The guide is primarily aimed at beginners and newcomers to either the game or the Viper tool.

First of all, you can grab yourself a copy of the Viper tool from the in-game website of www.viper.com <- This is an in-game URL, not for use on the real internet.


Alternatively, you can use "apt-get install Viper" from repo 170.220.64.188 . For a more comprehensive guide on how to do that, check out the Bonus section of the Viper Basics guide here[justpaste.it] or here.

You've managed to get at least one rented server on your network. You've downloaded the Viper tool. You might even have read my previous introductory guide to Viper.

It's now time for us to secure our system and LAN.

The vars I'll be using are:

• es - exploitscan
  
• x - targets
  
• u - use

When we say home PC, we're referring to the computer you spawned into the game with.
When we say server, we're referring to any computer you've rented in-game.

secure
chmods your files and folders.
Usage: -home OR -server
Example: secure -home OR secure -server

Don't ever use the secure -server on your home PC, as it might softlock your game.

What's the difference, you might ask? The secure -home is meant for your home pc and as such whitelists the following:

"/bin/sudo",
"/usr/bin/Terminal.exe",
"/usr/bin/AdminMonitor.exe",
"/usr/bin/ConfigLan.exe",
"/usr/bin/Mail.exe",
"/usr/bin/Browser.exe",
"/usr/bin/Notepad.exe",
"/usr/bin/Settings.exe",
"/usr/bin/Manual.exe",
"/usr/bin/Chat.exe",

On your rented servers, your default login is as a root user, which means it can chmod your whole system without worry.

Let's start with securing our home PC and rented server(s). At your home PC, boot up Viper and run the secure -home command.

As a sidenote, if you wish to keep using the Map.exe to bounce your connection through machines, you may have to chmod allow x for the ssh binary.

If you need further instruction of how to manually chmod the ssh binary, scroll down to the Bonus section of the guide.


Fantastic. Now ssh to your rented server using either Map.exe or the credentials received in your Mail program.

Once there, you'll want to run the same command, but with the -server parameter instead this time.

Alright. We're now marginally more secure. The next step is to change the default password to a more secure one.

Maximum password length is 15, your password should be a string of random alphanumeric characters.

Example passwords:

• 5LmfUeRxR2mOAqh
  
• nqgDfRihHkWI8O
  
• Z5DhrhOgXj7c2O
  
• lEEUpLCi7GM5XQj
  
• XxTj3ZAQvcqXMrp

passwd
Changes the password of the specified user.
Usage: passwd [username]
Example: passwd root

Every system should have its own unique password. I recommend keeping a notepad or text document OUTSIDE of the game to keep track, so you don't lock yourself out of a server by accident.

With our home PC and rented server secure, it's time to have a look at our router.

The following steps presume that you're using a network connection you've purchased yourself.

Open your terminal, type ifconfig to get your public IP.

Now nmap the public IP.

Let's take note of where it gives us the version ID of our kernel_router.so for later. If you're not sure how to use Viper to get a shell on a target, we again refer to the Viper Basics guide we linked at the top.
Let's exploitscan port 0, look at our targets and use a shell exploit to gain access.


Make a jumpfile and sudo to root.

If you're unsure about the password for your router, download the ConfigLan program from the server rental website, connect to the network in question and check the key in the top right.

Now secure your router and passwd to a stronger password.

While we're here, let's also move the FileExplorer.exe to the /root folder and remove the /usr folder.
mv /usr/bin/FileExplorer.exe /root
rm -r /usr

To make the router more secure, we'll have to do some legwork in the wild.

While hacking NPC systems, make it a habit to scan their port 0 to check what vulnerabilities are present in their kernel_router.so
You'll have to make a judgment call on what you consider a good version, but the fewer vulnerabilities/shells they have, the better.

Once you've found a better kernel_router.so than the one you currently have installed, hack in by whatever means are necessary and replace the one in your own router. If you've read both this guide and the previous guide, you shouldn't need any help on how to do that.

For thoroughness sake though, I'll quickly showcase the process for you here, with a random IP and a random kernel_router.so lib.
The vars I'll be using are:

• es - exploitscan
  
• x - targets
  
• u - use

In this instance, I'll get ahold of the root password through one of the other exposed services. In this case, the smtp service.

Root pass get. Back to the router.

Now download the kernel_router.so and don't forget to clear your logs.

Now upload that badboy to your router /lib folder, make sure the system is secure and the passwd is strong.
You should now be secure and good to go!

Manual chmodding
You've secured your PC, but you still wanna use the Map.exe program to bounce your connections.
You'll need to modify your ssh binary with chmod.

chmod
Usage: chmod [opt:-R] [u,g,o+wrx] [path file/folder]
Example: u-rx document.txt
The above example removes read and execute permissions from user, as denoted by the -.
To reverse the above command, it would be u+rx document.txt instead.

As Map.exe does not launch a terminal as root, we have to allow for the regular terminal to be allowed to ssh. First cd to your /bin. Then chmod g+x ssh

Be aware that this of course means that someone getting into your computer as a user shell, would have access to the ssh command.

ls -la
You can always use the ls -la command to check whether you have correctly assigned the wanted permissions/restrictions to the specified files.


Deleting unneeded binaries
You've got yourself a secured server, and you've got your permissions how you want them.

The next natural step is straight up deleting unneeded tools on machines that don't need them. Are you bouncing through a specific proxy, which is meant as nothing more than a place for you to clean your logs?

That server doesn't need to have the sudo command, since you'll always be ssh'ing as root.

It probably doesn't need the cat command.

Why would you leave tools lying around for infiltrators to use?

Take a look at what you use a given system/server for, then go through and remove anything you don't see yourself using on it.

Make sure you have a server somewhere with a backup of any given file you delete, which you might need in the future.

Thank you for reading. If you haven't already, feel free to take a look at the previous guide:
Viper Basics - Introduction to Network Penetration and useful tips[justpaste.it]
Viper Basics - Introduction to Network Penetration and useful tips


Credits:

• Volk - for making the tool and various Viper related clarifications.
  
• GrumpyBunny - Idea for the guide and rough outline.
  
• Xclusive - Me. For writing it, obviously.
  
• Covid - For giving me the time needed to write it.

For further assistance, stop by our Discord[discord.gg].

Feel free to direct any further questions to us in the general chat.
GrumpyBunny is online and willing to field questions more often than not.