Monday, November 21, 2016

Cuckoo Sandbox Installation (Part 1 of 4)

This is the first of four parts series on the "Installation of Cuckoo Sandbox." Part 1 will focus on preparing the Host Operating System. 
Background
In order to successfully install Cuckoo Sandbox you must setup the required environment. The required software is Linux, Python, and a virtualization platform (i.e Virtualbox or VMware Player).

        Steps
        All  commands are Italicize. To install the software open a terminal and copy & paste the commands. During the installation of the various software you will be prompted with the options of "Yes/No" type "Yes or Y" to all prompts. 
        1. Linux
        • Install Linux as your main operating system. This can be any distribution of Linux. (My choice was  Ubuntu 16.04).
        • Run the update command to update your Linux distribution. 
          • sudo apt-get update
        2. Python libraries [1]
        •   Install the dependencies 
          •  sudo apt-get install python python-pip python-dev libffi-dev libssl-dev 
        • Install libxml2-dev and libxslt-dev 
          • sudo apt-get install libxml2-dev libxslt-dev
        •  Install the requirements from the requirements text file using PyPI 
          • Download Cuckoo Sandbox and extract it.  
            • Command to extract the .tar.gz file: tar -xvzf 
            • Example: tar -xvzf FileName.tar.gz
          • Navigate to the cuckoo folder:
            • cd /home/YourUserName/Downloads/cuckoo
          • sudo -H pip install -r requirements.txt 
          • sudo -H pip install --upgrade pip
         3. Virtualization Software
          • sudo chmod u+x VMWare-Player-12.5.1-4542065.x86_64.bundle
          • sudo ./VMWare-Player-12.5.1-4542065.x86_64.bundle
          4. Create a user for cuckoo
          • sudo adduser cuckoo

          References:
          1. Cuckoo Sandbox Documentation


          Social Media
          Facebook:
          https://www.facebook.com/BDavisCS/

          Twitter:
          @BDavis_CyberSec

          32 comments:

          1. Would you ever share your ubuntu vmdk?

            ReplyDelete
          2. Thank you for your question Ryan G. An Ubuntu vmdk wouldn't do you any good because you can't nest a VM inside of a VM. I will try to create an ISO of an Ubuntu workstation with Cuckoo installed so all you have to do is install your VM software of choice and create a VM to in order to start practicing Dynamic malware analyst. If you found this content helpful and would like to see more please feel free to hit that subscribe button. As always "Stay hungry for knowledge!!!"

            ReplyDelete
            Replies
            1. how to setup cuckoo and with the help of cuckoo how to analyse malware
              any video you may share

              Delete
          3. Thank you for your questions Mohanan Suppiah. After careful consideration I have decided not to post an image of Ubuntu with Cuckoo Sandbox pre-installed. There were too many logistical issues which made the idea unfeasible. I was unable to find free storage which would allow for multiple simultaneous downloads with the needed bandwidth to support them. I am confident that with the instructions typed out in my blog posts and the accompanying YouTube videos anyone can successfully install Cuckoo Sandbox. "Get a man a fish and he'll eat for a day, Teach a man to fish and he'll eat for a life time." As always "Stay hungry for knowledge!!!"

            ReplyDelete
            Replies
            1. Sure, thanks for the reply. i wanted the image just as a control but thats fine. I understand your part of the challenge. Anyway is there a 4th part for this blog?

              Delete
            2. https://bdavis-cybersecurity.blogspot.com/2016/12/cuckoo-sandbox-installation-part-4-of-4.html

              Delete
          4. Hi,
            I have my sandbox almost working. When submitting malware via submit.py I get an error on the VM:
            No injection method has been provided!
            Any suggestions?
            Thanks for the help

            ReplyDelete
          5. Hi,
            what password do you use for the cuckoo user?

            ReplyDelete
          6. Hey There. I found your blog using msn. This is a very well written article. I’ll be sure to bookmark it and come back to read more of your useful info. Thanks for the post. I’ll definitely return.
            Cyber security training uk

            ReplyDelete
          7. Hi Davis

            can you share your contact number i would like to talk

            ReplyDelete
          8. Hello,

            I am unable to find the requirements.txt file in the directory as instructed. Can you please assist?

            I am using Cuckoo version 2.0.3 on Ubuntu 17.

            ReplyDelete
          9. Thank you for a nice post. I installed using oracle virtual box but it has kept failing. I am using ubuntu 16.04. I really need help. I cant't create virtual machines

            ReplyDelete
          10. Thanks for this series. Does Cuckoo need to be installed on the host? Or is it possible for me to install it on a guest OS and just interact with other guests? If I can run it in a guestOS, is there anything special that I need to do with the network?

            ReplyDelete
          11. hello bdavis
            i want your support about my case .
            i have laptop with Windows 8.1 , i installed VMware woekstation inside it , and i installed Kali linux 2017 inside the VMware workstation to be as cuckoo Host .
            i prepared another XP VM inside the Vmware workstation as the Guest for analysis and i install the cuckoo agent inside it.
            i faced issue with path to VM guest .
            i want to ensure if this scenario correct ? if yes i will show you the issue
            if not ? please give me the best scenario for my environment ?

            ReplyDelete
          12. This comment has been removed by the author.

            ReplyDelete
          13. Setup is ready . how to analyse malware
            my regshot is not working on virtual box windows

            ReplyDelete

          14. Cyber Security

            Cyber Security is the discipline of protecting systems, virtual infrastructure, networks, and programs — basically your whole computing environment — from digital attacks.


            to get more - https://augustiqconsulting.com/cyber-security/

            ReplyDelete
          15. This comment has been removed by the author.

            ReplyDelete
          16. Hey! Thanks a lot for sharing all these here. I really didn't know the entire procedure for the Cuckoo Sandbox installation. I really appreciate your help in letting me know the entire process.

            ReplyDelete
          17. Thanks for sharing information about cuckoo sandbox installation.You explain the procedure really well.

            ReplyDelete
          18. Hi! I just wish to offer you a big thumbs up for your great info you have right here on this post. I will be coming back to your site for more soon.

            ReplyDelete
          19. I was more than happy to uncover this great site. I need to to thank you for your time due to this fantastic read!! I definitely enjoyed every bit of it and I have you bookmarked to see new information on your blog.

            ReplyDelete
          20. This happens all the time that you buy a laptop and initially it runs fine, but slowly over the years, it starts to crawls.
            This is a headache and has to be sorted as soon as possible. But if you are wondering why is my computer so slow all of a
            sudden? Then I will give you the answer here. Indeed there are many reasons but I have mentioned 3 of them here which are
            the most common ones.
            Computer repaiting services UK
            pc repairing services UK
            Laptop repaiting services UK

            ReplyDelete
          21. The downloading link for Cuckoo is not working.I downloaded it from https://sourceforge.net/projects/cuckoosandbox.mirror/ but couldn't find the requirements.txt file. Please can you share some other downloading link.

            ReplyDelete
          22. Hi there thankyou so much for your really informative blog. I need to ask something.
            1) Is there any other tool better than cuckoo for Dynamic Malware Detection ?
            2) I am making a tool Dynamic Malware Analysis with Machine Learning. How could I get Window's Api's called by malware. I need resources for study more. Could you please me ??
            Thanks

            ReplyDelete
          23. Information risk management: here you learn how to assess, mitigate, and evaluate data risks. Basically you learn how to identify when there is an information breach. You also learn the different countermeasures that you can take to manage the problem. cyber security institute in hyderabad

            ReplyDelete
          24. Thanks for sharing with us.

            Regards
            Khushbu Khandelwal
            SEO Expert

            ReplyDelete