BackTrack 5 r3 Penetration Testing Distribution

By: Hackaholics

Vincent Dao, Michael Elenterio, Jaclyn Franklin, Gianna Passarelli

Agenda

What is Backtrack?

• Originated as a security distribution based on the Linux distribution, first released in 2006

• Born as a merger of WHAX and Auditor Security Collection

• Advantages include variation, mobility, and it’s design is very user-friendly

• Used mainly for white hat use and mostly testing networks

• Best features is that it contains a large amount of tools which are grouped into 12 different categories

Alternative Analysis

Backtrack on VMWare

• Chosen method since it’s easier for the purpose of demonstration and any changes are automatically saved• The user does not have to continually log into

Backtrack every time and documents downloaded are all saved

• VMWare allows users to switch back and forth from Backtrack to Windows

• A new virtual machine was created in VMWare and then Backtrack was installed into that machine

• The program was easily booted and accessible

Tools Presented: Macchanger

• Manipulates the MAC address for network interfaces• The MAC address is an important element of

computer networking

• May want to change MAC address when network card stops working, to access a certain network, or for privacy concerns

• Can be changed for good or bad reasons, in terms of hacking

Tools Presented: URLCrazy

• Generates and tests mistyped domain names and variations of websites• Detects typo squatting, URL hijacking, phishing, and

corporate espionage

• Produces 15 types of typos, such as character omission and repeat, misspellings, and bit flipping

• Knows over 8,000 common misspellings, and knows over 450 homophones• Also supports multiple keyboard layouts• Use tools to check popularity and validity of typo domains

• Can control by buying typo domains and checking websites for malicious activities

Tools Presented: Exiftool

• Allows users to extract metadata from files from a large realm of formats

• Information includes file size, bit information, binary data information

• Can use this to see if a document has been tampered with

• Ways to prevent hackers from extracting data:• Authentication for access• Encryption of data

Tools Presented: Hexedit

• Used to look at both hexadecimal and ASCII strings within a file

• Can be used on both text and picture files

• Allows for editing of both hexadecimal and ASCII strings

• Contains a search function to find specific hexadecimal and ASCII strings• Can be used for good to find malware in a file by

searching for common strings used by hackers • Can be used for bad to find hidden information

within a file such as passwords and usernames

Tools Presented: Social Engineering Toolkit

• Employs and simulates social engineering attacks

• Useful for penetration testing and learning how to perpetrate such attacks

• Variety of methods• Java Applet• Website Cloner

Conclusion

• Backtrack’s uses• Defensive – URLCrazy, Hexedit, Exiftool• Offensive – Social Engineering Toolkit,

MacChanger

• Learning experience from tools

• Perfect for beginner users and up to date

Questions?