All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Are there any providers allowing pentesting?
Hello,
So I am currently enrolled in a sorta white hat pentesting course and would like to have some hands-on practice thus looking for some servers I could rent to setup webapps/internal networks/databases etc and try to penetrate into them. There is a limit to what I can and can't test in a virtual box and thus having hands on practice in an actual production environment could be really interesting
Please understand that it will be possible that it seems like someone would be breaking into my VM when I am trying to get access to it from outside hacking into it. If it helps I could announce such cases with a data and an est. time.
One of those machines should allow own isos as I will also be using Kali Linux.
I will be using a various set of tools such as Kali Linux, Metasploit, Burpsite, OWASP Xenotix Exploit Framework, Paessel Webstresser and others.
Tests would include but are not limited to:
Penetrating the network, exploiting the system, breaking into a vms system, breach firewalls.
Try to steal data from my setups (not someone elses!).
SQL injections, XSS Cross Site Scripting, trying to get remote control of my machine from the outside..
I can also see me needing a windows server at times to write shells and try to compromise the system again.
Something I guess I will not be allowed to anywhere: Executing DoS attacks (from a VM) Although some hands on practice would be good to see how to prevent them or tighten security but I know this probably wont be allowed.
As an Alternative I might use a booter/stresser instead (which only causes incoming (D)DoS. I will ask for permission in advance though) to analyze DDoS attacks with dstat and other tools and try to secure my system against it.
Actual specs dont really matter can be low. I just need a provider to work with
Comments
Why not just get a dedicated server and split it into virtual containers. That way you can keep all traffic within that internal network without having to interfere with the DC's network.
I would suggest against DDoS attacks however you can craft some DoS attacks from the internal servers.
Good idea would just need to find a way to keep all the traffic internal (never set smth like this up).
For many sensible reasons, professionals learn these skills on virtual machines or systems that are restricted to an isolated local network, not live systems on the public internet. Can you be more descriptive about what limits you face that can only be resolved by training on a publicly accessible VPS?
Why would you want to run Kali from a VPS instead of a local machine?
At the very least, why not do as much as possible on your own local LAN (preferably isolated) and virtual machines? After that, identify the few test cases that require a publicly facing system, assuming they exist at all.
Allow me to point out that if you are serious about learning and applying those skills, then keeping your public footprint small is an important aspect of the work.
What's the budget I have some ideas providing it's legal
As long as you direct the traffic towards the target host then I cant see any reason the code would run wild and access external sources.
VirtualBox. No need to bother a provider with this.
Well obviously I will try to do as much as possible via VirtualBox but the idea of hacking into an actual production evironment with vms that are already pre-configured to be secure by the provider (as most providers templates are) seem interesting to exploit
Kali on a VPS would have the advantage of having more mbps than my home connection and thus could launch stronger DoS attacks (in case I find a host that would allow that).
Anyway I guess I will try to go as far as I get with VirtualBox and then try the rest using a dedicated server with some VMs :P
Well, while I fully understand and believe your requirements are genuine its understandable that most hosts would not want you running that.
I would suggest just getting an ultra cheap dedi, installing esx or proxmox and keeping your environment contained.
99% of the templates are just vanilla with self managed hosts, no special sauce really.
We don't mind, as long as you don't damage other customers we could care less
Yeah, that's also why I was gonna take the direct approach instead of doing this without asking on a host. I understand it will be hard to find a host which supports me with this request but indeed I do not mean any harm
Probably best off just using someone like DO or Vultr then so you can run custom ISO's without asking
Don't wanna run into any trouble with @jarland though :P
to be honest if I saw you doing this on my nodes you wouldn't be on my nodes long after that as I have already been trained to be a computer security professional & know how to pentest myself but I prefer like everyone else says to do it on your local lan with all of it isolated off locked down.
like I said sorry but most providers will refuse allowing you to do that sorry even I prohibit pentesting as you need to do it where it isn't on the public internet it is on your local lan instead isolated off on a vm. and sorry if you tried to break into other provider's panels & vps's & etc in the us at least that would be illegal as breaking into anyone's network you don't own is illegal & furthermore a federal crime in the us including the charge being an felony and not on the state/local level this is on the federal level in the us.
i see your point there.. well I never meant to harm anyone so perhaps Id rather stick to a cut off environmont in virtual box for now^^
From what I'm reading you want to run a service on the server and then try to remotely exploit said service. That isn't a problem, and you can be sure others are trying to do it to your public facing services on servers anyway. It won't generate abuse complaints because you would have to be the one sending them.
