From 4d44291a6e7bc8a29e15b6c872f607286ebc862a Mon Sep 17 00:00:00 2001 From: enzok <7831008+enzok@users.noreply.github.com> Date: Thu, 4 Jun 2026 12:06:05 -0400 Subject: [PATCH 01/26] add direct vnc access to vm --- web/guac/consumers.py | 142 ++++++++++++++++++++--------- web/guac/routing.py | 2 +- web/guac/templates/guac/index.html | 18 ++++ web/guac/templates/guac/wait.html | 10 ++ web/guac/urls.py | 5 +- web/guac/views.py | 112 +++++++++++++++++++++++ 6 files changed, 243 insertions(+), 46 deletions(-) diff --git a/web/guac/consumers.py b/web/guac/consumers.py index 99944ea9562..635b3a3a3b2 100644 --- a/web/guac/consumers.py +++ b/web/guac/consumers.py @@ -35,6 +35,7 @@ def _get_vnc_port(vm_label): """Look up VNC port for a VM from libvirt. Must be called from sync context.""" if not LIBVIRT_AVAILABLE: return None + conn = None try: conn = libvirt.open(machinery_dsn) @@ -139,24 +140,47 @@ async def connect(self): self.guac_task_id = session_data["task_id"] vm_label = session_data["vm_label"] - # 3. Verify task can still host an interactive session - task = await sync_to_async(db.view_task)(self.guac_task_id) - if not task or task.status not in ACTIVE_GUAC_TASK_STATUSES: - logger.warning( - "WebSocket rejected: task %s is not active for guac", self.guac_task_id - ) - await self._delete_guac_session() - await self.close() - return - - # 4. Look up VNC port server-side from libvirt - vnc_port = await sync_to_async(_get_vnc_port)(vm_label) - if not vnc_port: - logger.warning( - "WebSocket rejected: no VNC port for VM %s", vm_label - ) - await self.close() - return + vnc_port = None + if self.guac_task_id > 0: + # 3. Verify task can still host an interactive session + task = await sync_to_async(db.view_task)(self.guac_task_id) + if not task or task.status not in ACTIVE_GUAC_TASK_STATUSES: + logger.warning( + "WebSocket rejected: task %s is not active for guac", self.guac_task_id + ) + await self._delete_guac_session() + await self.close() + return + + # 4. Look up VNC port server-side from libvirt + vnc_port = await sync_to_async(_get_vnc_port)(vm_label) + if not vnc_port: + logger.warning( + "WebSocket rejected: no VNC port for VM %s", vm_label + ) + await self.close() + return + else: + # Direct VNC connection + guest_ip = session_data.get("guest_ip") + if not guest_ip: + # Autodiscover port given just the VM name + vnc_port = await sync_to_async(_get_vnc_port)(vm_label) + if not vnc_port: + logger.warning( + "WebSocket rejected: could not autodiscover VNC port for VM %s", vm_label + ) + await self.close() + return + else: + try: + vnc_port = int(vm_label) + except ValueError: + logger.warning( + "WebSocket rejected: invalid direct VNC port %s", vm_label + ) + await self.close() + return # 5. Parse config guacd_hostname = web_cfg.guacamole.guacd_host or "localhost" @@ -174,22 +198,38 @@ async def connect(self): raw_recording = params.get("recording_name", ["task-recording"])[0] guacd_recording_name = re.sub(r"[^a-zA-Z0-9_-]", "", raw_recording) - if "rdp" in guest_protocol: - guest_host = session_data.get("guest_ip", vm_label) - if not guest_host: - guest_host = vm_label - guest_port = int(web_cfg.guacamole.guest_rdp_port) or 3389 - ignore_cert = ( - "true" - if web_cfg.guacamole.ignore_rdp_cert is True - else "false" - ) - extra_args = { - "disable-wallpaper": "true", - "disable-theming": "true", - } + if