docker.recipes

PwnDrop File Hosting

intermediate

Self-hosted file hosting for red teamers and pentesters.

Overview

PwnDrop is a specialized self-hosted file hosting service designed specifically for penetration testers, red team operations, and security professionals. Created by Kuba Gretzky, PwnDrop addresses the unique needs of security testing scenarios where traditional file sharing services are either blocked, monitored, or unsuitable for hosting payloads and tools. Unlike conventional file hosting platforms, PwnDrop provides features like custom URL redirection, automatic file deletion after download, and steganographic capabilities to help security professionals operate more effectively during engagements. This Docker implementation leverages the official PwnDrop container to create a portable and easily deployable file hosting infrastructure. The containerized setup provides network isolation through dedicated bridge networking while maintaining persistent storage for uploaded files and administrative configurations. The service exposes both HTTP and HTTPS endpoints, enabling flexible deployment scenarios from internal lab environments to internet-facing operations. Security professionals benefit from this deployment because it eliminates the complexity of manual installation and dependency management while providing a consistent environment across different testing scenarios. The Docker approach also enables rapid deployment and teardown, which is crucial for time-sensitive penetration testing engagements where infrastructure needs to be established quickly and removed cleanly after operations conclude.

Key Features

  • Custom URL aliases and redirects to mask payload locations and create believable social engineering scenarios
  • Automatic file deletion after specified number of downloads or time period to maintain operational security
  • Built-in steganography support for hiding payloads within innocent-looking image files
  • Real-time download tracking and logging for monitoring payload delivery during engagements
  • Password-protected file access with customizable authentication mechanisms
  • Mobile-responsive web interface optimized for managing files during field operations
  • Custom HTTP response codes and headers for advanced evasion techniques
  • Bulk file upload and management capabilities for organizing large payload collections

Common Use Cases

  • 1Red team operations requiring covert payload delivery through custom-branded file sharing portals
  • 2Penetration testing engagements where payloads need to be hosted on controlled infrastructure
  • 3Social engineering campaigns requiring legitimate-looking file sharing services with custom domains
  • 4Security awareness training where realistic phishing scenarios need authentic-looking file hosting
  • 5Bug bounty hunting operations requiring temporary payload hosting with automatic cleanup
  • 6Internal security assessments where files need to be shared without leaving traces on external platforms
  • 7Adversary simulation exercises requiring sophisticated payload delivery mechanisms with tracking capabilities

Prerequisites

  • Docker Engine 20.10+ and Docker Compose v2 for container orchestration and networking support
  • Minimum 512MB RAM and 2GB disk space for PwnDrop operation and file storage
  • Available ports 80 and 443 on the host system for HTTP and HTTPS service endpoints
  • Basic understanding of penetration testing workflows and payload delivery concepts
  • Network configuration knowledge for setting up custom domains and DNS records if internet-facing deployment is required
  • SSL certificate management experience if HTTPS functionality will be utilized in production environments

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  pwndrop: 
3    image: ghcr.io/kgretzky/pwndrop:latest
4    container_name: pwndrop
5    volumes: 
6      - pwndrop-data:/pwndrop/data
7      - pwndrop-admin:/pwndrop/admin
8    ports: 
9      - "80:80"
10      - "443:443"
11    networks: 
12      - pwndrop-network
13    restart: unless-stopped
14
15volumes: 
16  pwndrop-data: 
17  pwndrop-admin: 
18
19networks: 
20  pwndrop-network: 
21    driver: bridge

.env Template

.env
1# PwnDrop
2# Access /pwndrop to set up admin account

Usage Notes

  1. 1Setup at http://localhost/pwndrop
  2. 2Create admin account on first visit
  3. 3Red team file hosting
  4. 4Custom URLs and redirects
  5. 5Auto-delete after download

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  pwndrop:
5    image: ghcr.io/kgretzky/pwndrop:latest
6    container_name: pwndrop
7    volumes:
8      - pwndrop-data:/pwndrop/data
9      - pwndrop-admin:/pwndrop/admin
10    ports:
11      - "80:80"
12      - "443:443"
13    networks:
14      - pwndrop-network
15    restart: unless-stopped
16
17volumes:
18  pwndrop-data:
19  pwndrop-admin:
20
21networks:
22  pwndrop-network:
23    driver: bridge
24EOF
25
26# 2. Create the .env file
27cat > .env << 'EOF'
28# PwnDrop
29# Access /pwndrop to set up admin account
30EOF
31
32# 3. Start the services
33docker compose up -d
34
35# 4. View logs
36docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/pwndrop-file-sharing/run | bash

Troubleshooting

  • Admin interface shows 404 error: Ensure you're accessing http://localhost/pwndrop (not just localhost) and wait 30 seconds after container startup for full initialization
  • File uploads fail with permission errors: Check that pwndrop-data volume has proper write permissions by running docker exec pwndrop ls -la /pwndrop/data
  • HTTPS not working with custom certificates: Verify certificate files are properly mounted and PwnDrop is configured to use HTTPS mode through the admin panel
  • Custom URLs return 404 errors: Confirm URL aliases are properly configured in the PwnDrop admin interface and check container logs for routing errors
  • Container fails to bind to ports 80/443: Verify no other services are using these ports with netstat -tulpn | grep -E ':(80|443)' and stop conflicting services
  • Files not persisting after container restart: Ensure Docker volumes are properly created and mounted by checking docker volume ls and docker inspect pwndrop

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

pwndrop

Tags

#file-hosting#pwndrop#pentesting#red-team#security

Category

Security & Networking

Related Recipes

Ad Space