MK
Uploaded byMohd Khairulazam
4,705 views

Install Cuckoo on Mac OS X

This document provides instructions for installing Cuckoo 0.4.1 on Mac OS X Snow Leopard to analyze malware in a virtual machine environment. It describes installing dependencies like pip, dpkt, and VirtualBox. It also explains how to set up a Windows virtual machine, edit the Cuckoo configuration file to point to the VM, run Cuckoo's agent in the VM, take snapshots of the VM for analysis, and run an example to analyze a sample file.

Embed presentation

Installing Cuckoo 0.4.1 on Max OS X Snow Leopard The Environment - sudo easy_install pip - /usr/bin/ruby -e "$(/usr/bin/curl -fksSL https://raw.github.com/mxcl/homebrew/master/Library/Contributions/install _homebrew.rb)" - pip install python-magic - brew install libmagic - download dpkt source code from code.google.com/p/dpkt/downloads/list (current version is dpkt-1.7.tar.gzMar 2010) - sudo python setup.py install - sudo pip install Mako - install tcpdump - copy/usr/sbin/tcpdump to other location & preserve the attribute - sudo chmod +s /usr/sbin/tcpdump The Virtual Machine - install VirtualBox on your Mac OS X - install either Windows XP SP1 or SP2 or SP3 or Windows 7 - set the network connection as Host-Only Adapter. You also can choose Bridge Adapter if you want The Sandbox - download& etract Cuckoo from cuckoosandbox.org/downloads/cuckoocurrent.tar.gz - editconf/virtualbox.conf file. - search for label = cuckoo1 and change “cuckoo1” to your virtualbox label name this name refer at Virtualbox -> Settings -> General -> Basic -> Name - also edit platform and ip Warm-up Session - start the virtual machine - copy agent (agent.py) to virtual machine Saving the Virtual Machine *Before doing this make sure you rebooted it softly and that it’s currently running, with Cuckoo’s agent running and with Windows fully booted. - VBoxManage snapshot "<Name of VM>" take "<Name of snapshot>" --pause e.g. - VBoxManage snapshot "XP" take "XP1" –pause After the snapshot creation is completed, you can power off the machine and restore it: - VBoxManage controlvm "<Name of VM>" poweroff - VBoxManage snapshot "<Name of VM>" restorecurrent e.g. - VBoxManage controlvm "XP" poweroff - VBoxManage snapshot "XP" restorecurrent
Running a Sample for the first time On terminal, open 3-seperated tabs. On tab 1, - python cuckoo.py On tab 2, - python wed.py - then open localhost:8080 on your web browser On tab 3, - python submit.py <filename> Watching the first tab, wait till analysis is done. Next refresh your browser. You should see the results there.

More Related Content

PDF
Low Level View of Android System Architecture
byNational Cheng Kung University
 
PDF
Porting Android
byOpersys inc.
 
PDF
BKK16-315 Graphics Stack Update
byLinaro
 
PPTX
Android audio system(audio_hardwareinterace)
byfefe7270
 
PPTX
Metasploit
byInstitute of Information Security (IIS)
 
PDF
Introduction To Mobile-Automation
byMindfire Solutions
 
PDF
Android Internals
byOpersys inc.
 
PDF
Improve Android System Component Performance
byNational Cheng Kung University
 
Low Level View of Android System Architecture
byNational Cheng Kung University
 
Porting Android
byOpersys inc.
 
BKK16-315 Graphics Stack Update
byLinaro
 
Android audio system(audio_hardwareinterace)
byfefe7270
 
Metasploit
byInstitute of Information Security (IIS)
 
Introduction To Mobile-Automation
byMindfire Solutions
 
Android Internals
byOpersys inc.
 
Improve Android System Component Performance
byNational Cheng Kung University
 

What's hot

PPTX
Android Booting Sequence
byJayanta Ghoshal
 
PDF
Pki (Public Key Infrastructure) 에 대한 쉬운 설명
byCrazia Wolfgang
 
ODP
Android Camera Architecture
byPicker Weng
 
PPT
Introduction to Google APIs
bySiva Arunachalam
 
PDF
Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...
byOpersys inc.
 
