Host ConfigurationΒΆ
conf/cuckoo.conf
configuration:
# Specify the name of the machinery module to use, this module will
# define the interaction between Cuckoo and your virtualization software
# of choice.
machinery = avd
[resultserver]
# The Result Server is used to receive in real time the behavioral logs
# produced by the analyzer.
# Specify the IP address of the host. The analysis machines should be able
# to contact the host through such address, so make sure it's valid.
# NOTE: if you set resultserver IP to 0.0.0.0 you have to set the option
# `resultserver_ip` for all your virtual machines in machinery configuration.
ip = 127.0.0.1
conf/avd.conf
configuration:
[avd]
#Path to the local installation of the android emulator
emulator_path = <add>
#Path to the local installation of the adb - android debug bridge utility.
adb_path = <add>
#Path to the emulator machine files is located
avd_path = <add home_path>/.android/avd
#name of the reference machine that is used to duplicate
reference_machine = aosx
# Specify a comma-separated list of available machines to be used. For each
# specified ID you have to define a dedicated section containing the details
# on the respective machine. (E.g. aosx_1,aosx_2,aosx_3)
#currently supports only 1 machine for network limitations
machines =aosx_1
[aosx_1]
# Specify the label name of the current machine as specified in your
# aosx_1 configuration.
label = aosx_1
# Specify the operating system platform used by current machine
platform = android
# Specify the IP address of the current virtual machine. Make sure that the
# IP address is valid and that the host machine is able to reach it. If not,
# the analysis will fail.
# its always 127.0.0.1 because android emulator networking configurations this the loopback of the host machine
ip = 127.0.0.1
#Specify the port for the emulator as your adb sees it.
emulator_port=5554
#10.0.2.2 is the loopback of the host machine very importent!!!
resultserver_ip = 10.0.2.2
resultserver_port = 2042
Warning
result server ip is always 10.0.2.2! (android emulator network configuration)
conf/auxiliary.conf
configuration:
[sniffer]
# Enable or disable the use of an external sniffer (tcpdump) [yes/no].
enabled = no
conf/processing.conf
configuration:
[droidmon]
enabled = yes
[googleplay]
enabled = yes
android_id = <add android_id>
google_login = <add google_login>
google_password = <add google_password>
[apkinfo]
enabled = yes
#Decompiling dex with androguard in a heavy operation and for a big dex's
#he can really consume performance from the cuckoo host ,so it's recommended to limit the size of dex that you will decompile
#decompilation_threshold=2000000
conf/reporting.conf
configuration:
[reporthtml]
enabled = no
[reportandroidhtml]
enabled = yes