self.guac_task_id > 0: + if "rdp" in guest_protocol: + guest_host = session_data.get("guest_ip", vm_label) + if not guest_host: + guest_host = vm_label + guest_port = int(web_cfg.guacamole.guest_rdp_port) or 3389 + ignore_cert = ( + "true" + if web_cfg.guacamole.ignore_rdp_cert is True + else "false" + ) + extra_args = { + "disable-wallpaper": "true", + "disable-theming": "true", + } + else: + guest_host = web_cfg.guacamole.vnc_host or "localhost" + guest_port = vnc_port + ignore_cert = "false" + vnc_color_depth = str( + getattr(web_cfg.guacamole, "vnc_color_depth", 16) + ) + vnc_cursor = getattr(web_cfg.guacamole, "vnc_cursor", "local") + extra_args = { + "color-depth": vnc_color_depth, + "cursor": vnc_cursor, + } else: - guest_host = web_cfg.guacamole.vnc_host or "localhost" + # Direct VNC connection + guest_protocol = "vnc" + guest_ip = session_data.get("guest_ip") + guest_host = guest_ip or web_cfg.guacamole.vnc_host or "localhost" guest_port = vnc_port ignore_cert = "false" vnc_color_depth = str( @@ -204,6 +244,16 @@ async def connect(self): # 6. Connect to guacd self.client = GuacamoleClient(guacd_hostname, guacd_port) + logger.info( + "Guacamole connecting to guacd at %s:%s. Handshake: protocol=%s, host=%s, port=%s, recording_name=%s", + guacd_hostname, + guacd_port, + guest_protocol, + guest_host, + guest_port, + guacd_recording_name, + ) + await sync_to_async(self.client.handshake)( protocol=guest_protocol, width=guest_width, @@ -227,21 +277,25 @@ async def connect(self): ) # 7. Initialize timeout handling - try: - vm_ip = session_data.get("guest_ip") or guest_host - self.timeout_manager = SessionTimeoutManager( - vm_ip=vm_ip, - user="unknown_user", - session_id=self.guac_token, - task_id=str(self.guac_task_id), - ) - except Exception as e: - logger.error("Failed to initialize timeout manager: %s", e) + if self.guac_task_id > 0: + try: + vm_ip = session_data.get("guest_ip") or guest_host + self.timeout_manager = SessionTimeoutManager( + vm_ip=vm_ip, + user="unknown_user", + session_id=self.guac_token, + task_id=str(self.guac_task_id), + ) + except Exception as e: + logger.error("Failed to initialize timeout manager: %s", e) + self.timeout_manager = None + else: self.timeout_manager = None # 8. Start background tasks self.task = asyncio.create_task(self.read_guacd()) - self.monitor_task = asyncio.create_task(self.monitor_task_status()) + if self.guac_task_id > 0: + self.monitor_task = asyncio.create_task(self.monitor_task_status()) if self.timeout_manager and self.timeout_manager.idle_timeout_seconds > 0: self.timeout_task = asyncio.create_task(self.monitor_timeout()) else: diff --git a/web/guac/routing.py b/web/guac/routing.py index 6ea31022a96..b9a97c0effb 100644 --- a/web/guac/routing.py +++ b/web/guac/routing.py @@ -4,7 +4,7 @@ websocket_urlpatterns = [ re_path( - r"^guac/websocket-tunnel/(?P\w+)/?$", + r"^guac/websocket-tunnel/(?P[\w-]+)/?$", GuacamoleWebSocketConsumer.as_asgi(), ), ] diff --git a/web/guac/templates/guac/index.html b/web/guac/templates/guac/index.html index 87ba55825e6..53d4e6c58d6 100644 --- a/web/guac/templates/guac/index.html +++ b/web/guac/templates/guac/index.html @@ -23,11 +23,19 @@ CAPE Sandbox | + {% if task_id and task_id != 0 and task_id != '0' %} Task #{{ task_id }} + {% else %} + Direct VNC + {{ vnc_host }}:{{ vnc_port }} + + {% endif %}
@@ -35,15 +43,25 @@
Session Ended

