When I first ran across PwnDrop, I was intrigued at what the developers had in mind with it. For instance, if you’re a white-hat hacker and are looking to share exploits safely with your client, you might use a service like PwnDrop. If you’re a journalist communicating with, well, just about anyone who is trying to keep their identity secret, you might use a service like PwnDrop.
In this tutorial, we’re going to look at how easy it is to set up and use in just a few minutes.
Prerequisites for PwnDrop in Docker
First things first, you’ll need a Docker server set up. Linode has made that process very simple and you can set one up for just a few bucks a month and can add a private IP address (for free) and backups for just a couple bucks more per month.
Another thing you’ll need is a domain name, which you can buy from almost anywhere online for a wide range of prices depending on where you make your purchase. Be sure to point the domain’s DNS settings to Linode. You can find more information about that here: https://www.linode.com/docs/guides/dns-manager/
You’ll also want a reverse proxy set up on your Docker Server so that you can do things like route traffic and manage SSLs on your server. I made a video about the process of setting up a Docker server with Portainer and a reverse proxy called Nginx Proxy Manager that you can check out here: https://www.youtube.com/watch?v=7oUjfsaR0NU
Once you’ve got your Docker server set up, you can begin the process of setting up your PwnDrop password manager on that server.
There are 2 primary ways you can do this:
- In the command line via SSH.
- In Portainer via the Portainer dashboard.
We’re going to take a look at how to do this in Portainer so that we can have a user interface to work with.
Head over to http://your-server-ip-address:9000 and get logged into Portainer with the credentials we set up in our previous post/video.
On the left side of the screen, we’re going to click the “Stacks” link and then, on the next page, click the “+ Add stack” button.
This will bring up a page where you’ll enter the name of the stack. Below that that you can then copy and paste the following: