Often when conducting penetration tests, there is a need to carry out full-fledged black box testing. This is where a security professional has to deal with firewalls or other restriction mechanisms on the customer’s end. This can be an interference as penetration testers try executing checks which may be blocked periodically by, for instance, user-agent or IP address.
If there wasn’t a gray or white box testing model and our IP is not whitelisted, what can be done to bypass limitations regulated by a customer? There’s of course the possibility to evade limitations by switching our user-agent and IP address.
When we talk about user-agent, it’s easier as you may only need to install a plugin for your web browser, or switch agent in your script through a particular function. But what about the IP address? Let’s look at the pros and cons of some available methods that you can use to hide your IP address, mask your activities, evade firewalls and bypass bans.
Table of Contents
What is a Proxy Server
Proxy servers have several forms.
HTTP relays GET/POST request. It can add your IP address to request header and store your entire history of interaction with the site.
Pros
- Supported by almost every browser
- Anonymity (if used properly)
- DNS query on behalf of server
Cons
- Works for HTTP protocol only
- Server history
- Can filter and replace data with proxy server
For a SOCKS Proxy, the browser will open TCP (sometimes UDP) sockets on the server’s behalf. Depending on the browser, you can also use the local DNS server and the site can track you by issuing a unique name for every request and remembering the addresses from where the DNS queries come.
Pros
- Anonymity (when used correctly)
- DNS queries on server’s behalf (Chrome)
- Can forward an arbitrary TCP connection (for instance, SSH)
Cons
- DNS queries on client’s behalf (Firefox)
- Server history
- Can filter and replace data with proxy server
What is a Virtual Private Network
A VPN allows a user to send and receive any data across public or shared networks. Hence, applications that run on a device across a Virtual Private Network can take advantage from the security, management and functionality of the private network. When using a VPN, the most common solution is an OpenVPN. It provides many features such as the possibility to work through UDP, undergoing NAT using SSL/TLS, split tunnelling and much more.
Pros
- More reliable
- Higher capability
- Better encryption
- Can be used as a VPN inside a VPN
- Easier to use with a large number of tools
Cons
- One IP for everything
- Takes longer to connect
- Hard to switch IPs
What is TOR
Tor network is an anonymising technology to help you get access to Tor network along with hiding your real IP address. You can either install the Tor browser or run your Tor service on a remote server used as a proxy.
You can switch your IP by using the option provided in your browser or by restarting your server’s Tor service
Pros
- Free
- Easy to use
- Quick with changing locations and IPs
Cons
- Anyone on the exit node is able to monitor your traffic
- You cannot use Tor the same way as proxy. It’s more like the VPN method
Black box penetration test quote
Whether you are looking for a whitebox or blackbox assessment, Aardwolf security can fulfill your requirement. Get in touch today to find out more or use our interactive pen test quote form.