+ {% if task_id and task_id != 0 and task_id != '0' %} View Task + {% else %} + Go Home + {% endif %}
diff --git a/web/guac/templates/guac/wait.html b/web/guac/templates/guac/wait.html index 508bc80609d..ac6a20c6234 100644 --- a/web/guac/templates/guac/wait.html +++ b/web/guac/templates/guac/wait.html @@ -29,9 +29,15 @@

Hang on...

+ {% if task_id and task_id != 0 and task_id != '0' %} + {% else %} + + {% endif %} @@ -40,7 +46,11 @@

Hang on...

diff --git a/web/guac/urls.py b/web/guac/urls.py index dbf41e6f560..21664bfe0d7 100644 --- a/web/guac/urls.py +++ b/web/guac/urls.py @@ -1,7 +1,10 @@ -from django.urls import re_path +from django.urls import path, re_path from guac import views urlpatterns = [ re_path(r"^(?P\d+)/(?P[\w=]+)/$", views.index, name="index"), + path("direct/vnc///", views.direct_vnc_host_port, name="direct_vnc_host_port"), + path("direct/vnc//", views.direct_vnc_vm, name="direct_vnc_vm"), ] + diff --git a/web/guac/views.py b/web/guac/views.py index 7b12c44f215..b59d7c9920d 100644 --- a/web/guac/views.py +++ b/web/guac/views.py @@ -104,3 +104,115 @@ def index(request, task_id, session_data): conn.close() except Exception: pass + + +@conditional_login_required(login_required, settings.WEB_AUTHENTICATION) +def direct_vnc_host_port(request, host, port): + token = uuid.uuid4() + try: + guac_session = db.create_guac_session( + token=token, + task_id=0, + vm_label=str(port), + guest_ip=host, + ) + except Exception as e: + return _error(request, 0, f"Failed to create Guacamole session: {e}") + + clean_host = "".join(c for c in host if c.isalnum() or c in ".-_") + recording_name = f"direct_{clean_host}_{port}_{str(token)[:8]}" + + response = render(request, "guac/index.html", { + "session_id": str(token), + "task_id": 0, + "recording_name": recording_name, + "vnc_host": host, + "vnc_port": port, + }) + + response.set_cookie( + "guac_session", + str(guac_session.token), + httponly=True, + secure=request.is_secure(), + samesite="Lax", + path="/guac/", + ) + + return response + + +@conditional_login_required(login_required, settings.WEB_AUTHENTICATION) +def direct_vnc_vm(request, vm_name): + if not LIBVIRT_AVAILABLE: + return _error(request, 0, "Libvirt not available") + + if machinery not in machinery_available: + return _error(request, 0, f"Machinery type '{machinery}' is not supported") + + is_running = False + vm_exists = False + error_msg = "" + + conn = None + try: + conn = libvirt.open(machinery_dsn) + if conn: + try: + dom = conn.lookupByName(vm_name) + if dom: + vm_exists = True + state = dom.state(flags=0) + is_running = state and state[0] == 1 + except Exception as e: + error_msg = str(e) + except Exception as e: + error_msg = str(e) + finally: + if conn: + try: + conn.close() + except Exception: + pass + + if error_msg and not vm_exists: + return _error(request, 0, error_msg) + + if not vm_exists: + return _error(request, 0, f"VM {vm_name} not found") + + if not is_running: + return render(request, "guac/wait.html", {"task_id": 0}) + + token = uuid.uuid4() + try: + guac_session = db.create_guac_session( + token=token, + task_id=0, + vm_label=vm_name, + guest_ip="", + ) + except Exception as e: + return _error(request, 0, f"Failed to create Guacamole session: {e}") + + recording_name = f"direct_{vm_name}_{str(token)[:8]}" + + response = render(request, "guac/index.html", { + "session_id": str(token), + "task_id": 0, + "recording_name": recording_name, + "vnc_host": vm_name, + "vnc_port": "auto", + }) + + response.set_cookie( + "guac_session", + str(guac_session.token), + httponly=True, + secure=request.is_secure(), + samesite="Lax", + path="/guac/", + ) + + return response + From e9f4a1773e6444396ac8183ce9f83f59b9280921 Mon Sep 17 00:00:00 2001 From: enzok <7831008+enzok@users.noreply.github.com> Date: Tue, 9 Jun 2026 12:50:56 -0400 Subject: [PATCH 02/26] web: Hide redundant jQuery UI titlebar in Guacamole console --- web/static/css/guac-main.css | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/web/static/css/guac-main.css b/web/static/css/guac-main.css index 9ef5fb19041..9e8a624e4a1 100644 --- a/web/static/css/guac-main.css +++ b/web/static/css/guac-main.css @@ -42,3 +42,8 @@ html, body { box-shadow: 0 0 30px rgba(220, 53, 69, 0.3); color: #fff; } + +.no-close .ui-dialog-titlebar { + display: none !important; +} + From 60e27bec881a1140358a649fb5fc251dc7949a52 Mon Sep 17 00:00:00 2001 From: enzok <7831008+enzok@users.noreply.github.com> Date: Tue, 9 Jun 2026 13:10:19 -0400 Subject: [PATCH 03/26] web: Add VNC Console dropdown option in header navigation bar --- conf/default/web.conf.default | 4 ++++ web/guac/context_processors.py | 21 +++++++++++++++++++++ web/templates/header.html | 14 ++++++++++++++ web/web/settings.py | 1 + 4 files changed, 40 insertions(+) create mode 100644 web/guac/context_processors.py diff --git a/conf/default/web.conf.default b/conf/default/web.conf.default index 5cb2648e239..68198224357 100644 --- a/conf/default/web.conf.default +++ b/conf/default/web.conf.default @@ -237,6 +237,10 @@ enabled = yes enabled = no [guacamole] +# Show a VNC Console dropdown of VM guests in the navigation bar +vnc_console_enabled = no +# Open VNC console sessions in a new tab +vnc_console_new_tab = yes enabled = no mode = vnc username = diff --git a/web/guac/context_processors.py