Capa explorer fails to run
See original GitHub issuePrerequisites
- Put an X between the brackets on this line if you have done all of the following:
- Checked that your issue isn’t already filed: search
Description
Getting Error while invoking ida_capa_explorer.py using IDApro.
Steps to Reproduce
- Load a file into IDA
- then
Alt+F7
- Navigate to
ida_capa_explorer.py
and open it
Expected behavior:
It should open the capa explorer with the results.
Actual behavior:
the explorer is opening without the results.
Versions
Latest capa and python 2.7 on IDA Pro 7.0
Additional Information
I know the capa is meant to be working on 7.4 or 7.5 but looking at the error it seems capa can’t locate rules path.
This is the following error thrown by IDA Pro:
INFO:capa:--------------------------------------------------------------------------------
INFO:capa: Using default embedded rules.
INFO:capa:
INFO:capa: You can see the current default rule set here:
INFO:capa: https://github.com/fireeye/capa-rules
INFO:capa:--------------------------------------------------------------------------------
IDAPython: Error while calling Python callback <OnCreate>:
Traceback (most recent call last):
File "C:/python27-x64/Lib/site-packages/capa/ida/ida_capa_explorer.py", line 104, in OnCreate
self.load_capa_results()
File "C:/python27-x64/Lib/site-packages/capa/ida/ida_capa_explorer.py", line 362, in load_capa_results
rules = capa.main.get_rules(rules_path)
File "C:\python27-x64\lib\site-packages\capa\main.py", line 304, in get_rules
raise IOError("rule path %s does not exist or cannot be accessed" % rule_path)
IOError: rule path C:/python27-x64/Lib/site-packages/capa/ida\../..\rules does not exist or cannot be accessed
INFO:capa:form closed.
Issue Analytics
- State:
- Created 3 years ago
- Comments:14
Top Results From Across the Web
Capa explorer fails to run · Issue #165 - GitHub
I know the capa is meant to be working on 7.4 or 7.5 but looking at the error it seems capa can't locate...
Read more >capa 2.0: Better, Stronger, Faster - Mandiant
Once you've installed capa explorer using the Getting Started guide, open the plugin by navigating to Edit > Plugins > FLARE capa explorer....
Read more >capa v4.0.1 releases: identify capabilities in executable files
capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the...
Read more >Login Problems with LON-CAPA - Michigan State University
The third most common problem is that a user has accidentally gone to the wrong server. LON-CAPA is running at many universities, colleges,...
Read more >explorer.exe error when run - Microsoft Community
Hello, when opening file explorer from the taskbar I get this error and when launching explorer.exe in C:/Windows/explorer.exe I get this ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I am gonna try that import script.
Oh, I see this is already in discussion, +1 from me!