Backtrack 5 R3
By far the most popular live system for finding vulnerabilities is BackTrack 5, which is now in its third revision. The developer of BackTrack consist of a team of international security experts from companies Offensive Security and Tiger Security. The live system is completely under the open source GPL license. New versions appear approximately every six months with updated software packages and tools. BackTrack is based also in the current issue 5 R3 from August 2012 still on Ubuntu 10.04, which is a version of Ubuntu with long-term support and is maintained until April 2013. BackTrack has however get the newer Linux kernel 3.2.6. This is obviously advantageous, especially in terms of hardware support, because with a new Linux kernel always means better drivers for graphics and wireless chips.
BackTrack Linux 5 R2
The desktop of BackTrack Linux 5 R3: A classic Gnome 2:32
Although Backtrack to be pretty tame, thanks to its polished appearing desktop interface and Ubuntu seems innards, the system requires some attention right at the start, because the target audience is the experienced Linux users. And so there are the same after starting the first big surprise: the automatically logged on user gets an immediate root "privileges, which is absolutely unusual for Linux. BackTrack will boot only once in the command prompt, the BASH (Bourne Again Shell). By entering "startx" is built exclusively on the desktop.
- Thematically related posts
- Guides With Ubuntu live systems on the hunt for security holes
- News BackTrack Linux 5 was released R3: Live system for security checks
- RatgeberDie best free security tools
- Guides Ingenious security tools for professionals
- Curbed News Flashback wave on Macs already?
DownloadsCpuburn
Now the PC world issues get updates
The desktop of backtrack
In GUI BackTrack presented with Gnome 2:32 a proven environment, incidentally completely in English. First, the system starts with U.S. English keyboard. You can do this via the menu "System -> Preferences -> Keyboard" changed by the function "layout -> Add" go and select "Germany". In a network with a DHCP server in the wired network is live system is automatically activated.
BackTrack Linux 5 R2
Network management: Wicd takes at Backtrack connect to wired and wireless network
To connect to wireless networks, there is the excellent management tool Wicd, which is located in the top menu bar under with Applications of Internet service.BackTrack 5 R3 starts from the boot menu on the "Stealth", the live system dispenses with the automatic connection to the cable network, so the live system is initially invisible
BackTrack Linux 5 R2
Ready to go:
The boot menu of BackTrack Linux features including a "stealth" mode without network
Overview of Applications
All applications are all housed under the "Applications", the special tools are generally found in the submenu "Backtrack". Here works from an impressive list of categories in which all programs are sorted. Who wants to get to know each tool should look for several hours to take "Information Gathering", all network sniffer, wireless and Bluetooth scanners and tools for database analysis accommodated -.. everything programs that capture passive data The "Vulnerability Assessment" includes among others the famous Scanner Nessus, OpenVAS and Saint to services on the network for known security vulnerabilities tap out.
For network administrators and power users especially the category "Exploitation Tools" is interesting. Classified here are the programs for targeted testing of known vulnerabilities in your own network. For example reaver-wps, wepcrack and the Metasploit Framework with the browser frontend Armitage. Under "Privilege Escalation" There are programs such as THC-Hydra including front-end, which you can tap your passwords on their resistance to hackers. Who wants to test ASP, PHP and Perl constructs for security vulnerabilities is under Maintaining Access search. A very less exciting provide the stress tests for stress testing of networks and servers. The category "Forensics" is a collection of programs for the analysis of such Sleuthkit partitions with NTFS, FAT, and some ext2/3/4 undelete tools. Date of Revision 3 BackTrack got the new category with the Physical Exploitation. Backtrack is about to development environment for Arduino boards to embedded systems and microcontrollers for security vulnerabilities tap out. Advanced development tools such as debuggers and RFID tools round out the suite. Overall, more than 300 individual Backtrack tools for different applications.
BackTrack Linux 5 R2
WPS under fire: wps-reaver in BackTrack analyzed the router to its known WPS Vulnerability
Practical application: WPS uncover gap with reaver-wps
Interests us as an example of the use of a comprehensible program for a comprehensible security problem. The classic is reaver-wps for testing a discovered security hole in late 2011, many of the router using WPS (Wi-Fi Protected Setup) are affected. Open it with Backtrack a terminal window and enter iwconfig one. This allows the device name of the WLAN interface to find out. Assume that the name is "wlan0", put the wireless interface with the following command in the monitor mode: airmon-ng start wlan0 To appeal to the Wi-Fi chip in the monitor mode, use the new additional device name, the previous command outputs. In most cases, the name is simply "mon0". This device name you use now to the BSSID of your router to find out. This is achieved with the following command: airodump-ng mon0
In the list you see now is the BSSID of all matching router within range. (!) The BSSID of the router you own note to the tool then reaver-wps with this command to be recognized: reaver-i mon0-b [BSSID]-vv
Instead of the placeholder [BSSID], enter the physical address, for example, "00:21:64:4 C: FD: 72". The attack may well take several hours to complete and shows on successful completion of your selected WPA/WPA2 password of the router. In this case, you must de-activate WPS on your router, or if the manufacturer offered to import an updated firmware update to fix the vulnerability.
BackTrack Linux 5 R2
On the plate:
The supplied installer is also inherited from the linux Ubuntu ( LTS 10.04)
Installation and upgrade options
As befits a proper distribution, of course, also offers BackTrack Linux installation on the hard drive. So it's not just a pure live system, but is suitable for frequent use as a permanent fixture on your PC. A link to is already on the desktop. Anyone who has worked with Ubuntu meets, to the installation of backtrack an old friend: The installer is taken from Ubuntu 10.04 and sets the system in a few easy steps on the hard disk. They charge backtrack about 11 GB of space. An installed BackTrack Linux has only a prepared root account to login. Whose password is default "toor". If a new version of BackTrack Linux appears to reinstall is not the way compels. Such as Debian and Ubuntu is based on which backtrack, the entire system can be updated with apt-get. So if you still have installed Backtrack 5 R2 is simply the usual update commands to the new software packages.
Conclusion: Well-filled security arsenal
Of course, a perfect live system alone does anybody to security experts, this is a broad general knowledge of Linux and Windows administration and a lot of patience needed for experiments. The live system is. Despite its inviting desktop environment not for complete beginners However, BackTrack Linux 5 R3. An ideal companion for an advanced or power users The extensive program compilation of BackTrack provides for almost every purpose the right tool. Browse long mailing lists, obscure websites and compiling source code and thus largely eliminated after a few simple steps you can jump in and start with the analysis and testing.
However, what we lack is a list of all pre-installed tools. On the project website of backtrack only a partial sum of all available programs is described. A list of the newly added tool displays the release announcement. A more detailed description of the major English-language program offers the wiki of backtrack. It remains to be left to the users to gain an overview of the tools available. Something else to note that some programs are not optimally integrated. Thus, with the forensic tools such as test disc is not set up properly and must be getartet through the terminal with / pentest / forensics / testdisk / testdisk_static. Apart from such minor flaws, however, is one of the most powerful BackTrack Live-systems in this category and bears his cult status to right.
Download and conditions
BackTrack Linux is the same in several flavors available: versions for 32-bit and 64-bit respectively with Gnome 2 or KDE 4 ready for download. Recently there is also a version for ARM processors, this 2nd only with Gnome Depending on the version and desktop environment BackTrack 2.7 to 3.1 GB. As BackTrack is continuously expanded, brings a new revision with a few megabytes more. In spite of no small extent the live system, even with modest hardware requirements. A processor with 1 GHz and a minimum of 256 MB of RAM is sufficient. Using Unetbootin, you can transfer the ISO image of BackTrack on a USB stick and run with it.
