If you are a pen tester or white-hat hacker, chances are that you are costumed with various tools needs to perform a task. However, one major difference between most ethical hackers and black hat ones are the additional anonymity tools employed by the latter group.
In this article, we are going to present the reasons for buying HTTP proxies and how to use them in penetration testing by white hat hackers. Also, some will consider using Tor for anonymity, but we are going to show why somebody can’t use Tor for penetration testing.
BUY HTTP PROXIES FOR ANONYMITY
An ethical hacker will never buy HTTP proxies to better hack into a system. He will buy HTTP proxies to add an extra layer of anonymity and hide the real IP and location from where the penetration testing takes place.
Some might argue that hackers can use public proxies and there is no need to pay for private ones. While this argument sounds valid, it is incomplete. Public proxy servers are not safe to use and passing sensitive information through them can be dangerous and prone to a man in the middle attack. Therefore, a pen tester hacking into a system can’t use a public proxy server and get hacked himself.
Therefore, the best option for pen testers is to use private proxy servers and buy HTTP proxies to mask their IP and location.
WHITEHAT vs BLACKHAT
Unfortunately, the same tools used by white hat hackers are also used by blackhat ones. This is an issue that can’t be controlled by anybody. However, it offers a clear image over which tools work and which do not.
Blackhat hackers use private HTTP proxies and not public proxies to perform their attack. Thus, it is safe to assume that private proxies, either dedicated or shared proxies, are a powerful tool that covers the tracks of hacking activity. Thus, these proxies can be employed by white hat hackers for pen testing.
HTTP PROXIES vs TOR
Some users will argue that Tor is a better tool for anonymity and hackers, both whitehat and blackhat, should use them.
Indeed, Tor is a great tool and anybody should use it. However, Tor is not a tool that can be used for hacking. First, Tor is a browser that diverts a query through a series of IPs, thus making almost impossible the connection between a query and the IP from where it started. However, Tor can’t be used outside its browser. Thus, the best way to use Tor in the pen-testing process is for gathering information during the reconnaissance stage.
Other than gathering information, Tor is useless for pen-testers because they can not perform any attacks because the tools employed in can’t use the Tor project network to divert and mask their queries. This is the time when HTTP proxies and proxychains come on the main stage.
HOW TO USE HTTP PROXIES FOR HACKING
As it was mentioned above, Tor can be used only through its browser and a hacker can’t use the Tor project’s network outside the browser. Thus, if the hacker wants to perform a SQL injection through a tool such as sqlmap, he will not manage to divert the tool’s requests through the Tor network.
Thus, the hacker must build his own mini-Tor network by using HTTP/HTTPS proxies and create a proxy chain. A proxychain is a tool that allows its user to create a network and divert his queries through proxies. Thus hiding his real IP. Therefore, he can use the sqlmap tool through a proxychains and each request will be diverted through proxies and mask the user’s IP.
Another great advantage of proxychains is that it can use any sort of proxies. Moreover, for extra security, the pen tester can use Internation proxies, outside his countries jurisdictions. Thus, adding one extra layer of safety to his pen testing projects.
Moreover, proxy chains can be used in Linux distributions for pen testers, such as Kali Linux. But the same proxies can also be used on Windows machines through Proxyfier, a tool that diverts traffic through the proxy at a system level.
TO WRAP UP
Whitehat hackers can buy HTTP proxies and use them for penetration testing. They can use these proxies by creating proxy chains and diverting a tool’s traffic through private proxies. And while some will consider using Tor for anonymity, the Tor browser and network can’t be used to divert a tool’s requests. Therefore, the Tor browser use is limited to the information gathering stage.
Comments are closed, but trackbacks and pingbacks are open.