Of course, DOS is strictly not allowed basically anywhere that you want to be
So aside from DOS I'd be good using DO?
Absolutely. We don't monitor traffic for application layer abuse. (Just not reasonable to do so)
awesome Glad to hear that! will be using DO once more I guess :P When Im finished with my local vms testing that is^^
>
>
I could not let your comments sit without a response. I am surprised that others have not bothered.
Your assumption that most provider's templates are secure is not valid. Templates (or .iso images) are downloaded by providers from public sources and not updated as often as you would expect. I have observed templates at several providers that were more than a year out-of-date from current. The same is true for .iso image files. Of course, you can get updates for your newly installed operating system on your VPS, but whatever fixes are included in those updates may represent vulnerabilities that were discovered and patched. Obviously you can exploit them until you apply the patches.
Ignoring the fact that no provider will accept a live DoS attack on their network, whether or not you "own" the source and/or the target, I am trying to imagine any kind of reasonable use case for testing a live DoS attack against a VPS that is not better performed in a lab or virtual environment. What could you possibly learn from such a live test that cannot be learned in a safe, isolated environment?
Important Clarification for Other Readers: I know that there are many types of DoS attack, not just ones that involve large volumes of network traffic. Ympker specifically mentioned the advantage of using Kali on a VPS due to having "...more mbps than my home connection...", so I assume that Ympker wants to test attacks that require large volumes of network traffic.
This is a sensible statement, until you get to "... and then try the rest using a dedicated server with some VMs." What is the difference between your "dedicated server with some VMs" and a computer at home with some VMs, unless you are planning to put live attack traffic on someone else's network?
I wonder whether Ympker is aware that there are sources of ready-to-download virtual machines, explicitly designed to teach pen testing skills, often with hints and step-by-step instructions if you get stuck, with increasing levels of difficulty to challenge advanced students. Try here, for starts:
https://www.vulnhub.com
Look under "Help" for "Setting up a Lab"
Heya @emg and thanks for your reply I will try to answer asap^^
Well aren't there some providers that add pre-configured iptables, fail2ban or other allow ssh-key access only? Anyway I get where you are coming from and about most budget providers you might be right.
Regarding that my home network will obviously be knocked down in an instant by a DDos/DoS attack whereas with a real server I can see how long it would withstand such an attack in unprotected/protected environments and how to optimize that time by taking further security measures. No use in a home connection for that though.
See above^^
I am just learning so that sounds interesting and I am aware that there are some sources but my course hasn't mentioned a lot just yet.
>
Wrong. You assume that I mean for you to attack your slow home connection from an external device on the internet. That is incorrect. You should run everything, especially DoS attacks, on an isolated local network or virtual network inside a virtual machine environment.
Your internal home network (the part that never reaches the internet) and the virtual network on your home computer (alone) are very fast. My internal network at home is full gigabit speed (1 gigabit/sec) which is common and cheap. 100 megabit/sec is older, but still very fast and even cheaper. I never bothered to measure the effective network speeds on virtual networks, but trust me, they are also very fast.
There are free and built-in Windows and Linux tools available for you to configure network parameters to slow them down, add latency, or set a percentage of dropped datagrams, to simulate real-world networks down to dialup if you wish. (Linux: search for "tc" and "netem".)
That's all you need. I will say it once again. It does not make sense for you to run pen testing and especially DoS testing on VPS provider networks or the open internet. You can do everything you need on an isolated private network and/or virtual machines at home. It will give you all the performance you need.
Configuring and managing isolated test environments is a very important skill for student pen testers to learn, too.
If you insist on installing and running the tools you mentioned in live VPSs on provider networks and the public internet, then I hope you get caught and face the consequences. You will certainly be noticed, whether you realize it or not. It is a shame, because there is absolutely no need for you to do that. Discuss it with your professor or instructor.
This is the last advice I will give you. I am done.
Thanks for the heads up. Will be looking out for these tools^^