Monday, November 21, 2016

Cuckoo Sandbox Installation (Part 1 of 4)

This is the first of four parts series on the "Installation of Cuckoo Sandbox." Part 1 will focus on preparing the Host Operating System. 
Background
In order to successfully install Cuckoo Sandbox you must setup the required environment. The required software is Linux, Python, and a virtualization platform (i.e Virtualbox or VMware Player).

        Steps
        All  commands are Italicize. To install the software open a terminal and copy & paste the commands. During the installation of the various software you will be prompted with the options of "Yes/No" type "Yes or Y" to all prompts. 
        1. Linux
        • Install Linux as your main operating system. This can be any distribution of Linux. (My choice was  Ubuntu 16.04).
        • Run the update command to update your Linux distribution. 
          • sudo apt-get update
        2. Python libraries [1]
        •   Install the dependencies 
          •  sudo apt-get install python python-pip python-dev libffi-dev libssl-dev 
        • Install libxml2-dev and libxslt-dev 
          • sudo apt-get install libxml2-dev libxslt-dev
        •  Install the requirements from the requirements text file using PyPI 
          • Download Cuckoo Sandbox and extract it.  
            • Command to extract the .tar.gz file: tar -xvzf 
            • Example: tar -xvzf FileName.tar.gz
          • Navigate to the cuckoo folder:
            • cd /home/YourUserName/Downloads/cuckoo
          • sudo -H pip install -r requirements.txt 
          • sudo -H pip install --upgrade pip
         3. Virtualization Software
          • sudo chmod u+x VMWare-Player-12.5.1-4542065.x86_64.bundle
          • sudo ./VMWare-Player-12.5.1-4542065.x86_64.bundle
          4. Create a user for cuckoo
          • sudo adduser cuckoo

          References:
          1. Cuckoo Sandbox Documentation


          Social Media
          Facebook:
          https://www.facebook.com/BDavisCS/

          Twitter:
          @BDavis_CyberSec
          Posted by at
          Labels: , ,

          32 comments:

          1. UnknownFebruary 11, 2017 at 3:15 PM

            Would you ever share your ubuntu vmdk?

            ReplyDelete
          2. bdavisFebruary 11, 2017 at 11:48 PM

            Thank you for your question Ryan G. An Ubuntu vmdk wouldn't do you any good because you can't nest a VM inside of a VM. I will try to create an ISO of an Ubuntu workstation with Cuckoo installed so all you have to do is install your VM software of choice and create a VM to in order to start practicing Dynamic malware analyst. If you found this content helpful and would like to see more please feel free to hit that subscribe button. As always "Stay hungry for knowledge!!!"

            ReplyDelete
            Replies
            1. UnknownOctober 6, 2017 at 3:34 AM

              how to setup cuckoo and with the help of cuckoo how to analyse malware
              any video you may share

              Delete
          3. Mohanan SuppiahFebruary 19, 2017 at 3:29 AM

            where can i get your iso image?

            ReplyDelete
          4. bdavisFebruary 20, 2017 at 1:44 AM

            Thank you for your questions Mohanan Suppiah. After careful consideration I have decided not to post an image of Ubuntu with Cuckoo Sandbox pre-installed. There were too many logistical issues which made the idea unfeasible. I was unable to find free storage which would allow for multiple simultaneous downloads with the needed bandwidth to support them. I am confident that with the instructions typed out in my blog posts and the accompanying YouTube videos anyone can successfully install Cuckoo Sandbox. "Get a man a fish and he'll eat for a day, Teach a man to fish and he'll eat for a life time." As always "Stay hungry for knowledge!!!"

            ReplyDelete
            Replies
            1. Mohanan SuppiahMarch 1, 2017 at 3:29 AM

              Sure, thanks for the reply. i wanted the image just as a control but thats fine. I understand your part of the challenge. Anyway is there a 4th part for this blog?

              Delete
            2. bdavisMarch 1, 2017 at 12:12 PM

              https://bdavis-cybersecurity.blogspot.com/2016/12/cuckoo-sandbox-installation-part-4-of-4.html

              Delete
          5. ciberseguridadCRMarch 4, 2017 at 11:21 AM

            Hi,
            I have my sandbox almost working. When submitting malware via submit.py I get an error on the VM:
            No injection method has been provided!
            Any suggestions?
            Thanks for the help

            ReplyDelete
          6. UnknownApril 17, 2017 at 1:28 AM

            Hi,
            what password do you use for the cuckoo user?

            ReplyDelete
          7. juanjuergensJune 9, 2017 at 8:03 AM

            Hey There. I found your blog using msn. This is a very well written article. I’ll be sure to bookmark it and come back to read more of your useful info. Thanks for the post. I’ll definitely return.
            Cyber security training uk

            ReplyDelete
          8. UnknownJune 22, 2017 at 3:46 AM

            Hi Davis

            can you share your contact number i would like to talk

            ReplyDelete
          9. AnonymousAugust 24, 2017 at 6:49 AM

            Hello,

            I am unable to find the requirements.txt file in the directory as instructed. Can you please assist?

            I am using Cuckoo version 2.0.3 on Ubuntu 17.

