Backtrack

edited March 2011 in Tech & Games
Decided to start learning how to use Backtrack properly. I remember a couple years ago I threw myself in at the deep end and didn't understand a word - kinda just left it after that.

Well, a couple days ago I burned my Backtrack 4 R1 ISO, formatted my laptop and installed BT to the hard drive.

Since then, I've been reading like a mad man, trying to get my head around the very basic shit such as WEP cracking and running port scans, etc.

My train of thought is something like this...

Crack WEP key
Run port scan to identify open ports and services
Exploit with Metasploit to gain admin access on victim's PC
Install backdoor for later access

I dunno, that seems like a good start.

Anyone else using Backtrack here? Would be good to get some tips.

Comments

  • OnesanOnesan Acolyte
    edited October 2010
    The biggest thing when i first started with it was finding targets to test against, so first off give yourself some
    http://feedproxy.google.com/~r/metasploit/blog/~3/wauiPEAqmXY/introducing-metasploitable.html
    its frustrating especially when your starting to know whether its you screwing up, the framework, or just something that slipped your mind, so help yourself by taking at least one extra problem out of the equation :)

    I use it a fair bit so feel free to ask questions, ill try to remember to pay attention to this thread

    EDIT
    Cracking wep keys is pretty simple, depending on the network and how discreet you want to be it can be as simple and non intrusive as just sitting there with kismet running and doing a offline attack against the captured packets
    painfully slow compared to active attacks but like i said, discreet.
  • edited October 2010
    Thanks for that link. If you have any other useful ones, I'd be very grateful. I've been reading a lot about using Metaploit, I'll set up that VMWare image in a minute and give this a shot :D

    As for the WEP cracking - how "loud" is it (as opposed to discreet)? I just thought it involved sitting there capturing enough IV's for aircrack to run, which doesn't sound very loud or intrusive at all. Please let me know if the method I'm using is noticeable! Is there a particularly intrusive attack method?

    I cracked my own network, just to make sure that I was doing everything correctly. It went in this order...
    • Running airodump-ng to have a look at the available networks. (I seem to prefer this over Kismet)
    • Setting up card in monitor mode on the channel I wanted.
    • Testing to see if injection works with the selected AP
    • Start capturing IV's with airodump-ng
    • Perform a fake authentication with the AP using Aireplay
    • Using Aireplay in ARP Request Replay mode to generate some IV's
    • Crack the WEP key using the captured IV's
  • duuudeduuude Regular
    edited March 2011
    How complicated is Backtrack for someone who doesn't know much about Linux?? I've used Ubuntu quite a few times and I've used a version of Fedora once or twice, but I want to try something new.
  • KraneKrane Regular
    edited March 2011
    duuude wrote: »
    How complicated is Backtrack for someone who doesn't know much about Linux?? I've used Ubuntu quite a few times and I've used a version of Fedora once or twice, but I want to try something new.

    Backtrack is Ubuntu, version 8 that the developers just skinned it and added pre-installed network security tools.
  • duuudeduuude Regular
    edited March 2011
    Krane wrote: »
    Backtrack is Ubuntu, version 8 that the developers just skinned it and added pre-installed network security tools.

    :facepalm: Thanks for the heads up, I really don't know shit. What would you suggest to a noob that's already tried Ubuntu?>
  • edited March 2011
    duuude wrote: »
    How complicated is Backtrack for someone who doesn't know much about Linux?? I've used Ubuntu quite a few times and I've used a version of Fedora once or twice, but I want to try something new.

    It depends on what you're using it for. If you're looking at using the tools on there then it's as hard as you make it, as certain tools require different skill levels and a whole shit load of reading time. If you're using it as a primary OS and you have no interest in the tools then I honestly wouldn't bother. Stick with a more friendly Linux distro, as it will be more secure and you won't be bogged down by a shit load of tools which you'll never use.

    As far as Backtrack goes, it's not very friendly. Like I said, what are you going to be using it for? If I were you, I'd get to know the basics of Linux in general before using it.
Sign In or Register to comment.