pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV.
If you’ve ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m SimpleHTTPServer
, pwndrop is definitely for you!
With pwndrop you can:
Its main goal is to make file sharing as easy and intuitive as possible, while implementing extra features to aid in red team assessments.
Frontend of pwndrop is developed in pure Vue.js + Bootstrap with no npm or webpack dependencies. The backend serves REST API and manages a local database, powered by GO language.
Also Read – Privacy Badger : A Browser Extension Automatically Learns To Block Invisible Trackers
Write-up
If you want to learn how to use pwndrop or you want to learn what new features were implemented in recent releases, make sure to check out the posts on my blog:
Video Guide
Prerequisites
If you don’t yet have the server to deploy to I highly recommend Digital Ocean. The cheapest $5/mo Debian 9 server with 25GB of storage space will work wonders for you. You can use my referral link to get an extra $100 to spend on your servers in 60 days for free.
Register a new domain and point its DNS A records to your VPS IP. You can also register a domain and point its ns1
and ns2
nameservers to pwndrop instance IP – it will automatically respond with valid DNS A replies.
If you want to set up pwndrop without a domain, check below how to set up a local instance, which will not auto-generate HTTPS certificates.
Installation
Make sure there aren’t any DNS or HTTP(S) servers running before you attempt to install pwndrop.
I do not recommend running oneliners, before downloading and checking the script code, but if you are really in a hurry, here it is:
curl https://raw.githubusercontent.com/kgretzky/pwndrop/master/install_linux.sh | sudo bash
This will download the latest amd64 release binary and fully install a daemon running in a background.
First you need to download the release package you want from: https://github.com/kgretzky/pwndrop/releases
Then do the following (this performs same actions to the oneliner):
tar zxvf pwndrop-linux-amd64.tar.gz
./pwndrop stop
./pwndrop install
./pwndrop start
./pwndrop status
First of all, make sure you have installed GO with version at least 1.13: https://golang.org/doc/install
Then do the following:
git clone https://github.com/kgretzky/pwndrop
cd pwndrop
make
make install
Quickstart
Make sure the pwndrop is running.
https://yourdomain.com/pwndrop
(this is a default value; make sure to use the secret path, you’ve pre-configured)https://yourdomain.com/
(since you’ve authorized your browser, you will now see an admin panel login page)/pwndrop
.You’re good to go!
Running From CLI
You don’t have to install pwndrop as a daemon and you can run it straight from the console.
Daemon Management:
>>start : start the daemon
>>stop : stop the daemon
>>install : install the daemon using the available system manager (systemd, systemv and upstart supported)
>>remove : uninstall the daemon
>>status : check status of the installed daemon
Parameters:
>>config : specify a custom path to a config file (def. ‘pwndrop.ini’ in same directory as the executable)
>>debug : enable debug output
>>no-autocert : disable automatic TLS certificate retrieval from >>LetsEncrypt; useful when you want to connect over IP or/and in a local network
>>no-dns : do not run a DNS server on port 53 UDP; use this if you don’t want to use pwndrop as a nameserver
>>h : usage help
Configuration
On first launch, pwndrop, by default, will create a new configuration file pwndrop.ini
in the same directory as an executable. You can later modify it or supply your own, for example to pre-configure pwndrop before the installation to automate the deployment of a tool even better.
Here is an example config file with all available config variables with commentary:
[pwndrop]
>>listen_ip = “190.33.86.22” # the external IP of your pwndrop instance (must be set if you want to use the nameserver feature)
>>http_port = 80 # listening port for HTTP and WebDAV
>>https_port = 443 # listening port for HTTPS
>>data_dir = “./data” # directory path where data storage will reside (relative paths are from executable directory path)
>>admin_dir = “./admin” # directory path where the admin panel files reside (relative paths are from executable directory path)
[setup] # optional: put in if you want to per-configure pwndrop (section will be deleted from the config file on first run)
>>username = “admin” # username of the admin account
>>password = “secretpassword” # password of the admin account
>>redirect_url = “https://www.somedomain.com” # URL to which visitors will be redirected to if they supply a path, which doesn’t point to any shared file (put blank if you want to return 404)
>>secret_path = “/pwndrop” # secret URL path, which upon visiting will allow your browser to access the login page of the admin panel (make sure to change the default value)
If you want to pre-configure your pwndrop instance before deployment using any of the installation scripts, put your configuration file at /usr/local/pwndrop/pwndrop.ini
and it will be parsed the moment pwndrop daemon is first executed.
Credits: @jaredhaight
bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…
Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…
Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…