b/web/guac/context_processors.py new file mode 100644 index 00000000000..2aabd0df8c8 --- /dev/null +++ b/web/guac/context_processors.py @@ -0,0 +1,21 @@ +from lib.cuckoo.common.config import Config +from lib.cuckoo.core.database import Database + +web_cfg = Config("web") + + +def guac_vnc_console(request): + """Context processor that exposes VNC Console settings and guests to templates.""" + enabled = web_cfg.guacamole.get("vnc_console_enabled", False) + if not enabled: + return {"vnc_console_enabled": False} + + db = Database() + machines = [machine.label for machine in db.list_machines(include_reserved=True)] + new_tab = web_cfg.guacamole.get("vnc_console_new_tab", True) + + return { + "vnc_console_enabled": True, + "vnc_console_machines": machines, + "vnc_console_new_tab": new_tab, + } diff --git a/web/templates/header.html b/web/templates/header.html index 11e7cd48e72..b7630a78b15 100644 --- a/web/templates/header.html +++ b/web/templates/header.html @@ -42,6 +42,20 @@ {% endif %} + {% if vnc_console_enabled %} +
  • + +
    + {% if vnc_console_machines %} + {% for machine_label in vnc_console_machines %} + {{ machine_label }} + {% endfor %} + {% else %} + No machines configured + {% endif %} +
    +
    • + {% endif %}
  • Docs
  • Changelog
  • diff --git a/web/web/settings.py b/web/web/settings.py index 65d9135041c..d646fa9079c 100644 --- a/web/web/settings.py +++ b/web/web/settings.py @@ -197,6 +197,7 @@ "django_settings_export.settings_export", # Surfaces `may_manage_apikeys` for the API Keys link in the user dropdown. "apikey.context_processors.apikey_access", + "guac.context_processors.guac_vnc_console", ], "loaders": [ "django.template.loaders.filesystem.Loader", From 7a202ce95da5bd2461b18e2f9486f525a8ff0f7f Mon Sep 17 00:00:00 2001 From: enzok <7831008+enzok@users.noreply.github.com> Date: Tue, 9 Jun 2026 13:26:36 -0400 Subject: [PATCH 04/26] web: Support VNC Console VM start, shutdown options and database task locking --- web/guac/consumers.py | 46 ++++++++- web/guac/templates/guac/index.html | 71 ++++++++++++++ web/guac/templates/guac/start.html | 56 +++++++++++ web/guac/urls.py | 2 + web/guac/views.py | 149 ++++++++++++++++++++++++++++- 5 files changed, 321 insertions(+), 3 deletions(-) create mode 100644 web/guac/templates/guac/start.html diff --git a/web/guac/consumers.py b/web/guac/consumers.py index 635b3a3a3b2..7585d4221a7 100644 --- a/web/guac/consumers.py +++ b/web/guac/consumers.py @@ -74,6 +74,7 @@ def __init__(self, *args, **kwargs): self.monitor_task = None self.guac_token = None self.guac_task_id = None + self.vm_label = None self.is_closing = False self.timeout_manager = None self.timeout_task = None @@ -138,7 +139,8 @@ async def connect(self): self.guac_token = str(token) self.guac_task_id = session_data["task_id"] - vm_label = session_data["vm_label"] + self.vm_label = session_data["vm_label"] + vm_label = self.vm_label vnc_port = None if self.guac_task_id > 0: @@ -296,6 +298,8 @@ async def connect(self): self.task = asyncio.create_task(self.read_guacd()) if self.guac_task_id > 0: self.monitor_task = asyncio.create_task(self.monitor_task_status()) + else: + self.monitor_task = asyncio.create_task(self.monitor_vm_status()) if self.timeout_manager and self.timeout_manager.idle_timeout_seconds > 0: self.timeout_task = asyncio.create_task(self.monitor_timeout()) else: @@ -330,6 +334,46 @@ async def monitor_task_status(self): except Exception as e: logger.error("Error in task monitor: %s", e) + async def monitor_vm_status(self): + """Periodically check if the VM is still running. If not, release the lock and close.""" + try: + while True: + await asyncio.sleep(TASK_POLL_INTERVAL) + if self.guac_task_id > 0: + break + + is_running = False + conn = None + try: + conn = await sync_to_async(libvirt.open)(machinery_dsn) + if conn: + dom = conn.lookupByName(self.vm_label) + if dom: + state = dom.state(flags=0) + is_running = state and state[0] == 1 + except Exception as e: + logger.error("Error checking VM status for %s: %s", self.vm_label, e) + finally: + if conn: + try: + conn.close() + except Exception: + pass + + if not is_running: + logger.info("VM %s is no longer running, unlocking and disconnecting", self.vm_label) + db = Database() + machine = await sync_to_async(db.view_machine_by_label)(self.vm_label) + if machine and machine.locked: + await sync_to_async(db.unlock_machine)(machine) + await sync_to_async(db.session.commit)() + await self._close_websocket() + break + except asyncio.CancelledError: + pass + except Exception as e: + logger.error("Error in VM monitor: %s", e) + async def disconnect(self, code): """Clean up on WebSocket disconnect.""" self.is_closing = True diff --git a/web/guac/templates/guac/index.html b/web/guac/templates/guac/index.html index 53d4e6c58d6..f5863ad0450 100644 --- a/web/guac/templates/guac/index.html +++ b/web/guac/templates/guac/index.html @@ -15,6 +15,7 @@ +
    @@ -52,6 +53,30 @@
    Session Ended
    + {% if started_by_console %} + + + {% endif %} diff --git a/web/guac/templates/guac/start.html b/web/guac/templates/guac/start.html new file mode 100644 index 00000000000..a3345ca95ed --- /dev/null +++ b/web/guac/templates/guac/start.html @@ -0,0 +1,56 @@ +{% load static %} + + + + + + Start VM · CAPE Sandbox + + + + + + + +
    +
    +
    +
    +
    +
    + +
    +

