Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Are there any providers allowing pentesting?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Are there any providers allowing pentesting?

YmpkerYmpker Member
edited August 2016 in Requests

Hello,
So I am currently enrolled in a sorta white hat pentesting course and would like to have some hands-on practice thus looking for some servers I could rent to setup webapps/internal networks/databases etc and try to penetrate into them. There is a limit to what I can and can't test in a virtual box and thus having hands on practice in an actual production environment could be really interesting :)

Please understand that it will be possible that it seems like someone would be breaking into my VM when I am trying to get access to it from outside hacking into it. If it helps I could announce such cases with a data and an est. time.

One of those machines should allow own isos as I will also be using Kali Linux.

I will be using a various set of tools such as Kali Linux, Metasploit, Burpsite, OWASP Xenotix Exploit Framework, Paessel Webstresser and others.

Tests would include but are not limited to:

Penetrating the network, exploiting the system, breaking into a vms system, breach firewalls.

Try to steal data from my setups (not someone elses!).

SQL injections, XSS Cross Site Scripting, trying to get remote control of my machine from the outside..

I can also see me needing a windows server at times to write shells and try to compromise the system again.

Something I guess I will not be allowed to anywhere: Executing DoS attacks (from a VM) :( Although some hands on practice would be good to see how to prevent them or tighten security but I know this probably wont be allowed.

As an Alternative I might use a booter/stresser instead (which only causes incoming (D)DoS. I will ask for permission in advance though) to analyze DDoS attacks with dstat and other tools and try to secure my system against it.

Actual specs dont really matter can be low. I just need a provider to work with :)

Comments

  • Why not just get a dedicated server and split it into virtual containers. That way you can keep all traffic within that internal network without having to interfere with the DC's network.
    I would suggest against DDoS attacks however you can craft some DoS attacks from the internal servers.

    Thanked by 1Ympker
  • @mavrick said:
    Why not just get a dedicated server and split it into virtual containers. That way you can keep all traffic within that internal network without having to interfere with the DC's network.
    I would suggest against DDoS attacks however you can craft some DoS attacks from the internal servers.

    Good idea would just need to find a way to keep all the traffic internal (never set smth like this up).

  • emgemg Veteran

    For many sensible reasons, professionals learn these skills on virtual machines or systems that are restricted to an isolated local network, not live systems on the public internet. Can you be more descriptive about what limits you face that can only be resolved by training on a publicly accessible VPS?

    Why would you want to run Kali from a VPS instead of a local machine?

    At the very least, why not do as much as possible on your own local LAN (preferably isolated) and virtual machines? After that, identify the few test cases that require a publicly facing system, assuming they exist at all.

    Allow me to point out that if you are serious about learning and applying those skills, then keeping your public footprint small is an important aspect of the work.

    Thanked by 2Ympker Chronic
  • What's the budget I have some ideas providing it's legal

  • @Ympker said:

    @mavrick said:
    Why not just get a dedicated server and split it into virtual containers. That way you can keep all traffic within that internal network without having to interfere with the DC's network.
    I would suggest against DDoS attacks however you can craft some DoS attacks from the internal servers.

    Good idea would just need to find a way to keep all the traffic internal (never set smth like this up).

    As long as you direct the traffic towards the target host then I cant see any reason the code would run wild and access external sources.

    Thanked by 1Ympker
  • VirtualBox. No need to bother a provider with this.

    Thanked by 1Waldo19
  • @emg said:
    For many sensible reasons, professionals learn these skills on virtual machines or systems that are restricted to an isolated local network, not live systems on the public internet. Can you be more descriptive about what limits you face that can only be resolved by training on a publicly accessible VPS?

    Why would you want to run Kali from a VPS instead of a local machine?

    At the very least, why not do as much as possible on your own local LAN (preferably isolated) and virtual machines? After that, identify the few test cases that require a publicly facing system, assuming they exist at all.

    Allow me to point out that if you are serious about learning and applying those skills, then keeping your public footprint small is an important aspect of the work.

    Well obviously I will try to do as much as possible via VirtualBox but the idea of hacking into an actual production evironment with vms that are already pre-configured to be secure by the provider (as most providers templates are) seem interesting to exploit :)
    Kali on a VPS would have the advantage of having more mbps than my home connection and thus could launch stronger DoS attacks (in case I find a host that would allow that).

    Anyway I guess I will try to go as far as I get with VirtualBox and then try the rest using a dedicated server with some VMs :P

  • AnthonySmithAnthonySmith Member, Patron Provider

    Well, while I fully understand and believe your requirements are genuine its understandable that most hosts would not want you running that.

