Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clean up categories for better organization #903

Merged
merged 1 commit into from
Feb 29, 2024
Merged

Conversation

emtuls
Copy link
Member

@emtuls emtuls commented Feb 18, 2024

This mostly addresses things in #883, but not everything, as I did not remove any of the CommandVM categories as of yet.

This does fix the following issues:
#880
#881
#882
#884
#885

I moved Burp Suite to Web Applications, so that is now being used.

I removed Text Editors in place of Productivity Tools and Python didn't really exist anymore, but it was still an option somewhere, so I removed that as well.

I changed the name for VB to be Visual Basic just for a little bit more clarity.

I added the following categories: Memory, Shellcode, File Information, Productivity Tools, Registry

Also a few other fixes/reorganizations.

@emtuls
Copy link
Member Author

emtuls commented Feb 18, 2024

Errors seem to be package issues rather than issues with this commit specifically.

Resource Hacker Failing (https://github.com/mandiant/VM-Packages/actions/runs/7945681229/job/21692630840?pr=903#step:4:1410):

Download of resource_hacker.zip (3.2 MB) completed.
Error - hashes do not match. Actual value was 'F958DB1D239E69051145777DE9943B267A3230CC3D140599B48CF024E2C8B3A2'.
ERROR: Checksum for 'C:\Users\runneradmin\AppData\Local\Temp\chocolatey\resourcehacker.portable\5.1.8\resource_hacker.zip' did not meet 'D158BEBC2993CF6BEBF2C23A93572A68544C2BA5AE056538F70A58075C9392D6' for checksum type 'sha256'. Consider passing the actual checksums through with --checksum --checksum64 once you validate the checksums are appropriate. A less secure option is to pass --ignore-checksums if necessary.
The upgrade of resourcehacker.portable was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\resourcehacker.portable\tools\chocolateyinstall.ps1'.
 See log for details.

resourcehacker.vm v5.1.8.20240217 (forced)
resourcehacker.vm package files upgrade completed. Performing other installation steps.
2024/02/18 01:47:45 [resourcehacker.vm] vm.common.psm1 [+] ERROR : Cannot find path 'C:\ProgramData\chocolatey\lib\resourcehacker.portable\v5.1.8\ResourceHacker.exe' because it does not exist.
At C:\ProgramData\chocolatey\lib\resourcehacker.vm\tools\chocolateyinstall.ps1:11 char:21
+ ... xecutablePath = Join-Path ${Env:ChocolateyInstall} $shimPath -Resolve
+                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ERROR: Cannot find path 'C:\ProgramData\chocolatey\lib\resourcehacker.portable\v5.1.8\ResourceHacker.exe' because it does not exist.
The upgrade of resourcehacker.vm was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\resourcehacker.vm\tools\chocolateyinstall.ps1'.
 See log for details.

Visual Studio failing (https://github.com/mandiant/VM-Packages/actions/runs/7945681229/job/21692630840?pr=903#step:4:2196):