    Start VM: {{ vm_name }}

    +

    This virtual machine is currently powered off. Choose a startup mode to boot the machine and connect via VNC.

    + +
    + {% csrf_token %} +
    +
    + + +
    +
    + + +
    +
    + +
    + Go Home + +
    +
    +
    +
    +
    +
    +
    + + diff --git a/web/guac/urls.py b/web/guac/urls.py index 21664bfe0d7..57e784a1c6c 100644 --- a/web/guac/urls.py +++ b/web/guac/urls.py @@ -6,5 +6,7 @@ re_path(r"^(?P\d+)/(?P[\w=]+)/$", views.index, name="index"), path("direct/vnc///", views.direct_vnc_host_port, name="direct_vnc_host_port"), path("direct/vnc//", views.direct_vnc_vm, name="direct_vnc_vm"), + path("direct/vnc//start/", views.direct_vnc_vm_start, name="direct_vnc_vm_start"), + path("direct/vnc//shutdown/", views.direct_vnc_vm_shutdown, name="direct_vnc_vm_shutdown"), ] diff --git a/web/guac/views.py b/web/guac/views.py index b59d7c9920d..dd5d45344ad 100644 --- a/web/guac/views.py +++ b/web/guac/views.py @@ -1,13 +1,18 @@ import uuid from base64 import urlsafe_b64decode +import json +import logging from django.conf import settings from django.contrib.auth.decorators import login_required -from django.shortcuts import render +from django.http import JsonResponse +from django.shortcuts import render, redirect from lib.cuckoo.common.config import Config from lib.cuckoo.core.database import Database +logger = logging.getLogger("guac-session") + class conditional_login_required: def __init__(self, decorator, condition): @@ -182,7 +187,7 @@ def direct_vnc_vm(request, vm_name): return _error(request, 0, f"VM {vm_name} not found") if not is_running: - return render(request, "guac/wait.html", {"task_id": 0}) + return render(request, "guac/start.html", {"vm_name": vm_name}) token = uuid.uuid4() try: @@ -197,12 +202,17 @@ def direct_vnc_vm(request, vm_name): recording_name = f"direct_{vm_name}_{str(token)[:8]}" + # Determine if it was started by the VNC Console + machine = db.view_machine_by_label(vm_name) + started_by_console = machine.locked if machine else False + response = render(request, "guac/index.html", { "session_id": str(token), "task_id": 0, "recording_name": recording_name, "vnc_host": vm_name, "vnc_port": "auto", + "started_by_console": started_by_console, }) response.set_cookie( @@ -216,3 +226,138 @@ def direct_vnc_vm(request, vm_name): return response + +@conditional_login_required(login_required, settings.WEB_AUTHENTICATION) +def direct_vnc_vm_start(request, vm_name): + if not LIBVIRT_AVAILABLE: + return _error(request, 0, "Libvirt not available") + + if machinery not in machinery_available: + return _error(request, 0, f"Machinery type '{machinery}' is not supported") + + if request.method != "POST": + return _error(request, 0, "Invalid request method") + + start_mode = request.POST.get("start_mode", "snapshot") + + conn = None + try: + conn = libvirt.open(machinery_dsn) + if not conn: + return _error(request, 0, "Could not connect to hypervisor") + + try: + dom = conn.lookupByName(vm_name) + except Exception as e: + return _error(request, 0, f"VM {vm_name} not found: {e}") + + # Check if already running + state = dom.state(flags=0) + is_running = state and state[0] == 1 + if is_running: + return redirect("direct_vnc_vm", vm_name=vm_name) + + # Lock the machine in DB + machine = db.view_machine_by_label(vm_name) + if machine: + db.lock_machine(machine) + db.session.commit() + + if start_mode == "snapshot": + snapshot_name = machine.snapshot if (machine and machine.snapshot) else None + if not snapshot_name: + try: + snapshot_names = dom.snapshotListNames(flags=0) + if snapshot_names: + snapshot_name = snapshot_names[0] + except Exception: + pass + + if not snapshot_name: + if machine: + db.unlock_machine(machine) + db.session.commit() + return _error(request, 0, f"No snapshot configured or found for VM {vm_name}") + + try: + snap = dom.snapshotLookupByName(snapshot_name, flags=0) + dom.revertToSnapshot(snap, flags=0) + except Exception as e: + if machine: + db.unlock_machine(machine) + db.session.commit() + return _error(request, 0, f"Failed to restore snapshot: {e}") + else: + # Start dirty + try: + dom.create() + except Exception as e: + if machine: + db.unlock_machine(machine) + db.session.commit() + return _error(request, 0, f"Failed to power on VM dirty: {e}") + + return redirect("direct_vnc_vm", vm_name=vm_name) + + finally: + if conn: + try: + conn.close() + except Exception: + pass + + +@conditional_login_required(login_required, settings.WEB_AUTHENTICATION) +def direct_vnc_vm_shutdown(request, vm_name): + if not LIBVIRT_AVAILABLE: + return JsonResponse({"status": "error", "message": "Libvirt not available"}, status=500) + + if machinery not in machinery_available: + return JsonResponse({"status": "error", "message": f"Machinery type '{machinery}' is not supported"}, status=400) + + if request.method != "POST": + return JsonResponse({"status": "error", "message": "Invalid request method"}, status=405) + + try: + data = json.loads(request.body.decode("utf-8")) + except Exception: + data = {} + + force = data.get("force", False) + + conn = None + try: + conn = libvirt.open(machinery_dsn) + if not conn: + return JsonResponse({"status": "error", "message": "Could not connect to hypervisor"}, status=500) + + try: + dom = conn.lookupByName(vm_name) + except Exception as e: + return JsonResponse({"status": "error", "message": f"VM {vm_name} not found: {e}"}, status=404) + + try: + if force: + dom.destroy() + else: + dom.shutdown() + except Exception as e: + logger.error("Failed to shutdown VM %s: %s", vm_name, e) + + # Unlock the machine in DB + machine = db.view_machine_by_label(vm_name) + if machine: + db.unlock_machine(machine) + db.session.commit() + + return JsonResponse({"status": "success"}) + + except Exception as e: + return JsonResponse({"status": "error", "message": str(e)}, status=500) + finally: + if conn: + try: + conn.close() + except Exception: + pass + From f3014a2b36ce362b4ead13c972cbcd61cd0f44d7 Mon Sep 17 00:00:00 2001 From: enzok <7831008+enzok@users.noreply.github.com> Date: Tue, 9 Jun 2026 13:31:21 -0400 Subject: [PATCH 05/26] web: Add warning when connecting to an already active Direct VNC console session --- web/guac/templates/guac/warn.html | 39 +++++++++++++++++++++++++++++++ web/guac/views.py | 8 +++++++ 2 files changed, 47 insertions(+) create mode 100644 web/guac/templates/guac/warn.html diff --git a/web/guac/templates/guac/warn.html b/web/guac/templates/guac/warn.html new file mode 100644 index 00000000000..b97722c52d7 --- /dev/null +++ b/web/guac/templates/guac/warn.html @@ -0,0 +1,39 @@ +{% load static %} + + + + + + Active Session Warning · CAPE Sandbox + + + + + + + +
    +
    +
    +
    +
    +
    + +
    +

