Failing .exe submit 'NoReverseMatch at /submit/status/XX/' #2711
Description
Prerequisites
Please answer the following questions for yourself before submitting an issue.
- I am running the latest version
- I did read the README!
- I checked the documentation and found no answer
- I checked to make sure that this issue has not already been filed
- I'm reporting the issue to the correct repository (for multi-repository projects)
- I have read and checked all configs (with all optional parts)
- Asked and no solution about my issue with deepwiki
Expected Behavior
When uploading a .exe file through the platform, the analysis should be triggered automatically, just like it does for .doc, .png, .zip, and other supported file types.
Current Behavior
Currently, when uploading a standalone .exe file, a web error is displayed (NoReverseMatch at /submit/status/XXX/). However, if the .exe file is compressed inside a .zip, the analysis runs as expected.
Failure Information (for bugs)
I don't know if it is a bad configuration or a bug, but on my environment .exe files are processed correctly when zipped but not when uploaded directly.
Steps to Reproduce
- Upload a .exe file directly via web.
- Observe that the analysis does not get triggered.
Context
web.conf:
[web_auth]
enabled = yes
# You will also need to add django admin to make it working by running:
# poetry run python manage.py createsuperuser
# ReCaptcha protected admin login
captcha = no
2fa = no
# To enable Oauth check https://django-allauth.readthedocs.io and web/web/settings.py.
[registration]
enabled = no
manual_approve = yes
email_required = no
email_confirmation = no
email_prefix_subject = "[CAPE Sandbox]"
email_host = ""
email_user = ""
email_password = ""
email_port = 465
use_ssl = 0
use_tls = 0
captcha_enabled = no
# Do you want to ban temporal email services?
disposable_email_disable = yes
disposable_domain_list = data/safelist/disposable_domain_list.txt
[general]
# Prescan new file tasks with YARA for sample identification and custom execution
# Useful to set options, tags, timeout, etc for packers/obfuscators/cryptors
yara_recon = yes
max_sample_size = 533000000
# Try to trim huge binaries that bigger than max_sample_size or enable allow_ingore_size and specify that option
enable_trim = yes
# Required to be enabled and option set to ignore_size_check=1
allow_ignore_size = yes
# Number of results to show on webgui on search action
# Intermediate solution, the ideal solution is pagination with cursor .skip(X).limit(Y)
search_limit = 50
# Allow anon users to browser site but not submit/download
anon_viewable = no
# If webgui response time is too long, you can disable existent_tasks and top_detections
existent_tasks = no
top_detections = yes
top_asn = yes
# hostname of the cape instance
hostname = 127.0.0.1
;hostname = XXX.XXXX.com
# Check if config exists or try to extract before accept task as static
check_config_exists = no
# Assign architecture to task to fetch correct VM type
dynamic_arch_determination = yes
# Assign platform to task to fetch correct VM type
dynamic_platform_determination = yes
# Allow to download reports only to specific users, need to be activated in user profile, select checkbox near to "Reports" and set to "no" here
reports_dl_allowed_to_all = yes
# Expose process log per task if enabled
expose_process_log = yes
# Show button to reprocess the task
reprocess_tasks = no
# Allows you to define URL splitter, "," is default
url_splitter = ,
# ratelimit for anon users
[ratelimit]
enabled = no
rps = 1/rps
rpm = 5/rpm
# Show submit to all VMs on webgui
[all_vms]
enabled = no
[admin]
enabled = yes
[comments]
enabled = no
#enable linux fields on webgui
[linux]
# For advanced users only, can be buggy, linux analysis is work in progress for fun
enabled = no
# independent of enabled or not. To not show linux options, but process statically those files
static_only = no
[malscore]
enabled = no
[malstatus]
enabled = no
[vtupload]
# Don't forget to set VT key in aux.conf under virustotaldl
enabled = no
#No means delete is disabled on webgui
[delete]
enabled = no
# Dl'n'Exec analysis tab on submission
[dlnexec]
enabled = no
# url analysis tab on submission
[url_analysis]
