Installation Guide - yeswehack/pwn-machine GitHub Wiki

Table of Contents

• Requirements
• Installation
• First run & configuration
• Updating pwn-machine
• Frequently Asked Questions (FAQ)

Requirements

To use the PwnMachine, you don't need many prerequisites. You just need to have docker on your machine. We do not provide a tutorial for installing Docker, you can find all the useful information here: https://docs.docker.com/get-started/.

Installation

Using Docker

1. Clone the repository locally on your machine

git clone https://github.com/yeswehack/pwn-machine.git

2. Enter in the repository previously cloned

cd pwn-machine/

Configure the .env

If you start to build direclty the project, you will be faced with an error:

${LETS_ENCRYPT_EMAIL?Please provide an email for let's encrypt}" # Replace with your email address or create a .env file

We highly recommend to create a .env file in the PwnMachine directory and to configure an email. It's used for let's encrypt to have a SSL certificate.

LETS_ENCRYPT_EMAIL="[email protected]"

Building

1. Build the project (using option -d will start the project in background, it's optional). Building can take several minutes (depending on your computer and network connection).

docker-compose up --build -d

2. Once everything is done on docker side, you should be able to access on the PwnMachine at http://your_address_ip

Starting pm_powerdns-db_1   ... done
Starting pm_redis_1         ... done
Starting pm_powerdns_1      ... done
Starting pm_filebeat_1      ... done
Recreating traefik          ... done
Recreating pm_manager_1     ... done

First run & configuration

Password and 2FA configuration

When you start the PwnMachine for the first time, we ask users to set a new password and 2FA authentication. This is mandatory to continue. You can use Google Authenticator, Authy, Keepass... anything you want that allows you to set up 2FA authentication.

After this, you are ready to use the PwnMachine!

How to setup DNS

Create a new DNS zone

First, we need to create a new DNS zone. Go on DNS > ZONES

Name: `domain.com`
Nameserver: `ns.domain.com.`
Postmaster: `noreply.example.com.`

2. Click on the button to save the configuration and the this new DNS zone

Create a new DNS rule

Zone: example.com.
Name: *.example.com.
Type: A

2. Add a new record

your_adress_ip

3. Click on the button +

4. Click on the button to save the configuration

Now you need to update your DNS servers at your ISP with the one that has just been configured.

How to expose a docker container on a subdomain and use HTTPS

For this example, we will create a new subdomain like manager.example.com to expose the PwnMachine interface on it and accessible in HTTPS.

1. Go on DOCKER > CONTAINERS
2. Right click on pm_manager
3. Click on Expose via traefik
4. A new window should open:

Name: pm_manager-router
Rule: Host(`manager.example.com`) && PathPrefix(`/`)
Entrypoint: https
Select "Middlewares"
Service: pm_manager-service

---- TLS ----

Cert Resolver: Let's Encrypt staging - DNS
Domain: *.example.com

Now, wait the DNS propagation and after some minutes you should be able to connect on manager.example.com.

Updating

To update pwn-machine simply run

git pull && docker-compose up --build -d

This will pull the latest version and only restart the relevant containers.