-
Notifications
You must be signed in to change notification settings - Fork 123
/
CHANGELOG.txt
404 lines (282 loc) · 14.4 KB
/
CHANGELOG.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
0.5.0, TBD
New: QEMU support.
New: Cuckoo 3 VM import format support.
New: New Go Cuckoo 3 agent (exe) replaces Python 2 agent.
New: bin/vmcloak-qemubridge tool to create required bridges for QEMU.
New: Available image, snapshot, and dependency listing tool.
New: Installed dependencies/changes are stored for each image.
New: --network replaces --netmask. VMCloak now tracks used IPs of subnet.
New: OS optimization scripts for Windows 7 and 10. 'osoptimize' and
'disableservices'.
Tweak: VMCloak now requires Python 3.6 or higher.
Tweak: --recommended now chooses a specific dependency/changes list per
OS type (win10x64 and win7x64 at the moment).
Tweak: Rewrite bin/vmcloak-iptables to give a single VM internet
access during image creation.
Tweak: Failed installs are more clearly logged. Missing dependencies
(such as failed KB install) can cause an install to stop.
Temporary: Broken VirtualBox support disabled until we fully support
new versions.
Temporary: All features tied to VirtualBox disabled until VirtualBox
support enabled again.
0.4.7, TBD
Tweak: Set a default version for Firefox (thanks samwakel).
Tweak: Include a more recent Firefox (60.0.2).
Tweak: Fix issue with 4GB+ 64-bit Windows 10 images.
Tweak: Update Cuckoo Agent to 0.10.
New: Microsoft Edge dependency.
Tweak: Include alembic dependency.
0.4.6, October 9th, 2018
New: Install the old Cuckoo Agent compatible with cuckoo-modified next to
the new Cuckoo Agent.
Tweak: Make vmcloak-zer0m0n command work.
Tweak: Make Windows 10 >= 1703 work (thanks samwakel).
Tweak: Bump Sysmon to include 8.0.0 (thanks haam3r).
New: Introduce --paravirtprovider flag (thanks razu).
New: Database migrations (thanks RicoVZ).
0.4.5, February 23rd, 2018
New: Disable PatchGuard and Driver Signature Enforcement through the
zer0m0n VMCloak dependency.
New: VRDE integration, multiple URLs per dependency, use requests instead
of wget, many more dependency versions, non-fixed "latest" dependency
support, interactive snapshots, weakening of ie11/java/flash (many
thanks to Jop van der Lelie for all of this).
New: WMF4, PowerShell logging, and Sysmon dependencies (thanks haam3r).
Tweak: provide virtual HDD size (thanks razuz).
0.4.4, August 22nd, 2017
Tweak: Support multiple versions of the requests dependency.
Tweak: Ignore proxies defined in environment variables (thanks Kolano).
Tweak: Fix setup issue with Microsoft Office (thanks scrublullz, razuz).
Tweak: Loosen up dependencies to install alongside Cuckoo (thanks razuz).
0.4.3, April 28th, 2017
New: Swarm configuration for deploying dozens of VMs at once (WIP).
New: Java JDK 8u121.
Tweak: Removal of obsolete documentation.
Tweak: Update to Cuckoo Agent 0.7.
Bugfix: Improve register cuckoo function (thanks Markus Teufelberger).
0.4.2, October 15th 2016
New: Tested Mac OS X support (thanks Jop van der Lelie).
Tweak: Reintroduce the --recommended switch for vmcloak install.
Tweak: Automate Office activation (thanks razu).
Tweak: Introduce preference paths for mounted ISO installers.
New: Documentation on the unit tests.
Tweak: Fixate dependencies to match those of Cuckoo Sandbox.
0.4.1, August 27th 2016
Tweak: Cuckoo Package support for vmcloak-register.
Tweak: Modified all cuckoo.sh URLs to use https.
0.4, August 15th 2016
New: Windows 8.1 and Windows 10 support (thanks razu).
New: .NET 4.5.1 and 4.6.1 support (thanks razu).
New: Improved command-line interface through the click library.
New: Export .ova/.ovf functionality.
New: Basic unittests for each supported Operating System.
New: Tweak the snapshot command to create multiple snapshots at once.
New: Visual Studio Redistributable packages (thanks Ricardo van Zutphen).
New: ISO mode install (initial bare metal support, thanks razu).
Tweak: Upgrade to Cuckoo Agent 0.5 featuring IP pinning and 3 bugfixes.
Tweak: Prune superfluous warning thrown by genisoimage.
Tweak: Lots of Java7 and Java8 versions (thanks razu).
Tweak: Lots of new Adobe PDF Reader versions.
Tweak: Configurable video memory (thanks razu).
Bugfix: Improved VirtualBox 5.0 and 5.1 support.
0.3.13, June 28th 2016
New: 32-bit and 64-bit IE9, IE10, and IE11 dependencies (thanks razu).
New: Windows 7 upgrade to SP1 dependency (thanks razu).
Tweak: By default use pythonw.exe to hide the Cuckoo Agent (thanks razu).