    I would suggest just getting an ultra cheap dedi, installing esx or proxmox and keeping your environment contained.

    99% of the templates are just vanilla with self managed hosts, no special sauce really.

    Thanked by 2Ympker netomx
  • GCatGCat Member

    We don't mind, as long as you don't damage other customers we could care less

    Thanked by 1Ympker
  • @AnthonySmith said:
    Well, while I fully understand and believe your requirements are genuine its understandable that most hosts would not want you running that.

    I would suggest just getting an ultra cheap dedi, installing esx or proxmox and keeping your environment contained.

    99% of the templates are just vanilla with self managed hosts, no special sauce really.

    Yeah, that's also why I was gonna take the direct approach instead of doing this without asking on a host. I understand it will be hard to find a host which supports me with this request but indeed I do not mean any harm :)

  • AnthonySmithAnthonySmith Member, Patron Provider

    Probably best off just using someone like DO or Vultr then so you can run custom ISO's without asking :)

    Thanked by 1Ympker
  • YmpkerYmpker Member
    edited August 2016

    @AnthonySmith said:
    Probably best off just using someone like DO or Vultr then so you can run custom ISO's without asking :)

    Don't wanna run into any trouble with @jarland though :P

  • timnboystimnboys Member
    edited August 2016

    @Ympker said:

    AnthonySmith said:
    Well, while I fully understand and believe your requirements are genuine its understandable that most hosts would not want you running that.

    I would suggest just getting an ultra cheap dedi, installing esx or proxmox and keeping your environment contained.

    99% of the templates are just vanilla with self managed hosts, no special sauce really.

    Yeah, that's also why I was gonna take the direct approach instead of doing this without asking on a host. I understand it will be hard to find a host which supports me with this request but indeed I do not mean any harm :)

    to be honest if I saw you doing this on my nodes you wouldn't be on my nodes long after that as I have already been trained to be a computer security professional & know how to pentest myself but I prefer like everyone else says to do it on your local lan with all of it isolated off locked down.
    like I said sorry but most providers will refuse allowing you to do that sorry even I prohibit pentesting as you need to do it where it isn't on the public internet it is on your local lan instead isolated off on a vm. and sorry if you tried to break into other provider's panels & vps's & etc in the us at least that would be illegal as breaking into anyone's network you don't own is illegal & furthermore a federal crime in the us including the charge being an felony and not on the state/local level this is on the federal level in the us.

    Thanked by 1Ympker
  • @timnboys said:

    @Ympker said:

    AnthonySmith said:
    Well, while I fully understand and believe your requirements are genuine its understandable that most hosts would not want you running that.

    I would suggest just getting an ultra cheap dedi, installing esx or proxmox and keeping your environment contained.

    99% of the templates are just vanilla with self managed hosts, no special sauce really.

    Yeah, that's also why I was gonna take the direct approach instead of doing this without asking on a host. I understand it will be hard to find a host which supports me with this request but indeed I do not mean any harm :)

    to be honest if I saw you doing this on my nodes you wouldn't be on my nodes long after that as I have already been trained to be a computer security professional & know how to pentest myself but I prefer like everyone else says to do it on your local lan with all of it isolated off locked down.
    like I said sorry but most providers will refuse allowing you to do that sorry even I prohibit pentesting as you need to do it where it isn't on the public internet it is on your local lan instead isolated off on a vm. and sorry if you tried to break into other provider's panels & vps's & etc in the us at least that would be illegal as breaking into anyone's network you don't own is illegal & furthermore a federal crime in the us including the charge being an felony and not on the state/local level this is on the federal level in the us.

    i see your point there.. well I never meant to harm anyone so perhaps Id rather stick to a cut off environmont in virtual box for now^^

  • jarjar Patron Provider, Top Host, Veteran

    From what I'm reading you want to run a service on the server and then try to remotely exploit said service. That isn't a problem, and you can be sure others are trying to do it to your public facing services on servers anyway. It won't generate abuse complaints because you would have to be the one sending them.

    Of course, DOS is strictly not allowed basically anywhere that you want to be :)

    Thanked by 1Ympker
  • @jarland said:
    From what I'm reading you want to run a service on the server and then try to remotely exploit said service. That isn't a problem, and you can be sure others are trying to do it to your public facing services on servers anyway. It won't generate abuse complaints because you would have to be the one sending them.

    Of course, DOS is strictly not allowed basically anywhere that you want to be :)

    So aside from DOS I'd be good using DO?

  • jarjar Patron Provider, Top Host, Veteran
    edited August 2016

    @Ympker said:

    @jarland said:
    From what I'm reading you want to run a service on the server and then try to remotely exploit said service. That isn't a problem, and you can be sure others are trying to do it to your public facing services on servers anyway. It won't generate abuse complaints because you would have to be the one sending them.

