Setting up VPS for Pentesting and bug bounty is what I will be to share with you guys today.
So I have been looking into setting up my automation environment for things I do in infosec.
And what I see a lot of people use for this is Digital Ocean VPS, Linode and many more VPS platform available out there, but In this guide, I will be using DigitalOcean.
Also, Digital Ocean offers $100 credit free for you as first time users, get yours here.
Setting up VPS for automation is not something hard to do, in fact, if you don’t have your system available all time, you can always resume your work by connecting to your VPS through SSH on your phones terminal(Termux preferably).
Here we go,
How to Set up VPS for Pentesting, Bug Bounty Automation
When you are done creating your account on Digital Ocean you will need to add your credit card or link your PayPal to be able to use the free $100 which DigitalOcean gives out.
If you have your account setup already, let’s move on,
Once you are in your dashboard, click on Create dropdown and pick Droplet, somewhere around the left edge corner.
We try to create a cloud server, that’s why we will be picking Droplets
Now the Droplets dashboard will open up, where the setting will take place.
In this guide I will be creating Ubuntu VPS, that’s the only I have tried before, you can check out one of Debian, Fedora and others too, nothing bad in trying.
The settings, Choose a plan, I will be leaving it to Basic and I will choose $5 plan which as 1 GB / 1 CPU, 25 GB SSD disk, 1000 GB transfer because
- I don’t need some large storage
- My Subscription isn’t much, only the basic plan can let me pick options between $5 to $20 based on the credit I have in my Account.
You can decide to pick any plan, based on what you want, and based on the credit you have in your Digitalocean account.
The more CPU and SSD disk space the faster your environment will be.
Add block storage: Just leave this to default.
Choose a datacenter region: for the add block storage, you will have to choose any data centre near to your location or closer to your region.
You are the only one to decide this, this setting relies on your location, for me, I will pick New York or San Francisco.
VPC Network: You can leave this to default, but if your task requires you to enable Private Network Settings, you can always to this anytime, even when you’re done with the setup.
Select additional options: You can decide what to do here, for me I prefer to enable IPv6 Option only, so I will have access to IPv4 and 6.
Authentication: for authentication, I will be using a password, I find that easy, so you can enter any password you like into the Create root password box.
Make sure its a password you can remember because that’s what you will be using to log in.
Finalize and create: Here the only thing I changed here was the Choose a hostname, you always change it to anytime you like, its like customisation of the terminal.
That’s all for the Droplets Creation Settings, leave the remaining options and click Create Droplet
Once the droplet is completely deployed, you should have an address come up, just like the below image.
So we are ned to connect to our VPS via ssh, Set up isn’t different on different Device, in as much as you have a terminal software running you can do this.
Connecting to Digital Ocean Droplets VPS On MAC devices
Mac devices have preinstalled terminal in them, so you don’t have issues, all you have to do is open the terminal and type
ssh root@yourdropletipaddress e.g mine is ssh root@104.248.112.71 (you can always find your droplet IP address in your dashboard).
When you click enter, for the first time, you will be prompted to press yes to proceed for connection, but if the connection gets closed, you can retry again and you will be prompted to enter your password.
The password requested is the password you typed when creating your droplets, if the password is correct then should see a welcome message and your terminal should look like this.
Then you can decide tools to install, what to set up and many more, but first you might wanna type
apt update && apt upgrade
apt install git
And you good to install any kinds of tools you want to install since you running as root you have full privileges.
But wait what if you want to create a Users account that doesn’t have direct access to the root permissions at the time, then you need to create one by following the below guide.
On your connected ssh terminal while in the root, type
adduser <yourname or nickname> e.g adduser USERNAME
and you will be asked to input password for the new user you are creating, after that you will be asked for information like your name, etc, you can skip all those questions by pressing enter till you are done.
Now that we have a new user called USERNAME, we will want to make sure the user access to doing stuff that a root user does, in case we have to do things requires us to have the higher privilege.
So will need to add the user to the sudo group, to do that, we use this command
usermod -aG sudo USERNAME
So now, we can open another tab and log in with the new user we’ve created with ssh <yourusername>@<yourserveripaddress> e.g ssh USERNAME@104.248.112.71
And once you log in, you good to go and start working, but in case you want to view files of root folders, you can use sudo before the commands you type.
Connecting to Digital Ocean Droplets VPS On Android or IOS devices
To do this all you have to do is download a software name Termux, you can download from playstore or ISH for IOS device.
The same connection procedures go for this too, once you have the app on your mobile device, open up the termux or ish and let the set up run completely when it’s over, type the following commands
apt update && apt upgrade
apt install ssh
When you are done with the installation, you can now connect to your Ubuntu VPS, using the same command used in other setups which is
ssh root@<vps IP address> or ssh <username>@<vps IP address>
e.g ssh root@104.248.112.71 or ssh USERNAME@104.248.112.71
And you can continue with your works, the advantage of this is that no root privilege is required from your device level, no system resources is consumed from you, this is awesome.
Connecting to Digital Ocean Droplets VPS On Windows
For windows users, the setup is quite different but the connection process is the same, you can use the regular Putty.exe – https://www.putty.org/, but that might make you feel like non 1337.
So you can use the Windows Subsystem for Linux – https://www.microsoft.com/en-ng/store/top-free/apps/pc?category=Developer+tools%5cUtilities, search for ubuntu and install it.
Once installed, the process of connecting to your VPS is the same as others above.
That’s all, I believe you find this guide useful, don’t forget to share with friends.
For Visual Guide, Check out Nahamsec VIdeo
Stay Safe.