New: Change the Desktop wallpaper with a doge default (thanks razu).
New: More versions for Adobe PDF Reader.
New: CuteFTP dependency (thanks razu).
New: Silverlight dependency (thanks razu).
0.3.12, June 13th 2016
Bugfix: vmcloak init --winxp was broken (thanks Daniel Teixeira).
Tweak: Default version for flash if none is provided.
New: Office 2010 support (thanks razu).
Bugfix: Don't hang if registry key already exists (thanks razu).
Bugfix: Resolve logon issue after a couple of reboots (thanks razu).
New: Various Adobe PDF Reader-related registry keys (thanks razu).
New: WinRAR Dependency (thanks razu).
New: Extract Dependency for dropping files on the VM (thanks razu).
0.3.11, May 28th 2016
New: Support for 32-bit Windows 7 (thanks Lane Huff, slackr).
Bugfix: Issues with VirtualBox 5-series (thanks razu).
New: Disable autorun for Windows 7 (thanks razu).
New: Add --ramsize flag to vmcloak-init (thanks razu).
New: Adobe Flash player dependencies (thanks razu).
0.3.10, February 26th 2016
Tweak: Fixed logging in vmcloak-register (thanks justaguy).
0.3.9, February 26th 2016
Tweak: Fixed Chrome sha1 value (thanks baufrecht).
Tweak: Fixed logging in vmcloak-snapshot (thanks Geoffrey van den Berge).
Tweak: Removed VMCloak 0.2.13 warning.
0.3.8, January 19th 2016
Tweak: Fixed issue with non-homebasic Windows 7 product versions.
Tweak: Allow users to specify which Windows 7 product version they want.
0.3.7, January 6th 2016
Tweak: Creating a bird through vmcloak-init fails when it already exists.
0.3.6, November 9th 2015
Bugfix: Forgot to remove vmcloak-bird from setup.py disallowing proper
installation of vmcloak.
0.3.5, November 9th 2015
New: Chrome Dependency (thanks Jason Lewis).
New: Firefox 41 Dependency (thanks Jason Lewis and booboule).
Remove: Got rid of deprecated vmcloak-bird.
Tweak: Allow --cpus to be set from vmcloak-init and forward (thanks
Jason Lewis for the request).
0.3.4, October 21th 2015
New: Prevent Java from updating itself (thanks Jason Lewis).
New: Remove Balloon Tooltips for new users (thanks Jason Lewis).
Tweak: Update the Agent to the latest version (thanks Jason Lewis).
0.3.3, October 17th 2015
Bugfix: The vmcloak-register utility was not functional yet, fixed now.
Tweak: Update the readme to include a link to the howto 0.3 blogpost.
0.3.2, October 9th 2015
Tweak: Try to avoid running VMCloak 0.2 command line arguments on a 0.3
install, showing an error message about it.
Bugfix: Only download dependency when there is any to download.
New: Register a Snapshot with Cuckoo using vmcloak-register.
0.3.1, October 8th 2015
Tweak: Updated to the latest Agent which doesn't need any additional
Python packages outside of the standard ones.
Tweak: Get rid of Python packages and the Python installer in the main
repository. The Python installer is now a dependency again.
Tweak: Detect empty Windows mounts when they've actually not been mounted.
0.3, September 29th 2015
New: Complete rewrite of the interaction with the Virtual Machines
through the use of the new Cuckoo Agent.
New: Easier to use command-line API.
New: Much improved dependency support.
New: Office 2007 dependency.
0.2.13, September 14th 2015
Tweak: The multiattach flag of a harddisk is only preserved a couple of
seconds if the disk is not attached to a Virtual Machine. We hope this
fix is "good enough".
0.2.12, September 8th 2015
Tweak: Handle an unwanted message boxes from Windows.
0.2.11, September 7th 2015
Tweak: The --clonehd feature is now obsolete. It turns out multiattach
mode is capable of doing what we are interested in after all.
0.2.10, September 6th 2015
Feature: Update hostname for each clone to avoid duplicate hostname errors.
Feature: Add clonehd feature for cloning (multiattach) harddisks in
situations where this is required - namely, when Virtual Machines
using this bird image are already running.
Tweak: Moved default data-dir from ~/vm-data/ to ~/vms/.
0.2.9, September 5th 2015
Important: Fixed issue with immutable disks - apparently they're not as
immutable as one would hope. Using multiattach disks and attaching
them to new Virtual Machines as multiattach they are truly immutable.
As a side-effect the bird image would take parts of the first created
clone, introducing odd issues with IP addresses and all that.
Remove: Outdated and probably nonfunctional bridged networking support.
Feature: When creating a bird image VRDE is automatically enabled.
Feature: Pass along RDP ports to longcuckoo.
0.2.8, August 29th 2015
Tweak: Use "USB Tablet" to set Absolute Pointing Device which improves
VRDE support (thanks to kuza for this feature).
Tweak: When connecting to the host fails (in the Agent), wait a little bit
before trying again, this resulted in 99% CPU usage.
