Network and Security

Medusa Medusa is a log-in brute forcer that attempts to gain access to remote services by guessing at the user password. Medusa is capable of attacking a large number of remote services including FTP, HTTP, MySQL, Telnet, VNC, Web Form, and more. In order to use Medusa, you need several pieces of information including the target IP address, a username or username list that you are attempting to log in as, a password or dictionary file containing multiple passwords to use when logging in, and the name of the service you are attempting to authenticate with. Medusa comes installed on Backtrack 5. However, if you are using a different version of backtrack without Medusa type: apt-get update apt-get install medusa When using online password crackers, the potential for success can be greatly increased if you combine this attack with information gathered from reconnaissance and scanning. An example of this is when you find usernames, passwords, and email addresses. Programs like Med

What is Penetration Testing? Penetration testing is the legal and authorized attempt to exploit a computer system with the intent of making a network or system more secure. The process includes scanning systems looking for weak spots, and launching attacks and prove that the system is vulnerable to attack from a real hacker. Penetration Testing has several names: Pen Testing Ethical Hacking White Hat Hacking As you learn more about the art of hacking, you will see three terms used a lot. The white hats , the black hats , and the gray hats . The white hats are the “good guys”. They hack systems and networks so that the black hats (“bad guys”) can not. The black hats, also known as “ crackers ” are those that use hacking with malicious intent. They’re the ones that want to steal company secrets or your credit card information. For this reason, it is important for the white hats to know the tools and tricks of the black hats to stay a step ahead of them. As for the gray hats, t

ownload the Backtrack 5 ISO Head over to: http://www.backtrack-linux.org/downloads/ Then click the download button. After that, you will be able to pick the version of backtrack that you want. I am going to recommend Backtrack 5 R3 since it is the most up-to-date. The window manager is up to you, but I am going to use gnome. Since I will be using backtrack in a virtual machine, the 32 bit version will be fine. We want the ISO because we can use it on a DVD, a USB flash drive, and install on a virtual machine. Direct download or torrent download is up to you. The file is little over 3 GBs, so it may take some time depending on your internet speeds. Setting up a Virtual Machine A virtual machine (VM) is the software implementation of a physical computer. In other words, it’s having another computer on your current computer. If you have never used a virtual machine it is a good time to start. VMs are excellent when it comes to practice labs which we will get to in another sect

Scripting Command Shell Scripting A shell is the interface between the user and the operating system. It allows us to run programs, copy files, and perform a number of tasks. All operating systems have a shell of some form. A shell might be a graphical user interface (GUI), such as Microsoft Windows. Or it could be text-based which allows us to run commands by typing them out. Windows 7 Command Prompt A script is a program-like file that runs many commands at one time. There are even “programming” languages for scripts known as scripting languages. A shell script is wonderful tool we can add to our penetration testing toolbox. A shell script is a program written in a scripting language which is used to interface in some way which the shell of the operating system. Since this site is about backtrack tutorials, I will be using backtrack 5 for most of my examples. Fire up the terminal and lets run some commands! Bash Basics Since we are using backtrack, lets open up a te

Metasploit Tutorial: Introduction Metasploit Terms MSFconsole MSFcli Armitage MSFpayload MSFencode Metasploit is a valuable tool in pen testing a network. However, it can be very confusing for a beginner. These metaspolit tutorials will help you get up and running with metasploit. Most of our hacking will be targeted to windows machines. As a reminder and site disclaimer: I am not responsible for your actions! This is for education only! Recommended Reading: Metasploit: The Penetration Tester’s Guide A Book that will show you most of the metasploit framework. However, it leaves you to discover the true power of metasploit for yourself. Overall, highly recommended Air Sealed Tent . Metasploit Terms Exploit – to take advantage of a security flaw within a system, network, or application. Payload  – is code that our victim computer to execute by the metasploit framework. Module  – a small piece of code that can be added to the metasploit framework to execute an attack. Shellc

There is no need to introduce armitage, if you are related to the world of penetration testing so you have an idea about armitage and if you are new to the world of ethical hacking than click here to learn about Armitage and click here for Metasploit. Backtrack 5 is on fire now after installation backtrack 5, you need to setup armitage to perform a effective pen testing, if you are using some older version of backtrack and if you are using other Linux distro like ubuntu than click here to learn how to install armitage. You dont need to install armitage on backtrack5 because it is available on backtrack5, just follow the steps to run armitage on bt5. Requirement Backtrack 5 (Click here to learn) Java Metasploit MySQL All the requirement is available on backtrack5, so you need not to worry about it. Open your backtrack and click on Application --> backtrack --> Exploitation tools --> Network exploitation tools --> Metasploit framework --> Armitage On the next windows click

