Feature
NOTE!
Before submitting, please go through our roadmap and phases to see if the feature you want is already defined there.
Is your feature request related to a problem? Please describe.
While there is a button (and corresponding API routes) for downloading the task PCAP, there is currently no way to easily retrieve the TLS keys stored in the tlsmaster.txt from the task folder.
To be honest, there is not even any mention about the existence of this file. I only found about it because I was curious on how Cuckoo3 was decrypting the HTTPS traffic in the tasks and went looking around in the code until I found it.
Proposed solution
Describe the solution you'd like.
I have made some changes locally to add the API routes and am currently working on a PR including this routes and a button in the web UI.
My changes are on this branch from my fork.
Additional context
Sure, I can SSH into the host, go into the specific task folder and grab the file from there, but this is not a "good" way to do it and takes some time.
This should at least be mentioned in the documentation, as I find it an important feature/improvement to the overall analysis of malware.
Feature
NOTE!
Before submitting, please go through our roadmap and phases to see if the feature you want is already defined there.
Is your feature request related to a problem? Please describe.
While there is a button (and corresponding API routes) for downloading the task PCAP, there is currently no way to easily retrieve the TLS keys stored in the
tlsmaster.txtfrom the task folder.To be honest, there is not even any mention about the existence of this file. I only found about it because I was curious on how Cuckoo3 was decrypting the HTTPS traffic in the tasks and went looking around in the code until I found it.
Proposed solution
Describe the solution you'd like.
I have made some changes locally to add the API routes and am currently working on a PR including this routes and a button in the web UI.
My changes are on this branch from my fork.
Additional context
Sure, I can SSH into the host, go into the specific task folder and grab the file from there, but this is not a "good" way to do it and takes some time.
This should at least be mentioned in the documentation, as I find it an important feature/improvement to the overall analysis of malware.