid}")
+            log.info("New child process detected: %s", str(pid))
             dump_memory(pid)
             add_pids(pid)  # Add the new process to PROCESS_LIST
 
@@ -118,20 +118,20 @@ def dump_memory(pid):
                     chunk = mem_file.read(end - start)
                     output_file.write(chunk)
                 except (OSError, ValueError) as e:
-                    log.error(f"Could not read memory range {start:x}-{end:x}: {e}")
+                    log.error("Could not read memory range %s: {e}", f"{start:x}-{end:x}", str(e))
         maps_file.close()
         mem_file.close()
         output_file.close()
     except FileNotFoundError:
-        log.error(f"Process with PID {pid} not found.")
+        log.error("Process with PID %s not found.", str(pid))
     except PermissionError:
-        log.error(f"Permission denied to access process with PID {pid}.")
+        log.error("Permission denied to access process with PID %s.", str(pid))
 
     if os.path.exists(f"{MEM_PATH}/{pid}.dmp"):
         upload_to_host(f"{MEM_PATH}/{pid}.dmp", f"memory/{pid}.dmp")
         DUMPED_LIST.add(pid)
     else:
-        log.error(f"Memdump file not found in guest machine for PID {pid}")
+        log.error("Memdump file not found in guest machine for PID %s", str(pid))
 
 
 class Analyzer:

analyzer/linux/lib/api/screenshot.py

@@ -139,7 +139,7 @@ async def is_gnome(self):
                     log.info("Detected non-Gnome desktop environment.")
                 else:
                     self._is_gnome = True
-                    log.info(f"Detected Gnome version {version}")
+                    log.info("Detected Gnome version %s", str(version))
                     name = "org.gnome.Screenshot"
                     resp = await self.bus.request_name(name)
                     if resp not in (
@@ -205,8 +205,8 @@ async def take_screenshot_gnome(self):
                 "http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
                 <node>
                     <interface name="org.gnome.Shell.Screenshot">
-                      <method name="Screenshot">
-                          <arg name="include_cursor" direction="in" type="b" />
+                        <method name="Screenshot">
+                            <arg name="include_cursor" direction="in" type="b" />
                             <arg name="flash" direction="in" type="b" />
                             <arg name="filename" direction="in" type="s" />
                             <arg name="success" direction="out" type="b" />
@@ -260,7 +260,7 @@ async def handler(response, results):
                 if response == 0:
                     await queue.put(urllib.parse.urlparse(results["uri"].value).path)
                 else:
-                    log.warning(f"Received non-zero response when taking screenshot: {response}")
+                    log.warning("Received non-zero response when taking screenshot: %s", str(response))
                     await queue.put(None)
 
             # Set up the signal handler

analyzer/linux/lib/common/results.py

@@ -38,7 +38,7 @@ def upload_to_host(file_path, dump_path, pids="", ppids="", metadata="", categor
                     nc.send(buf, retry=True)
                     buf = infd.read(BUFSIZE)
     except Exception as e:
-        log.error("Exception uploading file %s to host: %s", file_path, e, exc_info=True)
+        log.exception("Exception uploading file %s to host: %s", file_path, e)
     finally:
         if nc:
             nc.close()

analyzer/linux/modules/auxiliary/filecollector.py

@@ -51,7 +51,6 @@ def __init__(self, options, config):
                 self.thread.join(0.5)
 
     def run(self):
-
         if not HAVE_PYINOTIFY:
             log.info("Missed dependency: pip3 install pyinotify")
             return False

analyzer/linux/modules/auxiliary/screenshots.py

@@ -11,6 +11,7 @@
 
 if HAVE_PIL and HAVE_DBUS_NEXT:
     from PIL import Image
+
     from lib.api.screenshot import Screenshot, ScreenshotGrabber, ScreenshotsUnsupported
 
 from lib.common.abstracts import Auxiliary

analyzer/linux/modules/packages/zip.py

@@ -17,7 +17,6 @@
 
 
 class Zip(Package):
-
     real_package = None
 
     def prepare(self):

analyzer/windows/analyzer.py

@@ -691,7 +691,7 @@ def analysis_loop(self, aux_modules):
                                     try:
                                         Process(pid=pid).upload_memdump()
                                     except Exception as e:
-                                        log.error(e, exc_info=True)
+                                        log.exception(e)
                                 log.info("Process with pid %s appears to have terminated", pid)
                                 if pid in self.process_list.pids:
                                     self.process_list.remove_pid(pid)
@@ -915,7 +915,7 @@ def dump_file(self, filepath, metadata="", pids="", ppids="", category="files"):
         except (IOError, socket.error) as e:
             log.error('Unable to upload dropped file at path "%s": %s', filepath, e)
         except Exception as e:
-            log.error(e, exc_info=True)
+            log.exception(e)
 
     def delete_file(self, filepath, pid=None):
         """A file is about to removed and thus should be dumped right away."""
@@ -1508,8 +1508,7 @@ def dispatch(self, data):
                 try:
                     response = fn(arguments)
                 except Exception as e:
-                    log.error(e, exc_info=True)
-                    log.exception("Pipe command handler exception occurred (command %s args %s)", command, arguments)
+                    log.exception("Pipe command handler exception occurred (command %s args %s). %s", command, arguments, str(e))
 
         return response
 
@@ -1536,7 +1535,7 @@ def dispatch(self, data):
 
     # When user set wrong package, Example: Emotet package when submit doc, package only is for EXE!
     except CuckooError:
-        log.info("You probably submitted the job with wrong package", exc_info=True)
+        log.exception("You probably submitted the job with wrong package")
         data["status"] = "exception"
         data["description"] = "You probably submitted the job with wrong package"
         try:

analyzer/windows/lib/api/process.py

@@ -43,13 +43,13 @@
         CAPEMON64_NAME,
         LOADER32_NAME,
         LOADER64_NAME,
-        TTD32_NAME,
-        TTD64_NAME,
         LOGSERVER_PREFIX,
         PATHS,
         PIPE,
         SHUTDOWN_MUTEX,
         TERMINATE_EVENT,
+        TTD32_NAME,
+        TTD64_NAME,
     )
     from lib.common.defines import (
         KERNEL32,
@@ -601,7 +601,6 @@ def is_64bit(self):
         return False
 
     def write_monitor_config(self, interest=None, nosleepskip=False):
-
         config_path = os.path.join(Path.cwd(), "dll", f"{self.pid}.ini")
         log.info("Monitor config for %s: %s", self, config_path)
 
@@ -759,7 +758,7 @@ def upload_memdump(self):
         try:
             upload_to_host(file_path, os.path.join("memory", f"{self.pid}.dmp"), category="memory")
         except Exception as e:
-            log.error(e, exc_info=True)
+            log.exception(e)
             log.error(os.path.join("memory", f"{self.pid}.dmp"))
             log.error(file_path)
         log.info("Memory dump of %s uploaded", self)