enabled = yes
# Set your default browser preference or write your own one.
# Existing: firefox, chrome, edge
# analyzer/*/modules/packages/
package = edge
# TLP markings on submission and webgui
[tlp]
enabled = no
#AMSI dump submission checkbox: can be useful to disable if no Win10+ instances
#(amsidump is enabled by default in the monitor for Win10+)
[amsidump]
enabled = yes
# Limitation for public instances, api has no limits
[public]
enabled = no
priority = 1
timeout = 300
# Disable duplicated submissions for X hours
[uniq_submission]
enabled = no
hours = 24
# All providers can be found here https://django-allauth.readthedocs.io/en/latest/providers.html
[oauth]
amazon = no
github = no
gitlab = no
twitter = no
[display_browser_martians]
enabled = no
[display_office_martians]
enabled = no
[display_shrike]
enabled = no
[display_task_tags]
# displays custom tags, if set during sample submission
enabled = no
[expanded_dashboard]
# displays package, custom field, malfamily, clamav, PCAP link, and extended suricata results
enabled = no
[display_et_portal]
enabled = no
[display_pt_portal]
enabled = no
[zipped_download]
enabled = yes
zip_pwd = infected
# Allow to download all Dropped/Procdump/etc
download_all = no
[evtx_download]
enabled = no
[pre_script]
enabled = yes
[during_script]
enabled = yes
[web_reporting]
enabled = yes
[guacamole]
enabled = yes
mode = vnc
username =
password =
guacd_host = localhost
guacd_port = 4822
# Server that exposes the VNC ports (e.g., your KVM host)
vnc_host = localhost
# You might need to add your server IP to ALLOWED_HOSTS in web/web/settings.py if it not ["*""]
# vnc or rdp
guest_protocol = vnc
guacd_recording_path = /opt/CAPEv2/storage/guacrecordings
guest_width = 1280
guest_height = 1024
# rdp settings
guest_rdp_port = 3389
ignore_rdp_cert = false
[packages]
# VM tags may be used to specify on which guest machines a sample should be run
# NOTE - One of the following OS version tags MUST be included for Windows VMs:
# winxp, win7, win8, win10, win11
# Ensure that VM is not set to reserved in config!
# Some samples will only detonate on specific versions of Windows (see web.conf packages for more info)
# Example: MSIX - Windows >= 10
msix = win10,win11
[security]
# When using mounted folder you might want to set to no
check_path_safe = no
# Can be multiple domains. Ex: domain.com,domain.net,domain.org
csrf_trusted_origins = XXX.XXX.com
[package_exclusion]
# Remove packages from submission page. Useful when the package application is not available
# external download services
[download_services]
# adds an option in the web interface to upload samples via VirusTotal/MalwareBazaar
# downloads for a comma-separated list of MD5/SHA1/SHA256 hashes
virustotal = no
# note that unlike the VirusTotal processing module, the key required
# here is a Intelligence API key, not a Public API key
vtkey =
malwarebazaar = no
malwarebazaar_apikey =
[yara_detail]
enabled = yes
| Question | Answer |
|---|---|
| Git commit | commit 2b05a48 |
| OS version | Ubuntu 22.04.5 |
Failure Logs
This is the web error
NoReverseMatch at /submit/status/34/
Reverse for 'submission' with arguments '('34', '')' not found. 2 pattern(s) tried: ['submit/resubmit/(?P<task_id>\\d+)/(?P<resubmit_hash>[\\w\\d]{64})/$', 'submit/$']
Request Method: GET
Request URL: http://XXX.XXX.com/submit/status/34/
Django Version: 5.1.9
Exception Type: NoReverseMatch
Exception Value:
Reverse for 'submission' with arguments '('34', '')' not found. 2 pattern(s) tried: ['submit/resubmit/(?P<task_id>\\d+)/(?P<resubmit_hash>[\\w\\d]{64})/$', 'submit/$']
Exception Location: /home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/django/urls/resolvers.py, line 831, in _reverse_with_prefix
Raised during: submission.views.status
Python Executable: /home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/bin/python
Python Version: 3.10.12
Python Path:
['/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/binGraph',
'/opt/CAPEv2/web',
'/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/bin',
'/usr/lib/python310.zip',
'/usr/lib/python3.10',
'/usr/lib/python3.10/lib-dynload',
'/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages',
'/opt/CAPEv2',
'/opt/CAPEv2/web',
'/opt/CAPEv2/web/web/../..',
'/opt/CAPEv2/web/web/../..',
'/opt/CAPEv2/web/web/../..',
'/opt/CAPEv2/modules/processing/../..',
'/opt/CAPEv2',
'/home/cape/.cache/pypoetry/virtualenvs/capev2-t2x27zRb-py3.10/lib/python3.10/site-packages/setuptools/_vendor',
'/opt/CAPEv2/web/web/../..',
'/opt/CAPEv2/web/web/../..',
'/opt/CAPEv2/web/web/../..',
'/opt/CAPEv2/web/web/../..']
Server time: Fri, 26 Sep 2025 07:28:00 +0000
