I'm assuming you are referring to the 'Penetration Testing with BackTrack' course hosted by Offensive Security. The videos provided by them total about 8 hours in length, and you also get a ~350...

I think the method you use, would depend on the environment you are interacting with. I wouldn't say there is a 'best' way - as sometimes certain methods will work and sometimes they won't. As long...

In a word, yes. There are plenty of of priv esc modules in the Metasploit Framework for example.

This is the default behavior of the browser, to alert users' to potential naughtiness that is occurring. Not sure if there is a setting in the GUI to turn it off, but you may find it if you type...

http://lmgtfy.com/?q=pyrit+cluster

You could also try reading the man pages for the application. They often have longer explanations of each function.

It isn't necessary to change the mon0 MAC in order to deauth. When I deauth clients, I usually use something like:

aireplay-ng -0 1 -e {ESSID} -c {CLIENT MAC} mon0

For some reason, I find it's...

As far as I understand things; a WiFi card like this operates at around 2W at max, which is 33dBm. This is also the max output from a UMTS/3G or GSM850/900 mobile phone. There are enough of those...

Ok, sorry. Assuming the person does not have a card capable of communicating on the 5GHz band, then this is true. I meant to say that the 5GHz band was not immune to this type of attack.

Sounds like it. An easy way to test them, is to boot up both VMs and try to ping them from each other.

If you run something as simple as airodump-ng, it will show you 'probes' that wireless devices are transmitting. As you describe, this is the wireless client actively sending out broadcast probes...

Enabled IP forwarding?


echo 1 > /proc/sys/net/ipv4/ip_forward

I've tried to replicate what you are doing but I only came across an issue when my IP list wasn't parsed properly; but that didn't give me the error you have. Have you tried using a list with just a...

Well as I alluded to in that thread, I don't think there is necessarily an easy solution for you and your neighbours. The deauthentication packet is part of the IEEE regs which is embedded in WiFi...

There is another similar thread which has been raised here. When you say other electronic devices work, do you mean they can connect to your WiFi, or do you just mean they turn on and seem to...

The deauthentication packets sent by aireplay-ng are based on rules as stated in the IEEE regulations, so all WiFi devices must accept them. I'm not aware of methods to prevent these attacks, but I...

You could check out the Building A Module section of the Metasploit Unleashed set of pages.

There is a weakness in the implementation of Wi-Fi Protected Setup, which allows you to brute-force the PIN and obtain WPA/2 passphrases. Look into a tool called Reaver for details on that. There...

It would be a pretty epic fail for you to compromise your own host OS :p As you can see, my host computer is a Mac and I run BT5 and my target OS's as VMs. I'm not concerned about my BT5 VM putting...

In the main VirtualBox Preferences, go to the Network tab. There will probably be a host network called vboxnet0 already created. If not, add a new network yourself. When you create your VMs, go...

Forgive me if I'm being dense, but I don't see the point in that article at all. It seems to be focused around transforming BackTrack into an everyday OS for general use, which is totally not the...

I'm not sure about Hydra, but the MSF ssh_login module has a STOP_ON_SUCCESS option. Presumably if you set this to false, the module will continue guessing passwords, even if it thinks it has...

Since you are just starting out, I would avoid spending lots of money if you can. It's just not necessary at this stage. You can set up a virtual machine environment on a single computer using...

I'm not sure I completely understand what you are saying. Do you mean that the SSID for your network does not appear in the rainbow tables? If that's the case, you can't just add a folder into...

I think I would start off by saying that if you are completely new to Linux, you are going to find using BT5 very hard indeed. It is a complete no-hand-holding OS, and perhaps not the best to learn...