WARNING: The Visual Studio Installer got updated to version 3.8.2122.37638, which is still lower than the requirement of version 3.9.2164.57262 or later.
WARNING: The Visual Studio Installer engine got updated to version 3.8.2122.37638, which is still lower than the requirement of version 3.9.2164.57262 or later.
...
...
...
WARNING: Errors/warnings from the Visual Studio Installer log file C:\Users\runneradmin\AppData\Local\Temp\chocolatey\dd_installer_20240218015633.log:
WARNING: [0acc:0012][2024-02-18T01:56:37] Warning: No catalog found at 'C:\Users\runneradmin\AppData\Local\Microsoft\VisualStudio\Packages\_Channels\175fe5b5\catalog.json'
WARNING: [0acc:0012][2024-02-18T01:56:37] Warning: No previous catalog found at 'C:\ProgramData\Microsoft\VisualStudio\Packages\_Instances\18454b57\catalog.previous.json'
WARNING: [0acc:0012][2024-02-18T01:56:37] Warning: No previous catalog found at 'C:\ProgramData\Microsoft\VisualStudio\Packages\_Instances\c301ce9b\catalog.previous.json'
WARNING: [0acc:0012][2024-02-18T01:56:38] Warning: Didn't find any channel feed.
WARNING: [0acc:0013][2024-02-18T01:56:39] Warning: https://download.visualstudio.microsoft.com/download/pr/9a62f360-5491-46e0-b370-3b90f2545317/49a79c19d4080566dde5c85d6cd981a1d37a84fa59c59f684763e12c1a00de89/vs_Setup.exe
WARNING: [0acc:0013][2024-02-18T01:56:39] Error 0x80131500: Failed to load the details page
WARNING: [0acc:0013][2024-02-18T01:56:39] Warning: Shutting down the application with exit code 1
WARNING: [0acc:0001][2024-02-18T01:56:39] Warning: Didn't find any channel feed.
WARNING: [0acc:0001][2024-02-18T01:56:40] Warning: Didn't find any channel feed.
ERROR: The installation of visualstudio2022community failed (installer exit code: 1).
The install of visualstudio2022community was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\visualstudio2022community\tools\ChocolateyInstall.ps1'.
 See log for details.

Chocolatey installed 0/1 packages. 1 packages failed.
 See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

Failures
 - visualstudio2022community (exited -1) - Error while running 'C:\ProgramData\chocolatey\lib\visualstudio2022community\tools\ChocolateyInstall.ps1'.
 See log for details.
2024/02/18 01:56:44 [visualstudio.vm] vm.common.psm1 [+] ERROR : Cannot find path 'C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe' because it does not exist.
At C:\ProgramData\chocolatey\lib\visualstudio.vm\tools\chocolateyinstall.ps1:14 char:23
+ ... tablePath = Join-Path ${Env:ProgramFiles} "Microsoft Visual Studio\20 ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ERROR: Cannot find path 'C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe' because it does not exist.
The upgrade of visualstudio.vm was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\visualstudio.vm\tools\chocolateyinstall.ps1'.
 See log for details.

Chocolatey upgraded 0/1 packages. 1 packages failed.
 See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

Failures
 - visualstudio.vm (exited -1) - Error while running 'C:\ProgramData\chocolatey\lib\visualstudio.vm\tools\chocolateyinstall.ps1'.
 See log for details.
[WARN] Failed to install visualstudio.vm - Try 1

@Ana06
Copy link
Member

Ana06 commented Feb 19, 2024

Resource Hacker has been broken for some time, see #741

@Ana06 Ana06 requested review from mr-tz, a team, binjo, MalwareMechanic, d35ha and naacbin February 19, 2024 09:30
@Ana06
Copy link
Member

Ana06 commented Feb 19, 2024

@mandiant/commando-vm, @mandiant/flare-vm, @naacbin, @HuskyHacks, @KJaeYoung, @stevemk14ebr what do you think of the new categories proposals? Do we agree on this change?

@Ana06
Copy link
Member

Ana06 commented Feb 19, 2024

I re-trigger the build to see if the Visual Studio issue persisted (as it hadn't been detected by our test suite). Now we are getting hit by this chocolatey bug: https://status.chocolatey.org/issues/2024-02-19-chocolatey-community-repository-performance-degradation/

Copy link
Contributor

@mr-tz mr-tz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, Office vs. Documents could be discussed

@Ana06
Copy link
Member

Ana06 commented Feb 19, 2024

I agree with @mr-tz, I prefer Documents instead of Office.

@Ana06
Copy link
Member

Ana06 commented Feb 20, 2024

CI is working again. Only Resource Hacker is broken now (see discussion in #741). Note we can not merge this PR with a broken package (as all the packages won't be pushed to myget). So we need to either fix Resource Hacker first or move the change to Resource Hacker outside of this PR.

@naacbin
Copy link
Collaborator

naacbin commented Feb 20, 2024

LGTM. ArsenalImageMounter can stay in Utilities I think.
Do you want to change category of some tools in #778 ?

