Penetration Testing Lab Setup on Digital Ocean

"Security isn’t something you buy, it’s something you do, and it takes talented people to do it right."

You can find a detailed video demonstrating these steps on our official YouTube channel at Penetration Testing Lab Setup on Digital Ocean. Note that this blog is best understood when viewed along with the aforementioned accompanying video.

Introduction

Digital Ocean provides free credits worth $200, an excellent option for creating penetration testing labs. Follow the instructions provided in the video to set up the pentest lab. Sign up and create your Digital Oceans account using the URL https://m.do.co/c/e6a1317eb1d0 and obtain free credits of $200.

Below is a basic flow of what must be done to create your pentest lab.

• Please create a user on the Digital Ocean platform and configure it to work over SSH.

• Install essential services such as docker.

• Install and set up the needed vulnerable services such as DVWA etc.

Setup

• Create a user account on the Digital Ocean's platform using the link: https://m.do.co/c/e6a1317eb1d0

Sign-up

• Login into your newly created digital ocean account using the login page on digital ocean's website. It should look something like this:

Login Page

• Create a new project (if one doesn't exist already) in the UI post-login, and it should look something like this:

Project Page

• Create a new "Droplet" under your newly created project and in the submenu, choose the Ubuntu version you wish to create while configuring the various options per your machine's requirements.

• Please refer to the linked video at the top of this blog to view our recommended configuration, or click here. Once ready, make sure to enable the SSH configurations on your machine ( it's recommended to use the "SSH Keys" instead of "Passwords")

• If you are not sure how to create and use "SSH Keys," please refer to this link.

Create Droplet Page

Login into your digital ocean account as the root (sudo) user. Please refer to this video if you face any issues logging in.

• Create a new user and add sudo privileges.

adduser user 
usermod -aG sudo user  

Create Sudo User

Login as "user" using:

su user 

• Install docker in the machine using

sudo apt-get update
sudo apt-get install docker.io
sudo systemctl enable docker 
sudo systemctl start docker

Installing Docker

Installing vulnerable images

• (Optional) Install the DVWA container from https://hub.docker.com/r/vulnerables/web-dvwa via

sudo docker pull vulnerables/web-dvwa 
sudo docker run --name web-dvwa -d -p 8080:80 --restart always vulnerables/web-dvwa

Pulling DVWA

• (Optional) Install OWASP Juice-shop: https://hub.docker.com/r/bkimminich/juice-shop using

sudo docker pull bkimminich/juice-shop 
sudo docker run --name juice-shop -d -p 8081:3000 --restart always bkimminich/juice-shop

Pulling OWASP juice shop

Installing other services

• (Optional) Install SMTP Server https://www.acorel.nl/2022/03/fake-smtp-servers-for-testing/ and https://linuxize.com/post/how-to-use-linux-screen/ screen

 screen
 sudo docker run --name=mailhog -p 2525:1025 -p 8025:8025 --restart always mailhog/mailhog

Pulling SMTP

Press "ctrl+a" and press d to exit the screen.

• (Optional) Install SNMP - https://github.com/tandrup/docker-snmpsim

screen 
sudo docker run -v /somewhere/with/snmpwalks:/usr/local/snmpsim/data -p 161:161/udp --restart always tandrup/snmpsim

Press "ctrl+a" and press d to exit the screen.

• (Optional) Install FTP - https://github.com/garethflowers/docker-ftp-server

sudo docker run --detach --env FTP_PASS=123 --env FTP_USER=user --name my-ftp-server --publish 20-21:20-21/tcp --publish 40000-40009:40000-40009/tcp --restart always --volume /data:/home/user garethflowers/ftp-server

Connecting to services

Now you can connect to the services you created and execute penetration tests.

Create SSH key pair for the account user created above and configure the SSH login for the account user. If you are unsure how to create and use "SSH Keys," please refer to this link.

On your Kali terminal, run the below ssh port forwarding commands. Make sure to replace the <sshprivatekey> with your private key and <yourdropletip> with your droplet public IP.

ssh -L 80:127.0.0.1:8080 -i <sshprivatekey> user@<yourdropletip> -fN
ssh -L 81:127.0.0.1:8081 -i <sshprivatekey> user@<yourdropletip> -fN
ssh -L 25:127.0.0.1:2525 -i <sshprivatekey> user@<yourdropletip> -fN
ssh -L 21:127.0.0.1:21 -i  <sshprivatekey> user@<yourdropletip> -fN

The services are now reachable on your localhost 127.0.0.1 for testing.

Example: DVWA can be accessed by using the URL http://127.0.0.1:80

Register for instructor-led online courses today!

https://www.darkrelay.com/courses

Check out our free programs!

https://www.darkrelay.com/programs

Contact us with your custom pen testing needs at: info@darkrelay.com or WhatsApp.

Follow us on LinkedIn Twitter Facebook Instagram YouTube Pinterest.