BackTrack 5 Cookbook


BackTrack 5 Cookbook
eBook: $26.99
Formats: PDF, PacktLib, ePub and Mobi formats
$22.94
save 15%!
Print + free eBook + free PacktLib access to the book: $71.98    Print cover: $44.99
$44.99
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Overview
Table of Contents
Author
Support
Sample Chapters
  • Learn to perform penetration tests with BackTrack 5
  • Nearly 100 recipes designed to teach penetration testing principles and build knowledge of BackTrack 5 Tools
  • Provides detailed step-by-step instructions on the usage of many of BackTrack’s popular and not-so- popular tools

Book Details

Language : English
Paperback : 296 pages [ 235mm x 191mm ]
Release Date : December 2012
ISBN : 184951738X
ISBN 13 : 9781849517386
Author(s) : Willie L. Pritchett, David De Smet
Topics and Technologies : All Books, Networking and Servers, Security and Testing, Cookbooks, Networking & Telephony, Open Source

Table of Contents

Preface
Chapter 1: Up and Running with BackTrack
Chapter 2: Customizing BackTrack
Chapter 3: Information Gathering
Chapter 4: Vulnerability Identification
Chapter 5: Exploitation
Chapter 6: Privilege Escalation
Chapter 7: Wireless Network Analysis
Chapter 8: Voice over IP (VoIP)
Chapter 9: Password Cracking
Chapter 10: BackTrack Forensics
Index
  • Chapter 1: Up and Running with BackTrack
    • Introduction
    • Installing BackTrack to a hard disk drive
    • Installing BackTrack to a USB drive with persistent memory
    • Installing BackTrack on VirtualBox
    • Installing BackTrack using VMware Tools
    • Fixing the splash screen
    • Changing the root password
    • Starting network services
    • Setting up the wireless network
    • Chapter 2: Customizing BackTrack
      • Introduction
      • Preparing kernel headers
      • Installing Broadcom drivers
      • Installing and configuring ATI video card drivers
      • Installing and configuring NVIDIA video card drivers
      • Applying updates and configuring extra security tools
      • Setting up ProxyChains
      • Directory encryption
      • Chapter 3: Information Gathering
        • Introduction
        • Service enumeration
        • Determining the network range
        • Identifying active machines
        • Finding open ports
        • Operating system fingerprinting
        • Service fingerprinting
        • Threat assessment with Maltego
        • Mapping the network
        • Chapter 4: Vulnerability Identification
          • Introduction
          • Installing, configuring, and starting Nessus
          • Nessus – finding local vulnerabilities
          • Nessus – finding network vulnerabilities
          • Nessus – finding Linux-specific vulnerabilities
          • Nessus – finding Windows-specific vulnerabilities
          • Installing, configuring, and starting OpenVAS
          • OpenVAS – finding local vulnerabilities
          • OpenVAS – finding network vulnerabilities
          • OpenVAS – finding Linux-specific vulnerabilities
          • OpenVAS – finding Windows-specific vulnerabilities
          • Chapter 5: Exploitation
            • Introduction
            • Implementing exploits from BackTrack
            • Installing and configuring Metasploitable
            • Mastering Armitage – the graphical management tool for Metasploit
            • Mastering the Metasploit Console (MSFCONSOLE)
            • Mastering the Metasploit CLI (MSFCLI)
            • Mastering Meterpreter
            • Metasploitable MySQL
            • Metasploitable PostgreSQL
            • Metasploitable Tomcat
            • Metasploitable PDF
            • Implementing the browser_autopwn module
            • Chapter 6: Privilege Escalation
              • Introduction
              • Using impersonation tokens
              • Local privilege escalation attack
              • Mastering the Social-Engineer Toolkit (SET)
              • Collecting victims' data
              • Cleaning up the tracks
              • Creating a persistent backdoor
              • Man-in-the-middle attack (MITM)
              • Chapter 7: Wireless Network Analysis
                • Introduction
                • Cracking a WEP wireless network
                • Cracking a WPA/WPA2 wireless network
                • Automating wireless network cracking
                • Accessing clients using a fake AP
                • URL traffic manipulation
                • Port redirection
                • Sniffing network traffic
                • Accessing an e-mail by stealing cookies
                • Chapter 8: Voice over IP (VoIP)
                  • Introduction
                  • Using Svmap
                  • Finding valid extensions
                  • Monitoring, capturing, and eavesdropping on VoIP traffic
                  • Using VoIPong
                  • Mastering UCSniff
                  • Mastering Xplico
                  • Capturing SIP authentication
                  • Mastering VoIP Hopper
                  • Causing a denial of service
                  • Attacking VoIP using Metasploit
                  • Sniffing DECT phones
                  • Chapter 9: Password Cracking
                    • Introduction
                    • Online password attacks
                    • Cracking HTTP passwords
                    • Gaining router access
                    • Password profiling
                    • Cracking a Windows password using John the Ripper
                    • Using dictionary attacks
                    • Using rainbow tables
                    • Using NVIDIA Compute Unified Device Architecture (CUDA)
                    • Using ATI Stream
                    • Physical access attacks
                    • Chapter 10: BackTrack Forensics
                      • Introduction
                      • Intrusion detection and log analysis
                      • Recursive directory encryption/decryption
                      • Scanning for signs of rootkits
                      • Recovering data from a problematic source
                      • Retrieving a Windows password
                      • Resetting a Windows password
                      • Looking at the Windows registry entries

                      Willie L. Pritchett

                      Willie L. Pritchett has a Master's in Business Administration. He is a seasoned developer and security enthusiast who has over 20 years of experience in the IT field. He is currently the Chief Executive at Mega Input Data Services, Inc., a full service database management firm specializing in secure, data-driven, application development, and staffing services. He has worked with state and local government agencies as well as helping many small businesses reach their goals through technology. Willie has several industry certifications and currently trains students on various topics including ethical hacking and penetration testing.

