Monday, November 22, 2010

BACKTRACK 4....lets start with it...

Linux distributions specially designed for penetration testing, security auditing, incidence handling, system investigation and analysis, data recovery, and other useful tasks.
Today, we will review another high-end, security-oriented distribution, BackTrack.



Introduction

BackTrack is one of the more popular distributions in the white hat circles. It is specially suited for penetration testing, with more than 300 tools available for the task. Like both Helix and Protech, BackTrack is based on Ubuntu. This means good stability and hardware detection and a whole lot of software that can be easily obtained.

Sound quite interesting. Let's see how it behaves. We're going to check version 4 Beta.

Lots of great stuff

Like most Linux distros - and definitely all forensics/security-oriented tools, BackTrack works primarily as a live CD, with good hardware detection and low memory footprint, intended to make it usable even on older machines. It is also possible to install BackTrack, should one desire.

The boot menu is simple and elegant, with three options.



The second option (Console no FB) stands for Console no Framebuffers, i.e. the failsafe mode with minimal graphics that should work well on all hardware. Thanks k finity! As to the third option, MSRAMDUMP, I did try booting it, but this produced an error and threw me back into the boot menu.

Anyhow ...

The distro maintains its elegance by booting into the best-looking console I have seen, with stylish color gradients and mirror effects. You can begin working instantly on the command-line or boot into GUI desktop by issuing startx command.





One thing worth noting in the screenshot above is the mounting error on hda1, which is formatted with Ext4, a relatively new filesystem. In fact, the system I booted BackTrack on hosts a Jaunty install, with the Ext4 root partition. This is something that will probably be solved in future releases.

Desktop

The desktop is simple and functional, running a lightweight KDE3 manager. You get a simple wallpaper with dragon-like theme. Another interesting element is the Run box embedded in the panel, which allows you to run applications without invoking a terminal first.

Desktop



The network is not enabled by default and you'll have to fire it up manually.

Tools

BackTrack is all about lots and lots of hacking tools. Once again, I'm only going to present the tools, not show you how to use them. These tools are all double-edged swords, and without the right amount of respect, skill and integrity, you may cause more harm than good. Furthermore, do not deploy them in a production environment without the explicit approval from system administrators and INFOSEC people.

The tools can all be found under Backtrack in the menu, arranged into sub-categories. The collection is long and rich and it will take you a long time pouring over all of them, let alone mastering them. Most of the tools are command-line utilities, with menu items a link to the console with the relevant tool running inside it.


A few practical examples, there's the venerable nmap, Hydra and hping3:

nmap

hydra

Hping3




You may also want to audit Bluetooth devices. On the test machine, there are no Bluetooth devices, which explains the error you see below.

Then, there's the gdb (GNU Debugger) for analyzing crash dumps and memory cores.

Last but not the least, you get the great Wireshark (formerly Ethereal):

Other programs

BackTrack is mainly loaded with security applications, however it also has a reasonable assortment of "normal" programs. You get Firefox, already configured to use the exceptional Noscript extension.


You also get Synaptic, which makes software management easy and pleasant:




You also have Wine for Windows software.

WINE

And then, you can change wallpapers and get classic KDE looks.

Wallpaper

How I miss that wallpaper! To the best of my knowledge, it has not been included in most KDE releases since Kubuntu 6.06.

You can find more stuff in the K-menu:


K-menu

Errors

Being a beta, BackTrack 4 was not the most stable distro. In addition to the Ext4 error during the boot, there were some other problems. For example, both Lynx text browser and QtParted partitioning software refused to work.

Lynx

QtParted

Other things

One thing that may bother you is the issue with the documentation section on the official site. It's secure site, self-signed with an expired certified, at last when this article was written, although the expiration has been in effect since August 2008.

This is not something you expect to see on a site catering to the security-conscious audience.

Furthermore, there's the small issue of inconsistency when it comes to application names. For example, BlueSmash shows up as blue-smash on the command line, hping3 has a capital H in the menus, etc. BackTrack itself also comes in two flavors, with both lowercase and uppercase Ts.

Overall, there were no big issues, except for the occasional application errors.

Conclusion

BackTrack is a powerful hacking suite. It is well made, with stylish touches that add to the overall feel of the distribution. It runs very fast in the live mode, even faster than most installed distributions. Most importantly, the array of tool is rich, well balanced and overall quite impressive.

The Beta version did throw a few errors here and there, but it was nothing major. Small consistency issues also arise, and there's the lack of support for Ext4, which I expect will be solved soon. Documentation needs to be improved, starting with the website SSL certificate and continuing with lots of questions regarding the general usage.

Nevertheless, for security professionals looking for a complete testing package that has all their favorite gadgets neatly arrayed, on top of a stable, popular distribution and with Synaptic package management for easy replenishment of any missing bits, BackTrack is an excellent candidate for their work.



HAVE FUN>>>

Monday, November 8, 2010

BACKTRACK 4 R1... thats what a hacker need

Introduction

BackTrack is the world’s leading penetration testing and information security

auditing distribution. With hundreds of tools preinstalled and configured to run out of the box, BackTrack 4 provides a solid Penetration testing platform ‐ from Web application Hacking to RFID auditing – its all working in once place.

BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking

History

BackTrack has a long history and was based on many different linux distributions until it is now based on a Slackware linux distribution and the corresponding live-CD scripts by Tomas M. (www.slax.org) . Every package, kernel configuration and script is optimized to be used by security penetration testers. Patches and automation have been added, applied or developed to provide a neat and ready-to-go environment.

Different version of backtrack.

Date Release

February 5, 2006 BackTrack v.1.0 Beta

May 26, 2006 The BackTrack project released its first non-beta version (1.0).

October 13, 2006 BackTrack 2 first public beta released.

November 19, 2006 BackTrack 2 second public beta released.

March 6, 2007 BackTrack 2 final released.

December 17, 2007 BackTrack 3 first beta release.

June 19, 2008 BackTrack 3 final released.

February 11, 2009 BackTrack 4 first beta release. (It's now based on Debian)

June 19, 2009 BackTrack 4 pre-final release.

January 9, 2010 BackTrack 4 final release.

May 8, 2010 BackTrack 4 R1 release

You can download your new copy of backtarck from :

http://www.backtrack-linux.org/downloads/

Thing you can do with backtrack-4 R1

BackTrack tools are arranged by parent categories. These are the categories

that currently exist:

BackTrack ‐ Enumeration

BackTrack ‐ Tunneling

BackTrack ‐ Bruteforce

BackTrack ‐ Spoofing

BackTrack ‐ Passwords

BackTrack ‐ Wireless

BackTrack ‐ Discovery

BackTrack ‐ Cisco

BackTrack – Web Applications

BackTrack ‐ Forensics

BackTrack ‐ Fuzzers

BackTrack ‐ Bluetooth

BackTrack ‐ Misc

BackTrack ‐ Sniffers

BackTrack ‐ VOIP

BackTrack ‐ Debuggers

BackTrack ‐ Penetration

BackTrack ‐ Database

BackTrack ‐ RFID

BackTrack – Python4

BackTrack – Drivers

BackTrack ‐ GPU

Conclusion

Backtarck 4 R1 is new realease of distributions where you can get all tools which you want. Whether you’re hacking wireless, exploiting servers, performing a web application assessment, learning, or social-engineering a client, BackTrack is the one-stop-shop for all of your security needs.