    Of course, DOS is strictly not allowed basically anywhere that you want to be :)

    So aside from DOS I'd be good using DO?

    Absolutely. We don't monitor traffic for application layer abuse. (Just not reasonable to do so)

    Thanked by 1Ympker
  • @jarland said:

    @Ympker said:

    @jarland said:
    From what I'm reading you want to run a service on the server and then try to remotely exploit said service. That isn't a problem, and you can be sure others are trying to do it to your public facing services on servers anyway. It won't generate abuse complaints because you would have to be the one sending them.

    Of course, DOS is strictly not allowed basically anywhere that you want to be :)

    So aside from DOS I'd be good using DO?

    Absolutely. We don't monitor traffic for application layer abuse. (Just not reasonable to do so)

    awesome :) Glad to hear that! will be using DO once more I guess :P When Im finished with my local vms testing that is^^

  • @Ympker said:

    >

    [...]

    >

    Well obviously I will try to do as much as possible via VirtualBox but the idea of hacking into an actual production evironment with vms that are already pre-configured to be secure by the provider (as most providers templates are) seem interesting to exploit :)

    I could not let your comments sit without a response. I am surprised that others have not bothered.

    Your assumption that most provider's templates are secure is not valid. Templates (or .iso images) are downloaded by providers from public sources and not updated as often as you would expect. I have observed templates at several providers that were more than a year out-of-date from current. The same is true for .iso image files. Of course, you can get updates for your newly installed operating system on your VPS, but whatever fixes are included in those updates may represent vulnerabilities that were discovered and patched. Obviously you can exploit them until you apply the patches.

    Kali on a VPS would have the advantage of having more mbps than my home connection and thus could launch stronger DoS attacks (in case I find a host that would allow that).

    Ignoring the fact that no provider will accept a live DoS attack on their network, whether or not you "own" the source and/or the target, I am trying to imagine any kind of reasonable use case for testing a live DoS attack against a VPS that is not better performed in a lab or virtual environment. What could you possibly learn from such a live test that cannot be learned in a safe, isolated environment?

    Important Clarification for Other Readers: I know that there are many types of DoS attack, not just ones that involve large volumes of network traffic. Ympker specifically mentioned the advantage of using Kali on a VPS due to having "...more mbps than my home connection...", so I assume that Ympker wants to test attacks that require large volumes of network traffic.

    Anyway I guess I will try to go as far as I get with VirtualBox and then try the rest using a dedicated server with some VMs :P

    This is a sensible statement, until you get to "... and then try the rest using a dedicated server with some VMs." What is the difference between your "dedicated server with some VMs" and a computer at home with some VMs, unless you are planning to put live attack traffic on someone else's network?

    I wonder whether Ympker is aware that there are sources of ready-to-download virtual machines, explicitly designed to teach pen testing skills, often with hints and step-by-step instructions if you get stuck, with increasing levels of difficulty to challenge advanced students. Try here, for starts:

    https://www.vulnhub.com
    Look under "Help" for "Setting up a Lab"

    Thanked by 1doughmanes
  • @emg said:

    @Ympker said:

    >

    [...]

    >

    Well obviously I will try to do as much as possible via VirtualBox but the idea of hacking into an actual production evironment with vms that are already pre-configured to be secure by the provider (as most providers templates are) seem interesting to exploit :)

    I could not let your comments sit without a response. I am surprised that others have not bothered.

    Heya @emg and thanks for your reply :) I will try to answer asap^^

    Your assumption that most provider's templates are secure is not valid. Templates (or .iso images) are downloaded by providers from public sources and not updated as often as you would expect. I have observed templates at several providers that were more than a year out-of-date from current. The same is true for .iso image files. Of course, you can get updates for your newly installed operating system on your VPS, but whatever fixes are included in those updates may represent vulnerabilities that were discovered and patched. Obviously you can exploit them until you apply the patches.

    Well aren't there some providers that add pre-configured iptables, fail2ban or other allow ssh-key access only? Anyway I get where you are coming from and about most budget providers you might be right.

    Kali on a VPS would have the advantage of having more mbps than my home connection and thus could launch stronger DoS attacks (in case I find a host that would allow that).

    Ignoring the fact that no provider will accept a live DoS attack on their network, whether or not you "own" the source and/or the target, I am trying to imagine any kind of reasonable use case for testing a live DoS attack against a VPS that is not better performed in a lab or virtual environment. What could you possibly learn from such a live test that cannot be learned in a safe, isolated environment?