Metasploit the father of all the exploits is nothing but a database and a great tool that contain exploits for different services for different operating system that can be listen on different ports. Metasploit for remote hacking and metasploit for remote exploits, these are the most important question that most of the people are asking about. We have got different request to write about Metasploit and SET remote exploits or remote hacking so in this tutorial we will look around metasploit remote desktop hacking. Metasploit is based on different modules like, exploits, payload and so on. We can launch an attack against any operating system if and only if we find the suitable exploits against the operating system, however there is a autopwn that can search all the available exploits against a vulnerability but it takes time for remote or metasploit wan hacking. Requirement Operating system (backtrack 5 in my case) Metasploit Brain If you are behind a router than you need to forward a po

Nessus is one of the best vulnerability scanner and vulnerability management but if you are open source lover than you can choose OpenVAS (a vulnerability scanner), Nessus and openVAS are not only a player in vulnerability scanning and management there is another tool for vulnerability scanning called Nexpose. Although Nessus and OpenVAS are available on backtrack 5 and can be integrate with metasploit for the best result, but in some cases we need more results so it is possible to use maximum vulnerability scanning tool in the process of penetration testing and ethical hacking.   Metasploit Autopwn With Nessus Backtrack 5 Tutorial Nessus Setup On Backtrack 5 Integrate Nessus With Metasploit- Tutorial After different tutorial of Nessus and Metasploit in backtrack machine we have decided to share something about nexpose, however I have used Nessus for a year but now decided to test Nexpose because of Rapid7. Nexpose vs Nessus is totally another topic that we will discuss here but in my

Fast-Track is one of the best and fastest tool that will give an advance feature to make the penetration testing fast and easy, now look what fast-track tag line say “Where its OK to finish in under 3 minutes” So if it is OK to finish under 3 minute than why we waste time. On a previous fast-track tutorial on backtrack 5 we have discussed the command window of fast-track with client side attack, however fast-track has web interface too and it is very to easy to use for both autopwn and client-side attack. What Is Fast-Track Mass Client-Side Attack ? The Fast-Track Mass Client-Side attack starts a custom HTTP Server on port 80. A default website is popped up and iframes injected into the html code. Metasploit is then loaded through msfconsole and has multiple exploits waiting on different ports. As soon as someone connects to you, the listeners fire off and attack the client with various Metasploit Client-Side attacks. Fast-Track Tutorial on Backtrack So as usual I am using backtrack ma

There are many new user of metasploit (beginner of metasploit) ask use to write a basic introductory article about the basic metasploit command and basic usage of metasploit, however we have shared different advance and mid level metasploit tutorial on backtrack 5 you can learn different commands from these tutorials but here is the list of the best and most common commands that are used in metasploit for different purposes. Later on we will share meterpreter commands as well. Metasploit is the database of all exploits and a software that contain information about different exploits so here is the basic usage of metasploit, I am using backtrack 5 machine for this tutorial however if you are using other Linux distribution or windows OS than it is fine but the requirement is Metasploit. Msfconsole Msfconsole is a console or a command windows of metasploit that will give you the full support of internal and external metasploit commands, there was a web interface of metasploit but now we d

If you are active in the community of Penetration tester/ethical hacker than you have heard about metasploit, because it is the most famous tool and used by the most penetration tester as well as used by the hackers. Metasploit is an open source security (Computer) project that contain the information about vulnerabilities. If you just put all the available exploit in a single place than the phenomena of metasploit occur. Metasploit framework is a sub project and is use to execute exploit code against a machine and get the desire task done. Before discussing how to do all the things, you need to understand some basic terms like, vulnerability, exploit and payload. Vulnerability is a weakness or a hole by which an attacker can compromise a machine. Exploit may be a piece of code is an attack that takes advantage of a vulnerability. A payload is the piece of software that lets you control a computer system after it’s been exploited. Metasploit project provides metasploit pro, metasploit

Information gathering or foot printing is the vary first step of hacking process and we have discussed so many tutorials for information gathering on backtrack 5 and on other OS like ubuntu and windows. In this article you will learn how to gather information from Metadata of public document from victim websites and the tool is Metagoofil. Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) available in the target/victim websites. It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web applications, vpn, etc. Also it will extract a list of disclosed PATHs in the metadata, with this information you can guess OS, network names, Shared resources, etc. How to Install Metagoofil on Backtrack 5 r1, Ubuntu and Windows The installation process of Metagoofil on Debian based operating system li

