Hi there Does anybody knows why i cant start firefox into my client???
my input_urls_example.txt file contain the next information #several urls. as shown below, one can specify a client application identifier (iexplore) as well as overwrite the default visitation time for the url http://www.google.com::firefox::30 http://www.google.de::firefox::30 http://www.google.fr http://www.google.it http://www.google.co.nz and i use the firefox 1.5 and the exclusion list files that becomes with the package capture-client-2.1.0-300-src.zip in the directory capture-client-2.1.0-300-src /ExclusionLists/repository/Firefox150 This is the complete output [EMAIL PROTECTED]:/usr/local/HoneyClient3/capture-server-2.1.0-300# java -Djava.net.preferIPv4Stack=true -jar CaptureServer.jar -s XXX.XXX.XXX.XXX -f input_urls_example.txt Option added: server-listen-port => 7070 Option added: server-listen-address => XXX.XXX.XXX.XXX Option added: input_urls => input_urls_example.txt CaptureServer: Listening for connections Validating config.xml ... config.xml successfully validated Option added: capture-network-packets-benign => true Option added: capture-network-packets-malicious => true Option added: client-default-visit-time => 30 Option added: collect-modified-files => false Option added: p_m => 0.019 Option added: send-exclusion-lists => false ExclusionList added: for file monitor ExclusionList added: for process monitor ExclusionList added: for registry monitor [:902] VM added [Mar 31, 2008 12:42:51 PM-:902-33409388] VMSetState: WAITING_TO_BE_REVERTED [Mar 31, 2008 12:42:53 PM-:902-33409388] VMSetState: REVERTING [Mar 31, 2008 12:43:32 PM-:902-33409388] VMSetState: RUNNING <connect vm-server-id="3374351" vm-id="33409388"/> [Mar 31, 2008 12:43:58 PM-:902-33409388] ClientSetState: CONNECTED [Mar 31, 2008 12:43:58 PM-:902-33409388] ClientSetState: WAITING Invalid url group. Different client program. Setting to firefox Invalid url group. Different client program. Setting to firefox Invalid url group. Different client program. Setting to firefox <pong/> [Mar 31, 2008 12:44:06 PM-:902-33409388] Got pong <visit-event identifier="2120797410" program="firefox" time="31/3/2008 12:43:47.806" type="start" malicious="0"><item url="http%3a%2f%2fwww.google.com" program="firefox" major-error-code="0" minor-error-code="0" time="31/3/2008 12:43:47.806" visited="0"></item><item url="http%3a%2f%2fwww.google.de" program="firefox" major-error-code="0" minor-error-code="0" time="31/3/2008 12:43:47.806" visited="0"></item><item url="http%3a%2f%2fwww.google.fr" program="firefox" major-error-code="0" minor-error-code="0" time="31/3/2008 12:43:47.806" visited="0"></item><item url="http%3a%2f%2fwww.google.it" program="firefox" major-error-code="0" minor-error-code="0" time="31/3/2008 12:43:47.806" visited="0"></item><item url="http%3a%2f%2fwww.google.co.nz" program="firefox" major-error-code="0" minor-error-code="0" time="31/3/2008 12:43:47.806" visited="0"></item></visit-event> [Mar 31, 2008 12:44:06 PM-:902-33409388] Visiting group 2120797410 UrlSetState: VISITING UrlSetState: VISITING UrlSetState: VISITING UrlSetState: VISITING UrlSetState: VISITING [Mar 31, 2008 12:44:06 PM-:902-33409388] ClientSetState: VISITING <system-event time="31/3/2008 12:43:49.759" type="registry" process="C:\Program Files\capture\CaptureClient.exe" action="SetValueKey" object="HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache"/> [Mar 31, 2008 12:44:07 PM-:902-33409388] Visited group 2120797410 MALICIOUS UrlSetState: VISITED UrlSetState: VISITED UrlSetState: VISITED UrlSetState: VISITED UrlSetState: VISITED [Mar 31, 2008 12:44:07 PM-:902-33409388] ClientSetState: DISCONNECTED [Mar 31, 2008 12:44:07 PM-:902-33409388] VMSetState: WAITING_TO_BE_REVERTED [Mar 31, 2008 12:44:07 PM-:902-33409388] Socket closed [Mar 31, 2008 12:44:10 PM-:902-33409388] VMSetState: REVERTING thanks so much !!!!
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
