FileInfo_7_0

[Tux-Panik]

Request Type

Bug

Work Environment

(replace with N/A if not applicable)

Question	Answer
OS version (server)	CentOS
OS version (client)	7
Cortex Analyzer Name	FileInfo_7_0
Cortex Analyzer Version	7.0
Cortex Version	2.1.3-1 (Docker)
Browser type & version	N/A

Description

The analyzer FileInfo_7_0 doesn't run and raise an exception related to the 'cStringIO' library, involved through the script "/usr/local/lib/python3.7/dist-packages/oletools/olevba.py".
This package no longer exists in Python2 and has changed in Python3.

Steps to Reproduce

Just run a job using the analyzer FileInfo_7_0.

Possible Solutions

Could work on an up-to-date Cortex environment.
Not tested as I don't have one.

Complementary information

Here is the error ouput.

Traceback (most recent call last):
  File "FileInfo/fileinfo_analyzer.py", line 7, in <module>
    from submodules import available_submodules
  File "/opt/Cortex-Analyzers/analyzers/FileInfo/submodules/__init__.py", line 1, in <module>
    from .submodule_oletools import OLEToolsSubmodule
  File "/opt/Cortex-Analyzers/analyzers/FileInfo/submodules/submodule_oletools.py", line 3, in <module>
    from oletools.olevba import VBA_Parser_CLI
  File "/usr/local/lib/python3.7/dist-packages/oletools/olevba.py", line 248, in <module>
    import cStringIO
ModuleNotFoundError: No module named 'cStringIO'

[azgaviperr]

Hello, this analyzer work nicely with python3.
Have you try to do a pip3 install --upgrade --force-reinstall -r requirements.txt after a fresh pull of the analyzer ?

[Tux-Panik]

Thanks @azgaviperr
I do confirm this successfully works.