    Active Session Warning

    +

    + A VNC connection to VM {{ vm_name }} is already active. + Connecting now will share control or may disrupt the existing session. +

    + +
    + Go Home + Connect Anyway +
    +
    +
    +
    +
    +
    + + diff --git a/web/guac/views.py b/web/guac/views.py index dd5d45344ad..44535a6c99e 100644 --- a/web/guac/views.py +++ b/web/guac/views.py @@ -149,6 +149,14 @@ def direct_vnc_host_port(request, host, port): @conditional_login_required(login_required, settings.WEB_AUTHENTICATION) def direct_vnc_vm(request, vm_name): + override = request.GET.get("override") == "true" + if not override: + from lib.cuckoo.core.data.guac_session import GuacSession + session = db.session() + active_session = session.query(GuacSession).filter_by(vm_label=vm_name).first() + if active_session: + return render(request, "guac/warn.html", {"vm_name": vm_name}) + if not LIBVIRT_AVAILABLE: return _error(request, 0, "Libvirt not available") From e2525c0936de82385c35e6889085bc882373c494 Mon Sep 17 00:00:00 2001 From: enzok <7831008+enzok@users.noreply.github.com> Date: Tue, 9 Jun 2026 13:39:03 -0400 Subject: [PATCH 06/26] web: Allow user to select snapshot when starting VM from VNC console --- web/guac/templates/guac/start.html | 25 +++++++++++++++++++++++-- web/guac/views.py | 17 +++++++++++++++-- 2 files changed, 38 insertions(+), 4 deletions(-) diff --git a/web/guac/templates/guac/start.html b/web/guac/templates/guac/start.html index a3345ca95ed..bc2807c1910 100644 --- a/web/guac/templates/guac/start.html +++ b/web/guac/templates/guac/start.html @@ -28,9 +28,18 @@