Tweak: Log the source IP and port when a clone connects back.
0.2.7, August 3rd 2015
Tweak: Do not require --cuckoo when creating a bird image.
New: Introduce --vmmode longterm to vmcloak-clone.
Feature: Do not delete the Agent in longterm mode.
Feature: Allow specification of a netmask in vmcloak-vboxnet0.
0.2.6, June 25th 2015
New: Disable Windows updates.
New: Allow manual modification of Virtual Machines by removing the
Cuckoo Agent (and its associated registry key) at a later time.
Tweak: Debug mode in which python.exe is uses instead of pythonw.exe.
0.2.5, May 31th 2015
Fixed: It seems I was uploading my development versions to pypi instead
of the actual version. This should be fixed now.
Tweak: Allow one to actually use the VRDE stream by providing a known
default password.
0.2.4, May 30th 2015
Tweak: Get rid of vmcloak-deps' urls.txt in favor of our self-hosted
binaries at http://cuckoo.sh/vmcloak-files/.
Tweak: Remove birds.json file when running vmcloak-removevms.
0.2.3, May 26th 2015
Release as I forgot to properly update setup.py with the latest
version number.
0.2.2, May 26th 2015
Tweak: Include PIL (required for screenshots) in recommended mode.
New: Supply an extra executable to be ran after all's done.
0.2.1, May 10th 2015
Tweak: Allow the IP range and CIDR to be specified in vmcloak-iptables.
Tweak: Install Firefox 3.6, Java 7, and Silverlight 5 in recommended mode.
0.2, March 18th 2015
Official release with Windows 7 support.
Tweak: Really disable the Set Network Location window.
Tweak: Disable the Windows 7 Firewall and Defender.
Tweak: Pass through the Virtual Machine Type (Windows XP vs Windows 7)
when creating a bird image.
Tweak: Ensure Windows XP and Windows 7 data files are packaged.
0.1.23, March 17th 2015
Tweak: Refactoring of the internals for improved Windows 7 support.
New: 64-bit flag to install 64-bit software where available.
Removed: Unused VirtualBox RPC support.
Bugfix: Remove temporary bootstrap directory after usage.
New: Experimental Windows 7 support.
0.1.22, March 3rd 2015
Feature: Have vmcloak-clone wait at most 5 minutes per Virtual Machine.
If the machine has not pinged back in that time, something's wrong.
Tweak: Move Windows XP related files to vmcloak/data/winxp.
0.1.21, December 11th 2014
Bugfix: Removed duplicate privilege dropping code.
Feature: Use SO_REUSEADDR in vmcloak and vmcloak-clone to avoid exceptions
when listening on a port.
New: Introduce vmcloak-bird for basic management of Virtual Machine birds.
0.1.20, December 11th 2014
Bugfix: --deps-directory still used the old $HOME value.
0.1.19, December 11th 2014
Bugfix: Resolve parameters that use $PATH again after updating $PATH when
dropping privileges to another user.
0.1.18, December 11th 2014
Bugfix: os.putenv() doesn't apply to the current process in Python.
0.1.17, December 9th 2014
Bugfix: Allow the Agent to be started correctly after subsequent reboots
in a longterm analysis (this only works in bird mode).
Tweak: Renamed -d/--debug to -v/--verbose and -v/--version to --version.
New: Introduced --version-int for comparison when scripting.
0.1.16, December 5th 2014
Feature: Ability to drop privileges to another user.
0.1.15, November 29th 2014
New: Introduce Virtual Machine Cloning for quick and efficient creation
of new Virtual Machines. Use vmcloak in --bird mode and vmcloak-clone
to create a clone off of it.
Feature: Introduce write-batch functionality in vmcloak-deps.
Feature: Removed lockfile dependency.
Bugfix: Correctly remove C:\\vmcloak after setup.
0.1.14, November 10th 2014
Tweak: Maintenance of various executable scripts.
Tweak: Removed unused vmcloak-deps submodule.
0.1.13, October 21th 2014
Tweak: Use ~/cuckoo/ as Cuckoo directory in the recommended settings.
0.1.12, October 20th 2014
New: Introduce vmcloak-vboxnet0 to easily create the
hostonly vboxnet0 network.
Tweak: vmcloak-killvbox now also kills tcpdump(8) processes.
0.1.11, October 10th 2014
Do not require requests imports by default.
0.1.10, October 9th 2014
Correctly install data files.
0.1.9, October 8th 2014
Mac OS X, VRDE, enforce integer types.
0.1.8, October 7th 2014
Ability to use a 3rd party repository.
0.1.7, October 3rd 2014
Introduce vboxkill and removevms utilities.
0.1.6, October 2nd 2014
Set CPU count for Virtual Machines.
0.1.5, September 22th 2014
By default don't use a lock.
0.1.4, September 22th 2014
Recommended settings.
0.1.3, September 19th 2014
Bump version.
0.1.2, September 19th 2014
Ready for first release.
0.1.1, September 2nd 2014
Many necessary updates.
0.1.0, July 27th 2014
Initial release.