PWNDROP
this is an open source payload hosting service used during Red Team engagements. it can serve files over HTTP/S & via WebDAV. it has features such as Geo-based restriction which allows it to be accessible only by the red team & the victim infrastructure as well as an admin portal with hidden directory.
INSTALLATION
#create the ec2/azure instance
#create a DNS A record pointing it to the vps instance ip to {subdomain}.{domain}.{tld}
#this is required prior to proceeding
#connect to the ec2 virtual machine
root@oco:~$ sudo -i {key}.pem [email protected]
#install prerequisites
root@VPS:~$ NGVM: go version
root@VPS:~$ sudo apt update && sudo apt upgrade -y
root@VPS:~$ sudo apt install golang -y
#set up the environment variables & update the PATH environment variable to include the directory /usr/local/go/bin
root@VPS:~$ echo "export PATH=\$PATH:/usr/local/go/bin" >> ~/.bashrc
#apply the changes made to ~/.bashrc in the current shell session
root@VPS:~$ source ~/.bashrc
root@VPS:~$ sudo apt-get -y install git make
root@VPS:~$ git clone https://github.com/kgretzky/pwndrop
root@VPS:~$ cd pwndrop
root@VPS:~$ make
root@VPS:~$ make installCONFIGURATION
root@VPS:~$ ./pwndrop
* usage pwndrop [start|stop|install|remove|status] [-config <config_path>] [-debug] [-no-autocert] [-no-dns] [-h]
#running pwndrop
root@VPS:~$ ./pwndrop start
#configuration
root@VPS:~$ nano pwndrop/pwndrop.ini
* executing pwndrop on its first launch will create an ini file by default. this file can be m
[pwndrop]
listen_ip = "190.33.86.22" # the external IP of your pwndrop instance (must be set if you want to use the nameserver feature)
http_port = 80 # listening port for HTTP and WebDAV
https_port = 443 # listening port for HTTPS
data_dir = "./data" # directory path where data storage will reside (relative paths are from executable directory path)
admin_dir = "./admin" # directory path where the admin panel files reside (relative paths are from executable directory path)
[setup] # optional: put in if you want to pre-configure pwndrop (section will be deleted from the config file on first run)
username = "admin" # username of the admin account
password = "secretpassword" # password of the admin account
redirect_url = "https://www.somedomain.com" # URL to which visitors will be redirected to if they supply a path, which doesn't point to any shared file (put blank if you want to return 404)
secret_path = "/pwndrop" # secret URL path, which upon visiting will allow your browser to access the login page of the admin panel (make sure to change the default value)#Quickstart
#Make sure the pwndrop is running.
1.Open the secret URL to authorize your browser: https://yourdomain.com/pwndrop (this is a default value; make sure to use the secret path, you've pre-configured)
2.Open the admin panel URL in your browser: https://yourdomain.com/ (since you've authorized your browser, you will now see an admin panel login page)
3.Create your admin account or login.
4.Click the configuration cog in top-left corner and make sure you change the secret path to something other than /pwndrop.
5.You're good to go!Last updated