    Start VM: {{ vm_name }}

    -
    @@ -52,5 +61,17 @@

    Start VM: {{ vm_name }}

    + diff --git a/web/guac/views.py b/web/guac/views.py index 44535a6c99e..9b4c6a4542c 100644 --- a/web/guac/views.py +++ b/web/guac/views.py @@ -166,6 +166,7 @@ def direct_vnc_vm(request, vm_name): is_running = False vm_exists = False error_msg = "" + snapshot_names = [] conn = None try: @@ -177,6 +178,11 @@ def direct_vnc_vm(request, vm_name): vm_exists = True state = dom.state(flags=0) is_running = state and state[0] == 1 + if not is_running: + try: + snapshot_names = dom.snapshotListNames(flags=0) + except Exception: + pass except Exception as e: error_msg = str(e) except Exception as e: @@ -195,7 +201,13 @@ def direct_vnc_vm(request, vm_name): return _error(request, 0, f"VM {vm_name} not found") if not is_running: - return render(request, "guac/start.html", {"vm_name": vm_name}) + machine = db.view_machine_by_label(vm_name) + default_snapshot = machine.snapshot if (machine and machine.snapshot) else None + return render(request, "guac/start.html", { + "vm_name": vm_name, + "snapshots": snapshot_names, + "default_snapshot": default_snapshot, + }) token = uuid.uuid4() try: @@ -247,6 +259,7 @@ def direct_vnc_vm_start(request, vm_name): return _error(request, 0, "Invalid request method") start_mode = request.POST.get("start_mode", "snapshot") + selected_snapshot = request.POST.get("selected_snapshot") conn = None try: @@ -272,7 +285,7 @@ def direct_vnc_vm_start(request, vm_name): db.session.commit() if start_mode == "snapshot": - snapshot_name = machine.snapshot if (machine and machine.snapshot) else None + snapshot_name = selected_snapshot or (machine.snapshot if (machine and machine.snapshot) else None) if not snapshot_name: try: snapshot_names = dom.snapshotListNames(flags=0) From ff800d9df21588fd568b5761a5a2159d1763d04e Mon Sep 17 00:00:00 2001 From: enzok <7831008+enzok@users.noreply.github.com> Date: Tue, 9 Jun 2026 16:51:55 -0400 Subject: [PATCH 07/26] Implement wait screen with cancel button during VM startup and add CSRF trusted origins to guac_settings --- web/guac/templates/guac/wait.html | 47 +++++++++++++++++++++++- web/guac/views.py | 59 +++++++++++++++++++++++++------ web/web/guac_settings.py | 14 ++++++++ 3 files changed, 108 insertions(+), 12 deletions(-) diff --git a/web/guac/templates/guac/wait.html b/web/guac/templates/guac/wait.html index ac6a20c6234..3a8d893ea1d 100644 --- a/web/guac/templates/guac/wait.html +++ b/web/guac/templates/guac/wait.html @@ -25,7 +25,11 @@

    Hang on...

    + {% if vm_name %} +

    The VM {{ vm_name }} is starting. This page will refresh every second.

    + {% else %}

    The VM is not running yet. This page will refresh every 5 seconds.

    + {% endif %}
    @@ -38,6 +42,11 @@

    Hang on...

    Go Home {% endif %} + {% if vm_name %} + + {% endif %} @@ -52,7 +61,43 @@

    Hang on...