            ReplyDelete
          10. UnknownAugust 29, 2017 at 5:21 AM

            Thank you for a nice post. I installed using oracle virtual box but it has kept failing. I am using ubuntu 16.04. I really need help. I cant't create virtual machines

            ReplyDelete
          11. UnknownNovember 5, 2017 at 4:29 PM

            Thanks for this series. Does Cuckoo need to be installed on the host? Or is it possible for me to install it on a guest OS and just interact with other guests? If I can run it in a guestOS, is there anything special that I need to do with the network?

            ReplyDelete
          12. UnknownDecember 19, 2017 at 2:13 AM

            hello bdavis
            i want your support about my case .
            i have laptop with Windows 8.1 , i installed VMware woekstation inside it , and i installed Kali linux 2017 inside the VMware workstation to be as cuckoo Host .
            i prepared another XP VM inside the Vmware workstation as the Guest for analysis and i install the cuckoo agent inside it.
            i faced issue with path to VM guest .
            i want to ensure if this scenario correct ? if yes i will show you the issue
            if not ? please give me the best scenario for my environment ?

            ReplyDelete
          13. UnknownJanuary 24, 2018 at 2:54 AM

            This comment has been removed by the author.

            ReplyDelete
          14. UnknownFebruary 12, 2018 at 8:31 AM

            Setup is ready . how to analyse malware
            my regshot is not working on virtual box windows

            ReplyDelete
          15. Nemaram PunavatDecember 19, 2018 at 4:16 AM


            Cyber Security

            Cyber Security is the discipline of protecting systems, virtual infrastructure, networks, and programs — basically your whole computing environment — from digital attacks.


            to get more - https://augustiqconsulting.com/cyber-security/

            ReplyDelete
          16. Mukesh ChoudharyJanuary 7, 2019 at 5:34 AM

            Got any Cyber Scam, Contact best Cyber Security Expert in India for Cyber Crime Consultancy & Cyber Operations.
            Best Regards
            Mukesh Choudhary
            cyber-crime-expert-india">Cyber Crime Expert in India.

            ReplyDelete
          17. AnonymousJanuary 9, 2019 at 9:23 AM

            This comment has been removed by the author.

            ReplyDelete
          18. IT Governance Discount CodesJanuary 9, 2019 at 9:25 AM

            Hey! Thanks a lot for sharing all these here. I really didn't know the entire procedure for the Cuckoo Sandbox installation. I really appreciate your help in letting me know the entire process.

            ReplyDelete
          19. nStarFebruary 28, 2019 at 3:53 AM

            Thanks for sharing information about cuckoo sandbox installation.You explain the procedure really well.

            ReplyDelete
          20. Hacking BlogsSeptember 4, 2019 at 7:38 AM

            Hi! I just wish to offer you a big thumbs up for your great info you have right here on this post. I will be coming back to your site for more soon.

            ReplyDelete
          21. Psychology HacksSeptember 4, 2019 at 7:39 AM

            I was more than happy to uncover this great site. I need to to thank you for your time due to this fantastic read!! I definitely enjoyed every bit of it and I have you bookmarked to see new information on your blog.

            ReplyDelete
          22. Sd ComputerOctober 30, 2019 at 7:05 AM

            This happens all the time that you buy a laptop and initially it runs fine, but slowly over the years, it starts to crawls.
            This is a headache and has to be sorted as soon as possible. But if you are wondering why is my computer so slow all of a
            sudden? Then I will give you the answer here. Indeed there are many reasons but I have mentioned 3 of them here which are
            the most common ones.
            Computer repaiting services UK
            pc repairing services UK
            Laptop repaiting services UK

            ReplyDelete
          23. AnonymousDecember 2, 2019 at 4:20 AM

            The downloading link for Cuckoo is not working.I downloaded it from https://sourceforge.net/projects/cuckoosandbox.mirror/ but couldn't find the requirements.txt file. Please can you share some other downloading link.

            ReplyDelete
          24. AnonymousApril 3, 2020 at 4:41 PM

            Hi there thankyou so much for your really informative blog. I need to ask something.
            1) Is there any other tool better than cuckoo for Dynamic Malware Detection ?
            2) I am making a tool Dynamic Malware Analysis with Machine Learning. How could I get Window's Api's called by malware. I need resources for study more. Could you please me ??
            Thanks

            ReplyDelete
          25. UnknownApril 30, 2020 at 1:13 PM

            really very nice post I am glad to be here and read this post is make my day thanks
            thepiratebay mirror proxy
            the pirate bay alternatives
            torlock mirror proxy
            torrentz2 mirror proxy

            ReplyDelete
          26. Jason RoyJuly 9, 2020 at 1:09 AM

            Information risk management: here you learn how to assess, mitigate, and evaluate data risks. Basically you learn how to identify when there is an information breach. You also learn the different countermeasures that you can take to manage the problem. cyber security institute in hyderabad

            ReplyDelete
          27. AnonymousAugust 14, 2020 at 1:06 AM

            Thank you for providing these details.cyber security training london

            ReplyDelete
          28. UnknownJune 18, 2021 at 4:26 AM

            Thanks for sharing with us.

            Regards
            Khushbu Khandelwal
            SEO Expert

            ReplyDelete

          Subscribe to: Post Comments (Atom)