                      David De Smet

                      David De Smet has worked in the software industry since 2007 and is the founder and CEO of iSoftDev Co., where he is responsible for many varying tasks, including but not limited to consultant, customer requirements specification analysis, software design, software implementation, software testing, software maintenance, database development, and web design. He is so passionate about what he does that he spends inordinate amounts of time in the software development area. He also has a keen interest in the hacking and network security field and provides network security assessments to several companies.
                      Sorry, we don't have any reviews for this title yet.

                      Submit Errata

                      Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.


                      Errata

                      - 4 submitted: last submission 24 Mar 2014

                      Errata type: Code | Page number: 171

                      In step 4 under the How to do it... section, the command should be:

                      macchanger --mac 00:11:22:33:44:55 wlan0

                      and not:

                      macchanger -mac 00:11:22:33:44:55 wlan0

                       

                      Errata Type: Technical | Page number:135

                      In the There's more section:

                      There are many ways to generate the 
                      username word list and the password file, and several methods are provided in 
                      Chapter 8, Voice Over IP (VoIP).

                       

                      There should be no chapter reference and the line should be:

                       

                      There are many ways to generate the 
                      username word list and the password files. 

                      Errata type: Code | Page number: 134

                      In step 8 the given code is:

                       set pass_file /opt/metasploit/msf3/data/wordlists/postgres_default_user.txt

                       

                      It should be:

                      set pass_file /opt/metasploit/msf3/data/wordlists/postgres_default_pass.txt


                      Errata type: Technical | Page number: 172

                      In How it works... section

                      Given is: In this recipe, we used the Aircrack suite to crack the WPA key of a wireless network. Aircrack is one of the most popular programs for cracking WPA. Aircrack works by gathering packets from a wireless connection over WPA and then brute forcing passwords against the gathered data until a successful handshake is established. We began the recipe by starting Aircrack and selecting our desired interface. Next, we changed our MAC address which allowed us to change our identity on the network and then searched for available wireless networks to attack using Airodump. Once we found the network we wanted to attack, we used Aireplay to associate our machine with the MAC address of the wireless device we were attacking. We concluded by gathering some traffic and then applied brute force to the generated CAP file in order to get the wireless password.

                      This should be: In this recipe, we used the Aircrack suite to crack the WPA key of a wireless network. Aircrack is one of the most popular programs for cracking WPA. Aircrack works by gathering packets from a wireless connection over WPA and then performing a dictionary attack against the gathered data when a successful handshake is established. We began the recipe by starting Aircrack and selecting our desired interface. Next, we changed our MAC address which allowed us to change our identity on the network and then searched for available wireless networks to attack using Airodump. Once we found the network we wanted to attack, we used Aireplay to associate our machine with the MAC address of the wireless device we were attacking. We concluded by gathering some traffic and then applied dictionary attack to the generated CAP file in order to get the wireless password.

                      Sample chapters

                      You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

                      Frequently bought together

                      BackTrack 5 Cookbook +    Moodle Administration =
                      50% Off
                      the second eBook
                      Price for both: $34.50

                      Buy both these recommended eBooks together and get 50% off the cheapest eBook.

                      What you will learn from this book

                      • Install and set up BackTrack 5 on multiple platforms
                      • Customize BackTrack to fit your individual needs
                      • Exploit vulnerabilities found with Metasploit
                      • Locate vulnerabilities Nessus and OpenVAS
                      • Provide several solutions to escalate privileges on a compromised machine
                      • Learn how to use BackTrack in all phases of a penetration test
                      • Crack WEP/WPA/WPA2 Encryption
                      • Learn how to monitor and eavesdrop on VOIP networks

                      In Detail

                      BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. BackTrack is a distribution based on the Debian GNU/Linux distribution aimed at digital forensics and penetration testing use. It is named after backtracking, a search algorithm.

                      "BackTrack 5 Cookbook" provides you with practical recipes featuring many popular tools that cover the basics of a penetration test: information gathering, vulnerability identification, exploitation, priviledge escalation, and covering your tracks.

                      The book begins by covering the installation of BackTrack 5 and setting up a virtual environment to perform your tests.

                      We then dip into recipes involving the basic principles of a penetration test such as information gathering, vulnerability identification, and exploitation. You will further learn about privilege escalation, radio network analysis, Voice over IP, Password cracking, and BackTrack forensics.

                      "BackTrack 5 Cookbook" will serve as an excellent source of information for the security professional and novice alike.

                      Approach

                      This is a cookbook with the necessary explained commands and code to learn BackTrack thoroughly. It smoothes your learning curve through organized recipes.

                      Who this book is for

                      This book is for anyone who desires to come up to speed in using BackTrack 5 or for use as a reference for seasoned penetration testers.

                      Code Download and Errata
                      Packt Anytime, Anywhere
                      Register Books
                      Print Upgrades
                      eBook Downloads
                      Video Support
                      Contact Us
                      Awards Voting Nominations Previous Winners
                      Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
                      Resources
                      Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software