    location.replace(location.origin + '/'); {% endif %} }); - setTimeout(function() { location.reload(true); }, 5000); + + {% if vm_name %} + var cancelBtn = document.getElementById("cancelStart"); + if (cancelBtn) { + cancelBtn.addEventListener("click", function() { + cancelBtn.disabled = true; + cancelBtn.innerHTML = ' Cancelling...'; + + fetch('/guac/direct/vnc/{{ vm_name }}/shutdown/', { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + 'X-CSRFToken': '{{ csrf_token }}' + }, + body: JSON.stringify({ force: true }) + }) + .then(response => response.json()) + .then(data => { + if (data.status === 'success') { + location.replace(location.origin + '/guac/direct/vnc/{{ vm_name }}/'); + } else { + alert('Error cancelling startup: ' + (data.message || 'Unknown error')); + cancelBtn.disabled = false; + cancelBtn.innerHTML = ' Cancel'; + } + }) + .catch(error => { + console.error('Error:', error); + alert('Error cancelling startup'); + cancelBtn.disabled = false; + cancelBtn.innerHTML = ' Cancel'; + }); + }); + } + {% endif %} + + setTimeout(function() { location.reload(true); }, {% if vm_name %}1000{% else %}5000{% endif %}); diff --git a/web/guac/views.py b/web/guac/views.py index 9b4c6a4542c..d49e8ff046d 100644 --- a/web/guac/views.py +++ b/web/guac/views.py @@ -1,4 +1,5 @@ import uuid +import threading from base64 import urlsafe_b64decode import json @@ -202,6 +203,12 @@ def direct_vnc_vm(request, vm_name): if not is_running: machine = db.view_machine_by_label(vm_name) + if machine and machine.locked: + return render(request, "guac/wait.html", { + "vm_name": vm_name, + "task_id": 0, + }) + default_snapshot = machine.snapshot if (machine and machine.snapshot) else None return render(request, "guac/start.html", { "vm_name": vm_name, @@ -247,6 +254,37 @@ def direct_vnc_vm(request, vm_name): return response +def bg_revert_and_start(machinery_dsn, vm_name, start_mode, snapshot_name): + import libvirt + from lib.cuckoo.core.database import Database + db = Database() + conn = None + try: + conn = libvirt.open(machinery_dsn) + if conn: + dom = conn.lookupByName(vm_name) + if start_mode == "snapshot": + snap = dom.snapshotLookupByName(snapshot_name, flags=0) + dom.revertToSnapshot(snap, flags=0) + else: + dom.create() + except Exception as e: + logger.error(f"Error starting VM {vm_name} in background: {e}") + try: + machine = db.view_machine_by_label(vm_name) + if machine: + db.unlock_machine(machine) + db.session.commit() + except Exception as db_err: + logger.error(f"Failed to unlock machine {vm_name} after background start error: {db_err}") + finally: + if conn: + try: + conn.close() + except Exception: + pass + + @conditional_login_required(login_required, settings.WEB_AUTHENTICATION) def direct_vnc_vm_start(request, vm_name): if not LIBVIRT_AVAILABLE: @@ -284,6 +322,7 @@ def direct_vnc_vm_start(request, vm_name): db.lock_machine(machine) db.session.commit() + snapshot_name = None if start_mode == "snapshot": snapshot_name = selected_snapshot or (machine.snapshot if (machine and machine.snapshot) else None) if not snapshot_name: @@ -300,23 +339,21 @@ def direct_vnc_vm_start(request, vm_name): db.session.commit() return _error(request, 0, f"No snapshot configured or found for VM {vm_name}") + # Verify snapshot exists before starting thread try: - snap = dom.snapshotLookupByName(snapshot_name, flags=0) - dom.revertToSnapshot(snap, flags=0) + dom.snapshotLookupByName(snapshot_name, flags=0) except Exception as e: if machine: db.unlock_machine(machine) db.session.commit() return _error(request, 0, f"Failed to restore snapshot: {e}") - else: - # Start dirty - try: - dom.create() - except Exception as e: - if machine: - db.unlock_machine(machine) - db.session.commit() - return _error(request, 0, f"Failed to power on VM dirty: {e}") + + # Spawn background thread to start the VM + threading.Thread( + target=bg_revert_and_start, + args=(machinery_dsn, vm_name, start_mode, snapshot_name), + daemon=True + ).start() return redirect("direct_vnc_vm", vm_name=vm_name) diff --git a/web/web/guac_settings.py b/web/web/guac_settings.py index 62d38265166..9bf9c9a8b6b 100644 --- a/web/web/guac_settings.py +++ b/web/web/guac_settings.py @@ -41,6 +41,20 @@ WEB_AUTHENTICATION = getattr(Config("web"), "web_auth", {}).get("enabled", False) +web_cfg = Config("web") +csfr_list = [] +if web_cfg.security.csrf_trusted_origins: + for host in web_cfg.security.csrf_trusted_origins.split(","): + host = host.strip() + if not host: + continue + if host.startswith(("http://", "https://")): + csfr_list.append(host) + else: + csfr_list.extend([f"http://{host}", f"https://{host}"]) + +CSRF_TRUSTED_ORIGINS = csfr_list + ALLOWED_HOSTS = [ "*", ] From d1f787828b617974ba4c7944e685ad8bc177795a Mon Sep 17 00:00:00 2001 From: enzok <7831008+enzok@users.noreply.github.com> Date: Tue, 9 Jun 2026 17:01:36 -0400 Subject: [PATCH 08/26] Add dynamic routing (Tor/VPN/Dirty line) selector to VNC host console --- web/guac/templates/guac/index.html | 50 ++++++++++- web/guac/urls.py | 1 + web/guac/views.py | 140 ++++++++++++++++++++++++++++- 3 files changed, 188 insertions(+), 3 deletions(-) diff --git a/web/guac/templates/guac/index.html b/web/guac/templates/guac/index.html index f5863ad0450..0299c0f8ee5 100644 --- a/web/guac/templates/guac/index.html +++ b/web/guac/templates/guac/index.html @@ -32,8 +32,22 @@ {% else %} Direct VNC - {{ vnc_host }}:{{ vnc_port }} - {% endif %} @@ -131,6 +145,38 @@