Wednesday, August 6, 2014

Cuckoo Sandbox web interface with Apache

This is a short write-up of how you get the new Django web interface, that ships with current Cuckoo Sandbox working behind Apache.

As the documentation is thin and required some tweaking to get it to work, you might find it useful

The Django interface can be run as a standalone process, using the manage.py script, that one is well documented:  http://docs.cuckoosandbox.org/en/latest/usage/web/

So to get it to work behind Apache I had to do the following:

Please note that this might not be the best way or if you plan to publish the web interface directly on the Internet it might also not suit your needs, that being said:

Begin with editing the file local_settings.py which can be found in cuckoo/web/web directory
Set the variable CUCKOO_PATH = "<path to cuckoo> (e.g: /home/user/cuckoo)"

Then continue to edit the file wsgi.py which also can be found in the cuckoo/web/web directory

From this:

               "import os


                     os.environ.setdefault("DJANGO_SETTINGS_MODULE", "web.settings")"

To look like this:

                     import os, sys

                    sys.path.append('<path to cuckoo>)
                   sys.path.append('<path to cuckoo>/web')
                   os.chdir('<path to cuckoo>/web/')


                 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "web.settings")


Over to Apache.

Add the following lines to your chosen Apache virtualhost configuration (default, ssl)

 WSGIScriptAlias /  <path to cuckoo>/web/web/wsgi.py
        <Directory <path to cuckoo>/web/web>
                <Files wsgi.py>
                Require all granted
                </Files>
        </Directory>

        Alias /static /<path to cuckoo>/web/static
        <Directory <path to cuckoo>web/static/>
                Require all granted
        </Directory> 

You will also need to change the user which Apache run as, this is to enabled the web interface to have access to temporary files created by Cuckoo. This is done in the file envvars (/etc/apache2/)

The variables to change are:

From:

export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data

To:

export APACHE_RUN_USER=<cuckoo user>
export APACHE_RUN_GROUP=<cuckoo user group>

The above changes should not be needed if you choose to change the path for the tmp files created by Cuckoo and give the default Apache user access to that directory. This change will have to be made both in cuckoo.conf and in the local_settings.py if you choose to do so.

/Micke