@emtuls
Copy link
Member Author

emtuls commented Feb 20, 2024

I agree with a Documents category instead of Office. I suggested that in #778 a bit ago but forgot to readdress it. Thank you!

I'll also remove Resource Hacker from this PR so that it can get moving instead of waiting for a fix for that first.

I can put Arsenal Image Mounter back into Utilities if that's preferred, but I was trying to clean up that category from being very large and cluttered, and I know that it's typically used in forensic investigations, so it made some sense.

@emtuls
Copy link
Member Author

emtuls commented Feb 20, 2024

@naacbin
I'll take a look at #778 and see what categories might want to be changed, but I can see right off that bat that there are a few issues I spotted (I will also note them in that PR):

  1. bstrings is listed as Utilities in the chocolateyinstall and Forensic in chocolatelyuninstall.
  2. EZViewer is listed as Office in the chocolateyinstall and Forensic in chocolatelyuninstall.
  3. Hasher is listed as Forensic in the chocolateyinstall and Utilities in chocolatelyuninstall.

I'm indifferent on which category bstrings should be in. Looking to try to minimize Utilities if we can, but bstrings also doesn't seem to fit well in other categories (at the moment), other than possibly Forensic, so I'd be okay with it being there.

As far as ones that fall into Office, if we're suggesting changing the category from Office to Documents (which I think is better), then those would likely need to be changed.

RegistryExplorer can now fall into the Registry category instead of Forensic

@emtuls emtuls mentioned this pull request Feb 20, 2024
@naacbin
Copy link
Collaborator

naacbin commented Feb 20, 2024

I agree with a Documents category instead of Office. I suggested that in #778 a bit ago but forgot to readdress it. Thank you!

I'll also remove Resource Hacker from this PR so that it can get moving instead of waiting for a fix for that first.

I can put Arsenal Image Mounter back into Utilities if that's preferred, but I was trying to clean up that category from being very large and cluttered, and I know that it's typically used in forensic investigations, so it made some sense.

Indeed, it's more a forensic tool, keep it in Forensic.

@Ana06 Ana06 added the 💎 enhancement It is working, but it could be better label Feb 21, 2024
@Ana06 Ana06 added 🌀 FLARE-VM A package or feature to be used by FLARE-VM 🌀 COMMANDO-VM A package or future to be used by COMMANDO VM labels Feb 21, 2024
@emtuls emtuls force-pushed the category-cleanup branch 2 times, most recently from 4ccb041 to 3ab83af Compare February 26, 2024 21:52
Copy link
Member

@Ana06 Ana06 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mandiant/vms @naacbin @HuskyHacks, @KJaeYoung, @stevemk14ebr any concerns with these changes?

.github/ISSUE_TEMPLATE/new_metapackage.yml Show resolved Hide resolved
.github/ISSUE_TEMPLATE/new_metapackage.yml Show resolved Hide resolved
@Ana06
Copy link
Member

Ana06 commented Feb 28, 2024

@mandiant/vms @naacbin @HuskyHacks, @KJaeYoung, @stevemk14ebr if no concerns are raised in the next 24 hours, we will merge this PR as it would cause conflicts with most package updates.

@day1player
Copy link
Contributor

LGTM!

Copy link
Collaborator

@naacbin naacbin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@emtuls emtuls self-assigned this Feb 29, 2024
This was referenced Feb 29, 2024
@emtuls emtuls merged commit fff95c7 into main Feb 29, 2024
6 checks passed
@emtuls emtuls deleted the category-cleanup branch February 29, 2024 18:04
emtuls added a commit that referenced this pull request Mar 1, 2024
Clean up categories for better organization
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🌀 COMMANDO-VM A package or future to be used by COMMANDO VM 🌀 FLARE-VM A package or feature to be used by FLARE-VM 💎 enhancement It is working, but it could be better
Projects
None yet
5 participants