PPTX
Burpsuite 101
byn|u - The Open Security Community
 
PDF
CIS Controls - Windows Built-In and Open Source Tools to The Rescue
byBashar Shamma
 
PPSX
API Test Automation
bySQALab
 
PDF
Progressive web apps
byR. Caner Yıldırım
 
PPTX
Android+init+process
byHong Jae Kwon
 
PDF
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
byNSConclave
 
PPTX
Api testing
byHamzaMajid13
 
PPTX
Mobile application testing
bySoftheme
 
PPTX
Api Testing
byVishwanath KC
 
PDF
syzkaller: the next gen kernel fuzzer
byDmitry Vyukov
 
ODP
Q4.11: Porting Android to new Platforms
byLinaro
 
PPT
Appium
byKeshav Kashyap
 
ODP
Android crash debugging
byAshish Agrawal
 
PDF
Inside Android's UI
byOpersys inc.
 
PDF
Working with the AOSP - Linaro Connect Asia 2013
byOpersys inc.
 
Android Booting Sequence
byJayanta Ghoshal
 
Pki (Public Key Infrastructure) 에 대한 쉬운 설명
byCrazia Wolfgang
 
Android Camera Architecture
byPicker Weng
 
Introduction to Google APIs
bySiva Arunachalam
 
Native Android Userspace part of the Embedded Android Workshop at Linaro Conn...
byOpersys inc.
 
Burpsuite 101
byn|u - The Open Security Community
 
CIS Controls - Windows Built-In and Open Source Tools to The Rescue
byBashar Shamma
 
API Test Automation
bySQALab
 
Progressive web apps
byR. Caner Yıldırım
 
Android+init+process
byHong Jae Kwon
 
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
byNSConclave
 
Api testing
byHamzaMajid13
 
Mobile application testing
bySoftheme
 
Api Testing
byVishwanath KC
 
syzkaller: the next gen kernel fuzzer
byDmitry Vyukov
 
Q4.11: Porting Android to new Platforms
byLinaro
 
Appium
byKeshav Kashyap
 
Android crash debugging
byAshish Agrawal
 
Inside Android's UI
byOpersys inc.
 
Working with the AOSP - Linaro Connect Asia 2013
byOpersys inc.
 

Recently uploaded

PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PPTX
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
PDF
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PDF
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PDF
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
PDF
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
PDF
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
PDF
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
PPTX
NTG - Data Center Management System Software
byMustafa Kuğu
 
PDF
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
NTG - Data Center Management System Software
byMustafa Kuğu
 
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 

Install Cuckoo on Mac OS X

  • 1.
    Installing Cuckoo 0.4.1on Max OS X Snow Leopard The Environment - sudo easy_install pip - /usr/bin/ruby -e "$(/usr/bin/curl -fksSL https://raw.github.com/mxcl/homebrew/master/Library/Contributions/install _homebrew.rb)" - pip install python-magic - brew install libmagic - download dpkt source code from code.google.com/p/dpkt/downloads/list (current version is dpkt-1.7.tar.gzMar 2010) - sudo python setup.py install - sudo pip install Mako - install tcpdump - copy/usr/sbin/tcpdump to other location & preserve the attribute - sudo chmod +s /usr/sbin/tcpdump The Virtual Machine - install VirtualBox on your Mac OS X - install either Windows XP SP1 or SP2 or SP3 or Windows 7 - set the network connection as Host-Only Adapter. You also can choose Bridge Adapter if you want The Sandbox - download& etract Cuckoo from cuckoosandbox.org/downloads/cuckoocurrent.tar.gz - editconf/virtualbox.conf file. - search for label = cuckoo1 and change “cuckoo1” to your virtualbox label name this name refer at Virtualbox -> Settings -> General -> Basic -> Name - also edit platform and ip Warm-up Session - start the virtual machine - copy agent (agent.py) to virtual machine Saving the Virtual Machine *Before doing this make sure you rebooted it softly and that it’s currently running, with Cuckoo’s agent running and with Windows fully booted. - VBoxManage snapshot "<Name of VM>" take "<Name of snapshot>" --pause e.g. - VBoxManage snapshot "XP" take "XP1" –pause After the snapshot creation is completed, you can power off the machine and restore it: - VBoxManage controlvm "<Name of VM>" poweroff - VBoxManage snapshot "<Name of VM>" restorecurrent e.g. - VBoxManage controlvm "XP" poweroff - VBoxManage snapshot "XP" restorecurrent
  • 2.
    Running a Samplefor the first time On terminal, open 3-seperated tabs. On tab 1, - python cuckoo.py On tab 2, - python wed.py - then open localhost:8080 on your web browser On tab 3, - python submit.py <filename> Watching the first tab, wait till analysis is done. Next refresh your browser. You should see the results there.