    Important Clarification for Other Readers: I know that there are many types of DoS attack, not just ones that involve large volumes of network traffic. Ympker specifically mentioned the advantage of using Kali on a VPS due to having "...more mbps than my home connection...", so I assume that Ympker wants to test attacks that require large volumes of network traffic.

    Regarding that my home network will obviously be knocked down in an instant by a DDos/DoS attack whereas with a real server I can see how long it would withstand such an attack in unprotected/protected environments and how to optimize that time by taking further security measures. No use in a home connection for that though.

    Anyway I guess I will try to go as far as I get with VirtualBox and then try the rest using a dedicated server with some VMs :P

    This is a sensible statement, until you get to "... and then try the rest using a dedicated server with some VMs." What is the difference between your "dedicated server with some VMs" and a computer at home with some VMs, unless you are planning to put live attack traffic on someone else's network?

    See above^^

    I wonder whether Ympker is aware that there are sources of ready-to-download virtual machines, explicitly designed to teach pen testing skills, often with hints and step-by-step instructions if you get stuck, with increasing levels of difficulty to challenge advanced students. Try here, for starts:

    https://www.vulnhub.com
    Look under "Help" for "Setting up a Lab"

    I am just learning so that sounds interesting and I am aware that there are some sources but my course hasn't mentioned a lot just yet.

  • emgemg Veteran
    edited September 2016

    @Ympker said:

    >

    Regarding that my home network will obviously be knocked down in an instant by a DDos/DoS attack whereas with a real server I can see how long it would withstand such an attack in unprotected/protected environments and how to optimize that time by taking further security measures. No use in a home connection for that though.

    Wrong. You assume that I mean for you to attack your slow home connection from an external device on the internet. That is incorrect. You should run everything, especially DoS attacks, on an isolated local network or virtual network inside a virtual machine environment.

    Your internal home network (the part that never reaches the internet) and the virtual network on your home computer (alone) are very fast. My internal network at home is full gigabit speed (1 gigabit/sec) which is common and cheap. 100 megabit/sec is older, but still very fast and even cheaper. I never bothered to measure the effective network speeds on virtual networks, but trust me, they are also very fast.

    There are free and built-in Windows and Linux tools available for you to configure network parameters to slow them down, add latency, or set a percentage of dropped datagrams, to simulate real-world networks down to dialup if you wish. (Linux: search for "tc" and "netem".)

    That's all you need. I will say it once again. It does not make sense for you to run pen testing and especially DoS testing on VPS provider networks or the open internet. You can do everything you need on an isolated private network and/or virtual machines at home. It will give you all the performance you need.

    Configuring and managing isolated test environments is a very important skill for student pen testers to learn, too.

    If you insist on installing and running the tools you mentioned in live VPSs on provider networks and the public internet, then I hope you get caught and face the consequences. You will certainly be noticed, whether you realize it or not. It is a shame, because there is absolutely no need for you to do that. Discuss it with your professor or instructor.

    This is the last advice I will give you. I am done.

  • @emg said:

    @Ympker said:

    >

    Regarding that my home network will obviously be knocked down in an instant by a DDos/DoS attack whereas with a real server I can see how long it would withstand such an attack in unprotected/protected environments and how to optimize that time by taking further security measures. No use in a home connection for that though.

    Wrong. You assume that I mean for you to attack your slow home connection from an external device on the internet. That is incorrect. You should run everything, especially DoS attacks, on an isolated local network or virtual network inside a virtual machine environment.

    Your internal home network (the part that never reaches the internet) and the virtual network on your home computer (alone) are very fast. My internal network at home is full gigabit speed (1 gigabit/sec) which is common and cheap. 100 megabit/sec is older, but still very fast and even cheaper. I never bothered to measure the effective network speeds on virtual networks, but trust me, they are also very fast.

    There are free and built-in Windows and Linux tools available for you to configure network parameters to slow them down, add latency, or set a percentage of dropped datagrams, to simulate real-world networks down to dialup if you wish. (Linux: search for "tc" and "netem".)

    That's all you need. I will say it once again. It does not make sense for you to run pen testing and especially DoS testing on VPS provider networks or the open internet. You can do everything you need on an isolated private network and/or virtual machines at home. It will give you all the performance you need.

    Configuring and managing isolated test environments is a very important skill for student pen testers to learn, too.

    If you insist on installing and running the tools you mentioned in live VPSs on provider networks and the public internet, then I hope you get caught and face the consequences. You will certainly be noticed, whether you realize it or not. It is a shame, because there is absolutely no need for you to do that. Discuss it with your professor or instructor.

    This is the last advice I will give you. I am done.

    Thanks for the heads up. Will be looking out for these tools^^

Sign In or Register to comment.