SQL injection is most dangerous attack for web application, there are a lot of different websites are vulnerable to SQL injection. There are different variant for SQL injection like a simple SQL injection, blind SQL injection and Cookies based SQL injection. As you know the basic idea about cookies and their importance, cookies are represent some session and normally they count in cross site scripting attack (XSS) but what is cookies based SQL injection. In this article we will discuss cookies or session based SQL injection attack. Did you say a “Cookie” ? A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user’s browser and for the browser to return the state information to the origin site. The state information can be used for authentication, identification of a user session, user’s preferences, shopping cart contents, or anything else that can be accomplished through storing text data. Cookies are not s

Backtrack is the best Linux distribution for penetration testing and ethical hacking purposes, backtrack 5 R1 is the latest one and as discussed tutorials about backtrack 5 are also applicable on backtrack 5 R1. So in this tutorial I will tell you how to install damn vulnerable web application on backtrack machine, however you can install damn vulnerable web application on windows, MAC and some other Linux distribution like Ubuntu process is approximately same. What Is Damn Vulnerable Web Application? Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment. It is a best platform to practice web application hacking and security. Damn Vulnerable Web Application Tutorial Bac

When it comes to learning how to perform penetration testing with Backtrack 5, you probably know how tough it looks. Hopefully, with this Backtrack 5 Tutorial, we’re going to change that for you. What if you don’t even know what penetration testing is? Well, before we get started, we’re going to tell you. In a nutshell, penetration testing is a way for an individual (or company) to test the security of a network. It sounds a lot like hacking, doesn’t it? Don’t worry! It’s perfectly legal as long as you are using it with good intentions such as exploiting your own network and using the tool to make your network more secure. Believe us when we say this, there is a big demand for this. After all, if you can get into a company’s network then that means that someone else probably can to. You’ll also hear of penetration testing referred to as ethical hacking or white hat hacking. Either way, it’s all the same. In the Backtrack 5 Tutorial below, we’re going to walk you through the 4 basic ste

Command Shell Scripting A shell is the interface between the user and the operating system. It allows us to run programs, copy files, and perform a number of tasks. All operating systems have a shell of some form. A shell might be a graphical user interface (GUI), such as Microsoft Windows. Or it could be text-based which allows us to run commands by typing them out. Windows 7 Command Prompt A script is a program-like file that runs many commands at one time. There are even “programming” languages for scripts known as scripting languages. A shell script is wonderful tool we can add to our penetration testing toolbox. A shell script is a program written in a scripting language which is used to interface in some way which the shell of the operating system. Since this site is about backtrack tutorials, I will be using backtrack 5 for most of my examples. Fire up the terminal and lets run some commands! Bash Basics Since we are using backtrack, lets open up a text editor (vi, emacs, gedit,

Scanning The scanning process can be divided into three steps: Determining if a system is active. Port scanning the system. Scanning the system for vulnerabilities. Step 1 is the process of determining whether a target system is turned on and capable of communicating or interacting with our machine. This step is the least reliable and we should always continue with steps 2 and 3 regardless of the outcome of this test. Regardless, it is still important to conduct this step and make note of any machines that respond as alive. Ports provide a way or location for software and networks to communicate with hardware like a computer. A port is a data connection that allows a computer to exchange information with other computers, software, or devices. Common Ports and their Service Port      Number Service 20        FTP data transfer 21        FTP control 22        SSH 23        Telnet 25        SMTP (e-mail) 53        DNS 80        HTTP 443      HTTPS Pings and Ping Sweeps A ping is a special

Metasploit Tutorial: Introduction Metasploit Terms MSFconsole MSFcli Armitage MSFpayload MSFencode Metasploit is a valuable tool in pen testing a network. However, it can be very confusing for a beginner. These metaspolit tutorials will help you get up and running with metasploit. Most of our hacking will be targeted to windows machines. As a reminder and site disclaimer: I am not responsible for your actions! This is for education only! Recommended Reading: Metasploit: The Penetration Tester’s Guide A Book that will show you most of the metasploit framework. However, it leaves you to discover the true power of metasploit for yourself. Overall, highly recommended Air Sealed Tent. Metasploit Terms Exploit – to take advantage of a security flaw within a system, network, or application. Payload – is code that our victim computer to execute by the metasploit framework. Module – a small piece of code that can be added to the metasploit framework to execute an attack. Shellcode – a small pie