Results 1 to 8 of 8

Thread: Pentesting an OS

  1. #1
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    2

    Default Pentesting an OS

    does BT3 have the tools to pentest an OS? If so, what are they?

  2. #2
    Good friend of the forums
    Join Date
    Feb 2010
    Posts
    328

    Default

    what are you trying to do on what OS ? BT is made for just that ... I mean that is what BT is all about .. you need to start from the beginning. goto my site download portable metasplpoit and portable w3af then start messing with BT from what it sounds like your a not quite ready for BT

  3. #3
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by UndeniablyRexer View Post
    does BT3 have the tools to pentest an OS?
    Yes.

    Quote Originally Posted by UndeniablyRexer View Post
    If so, what are they?
    They are listed on the Backtrack wiki, which you can find at the far end of a Google search.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  4. #4
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    2

    Default

    what are you trying to do on what OS ? BT is made for just that ... I mean that is what BT is all about .. you need to start from the beginning. goto my site download portable metasplpoit and portable w3af then start messing with BT from what it sounds like your a not quite ready for BT
    well, I've got to start somewhere, and why not somewhere where all the setup is already done. Any OS, but XP and Vista in particular. I want to test the difficulty of obtaining access to my XP box from inside the network.

    Anyway, I went to your site, those programs look promising. Thanks.

    They are listed on the Backtrack wiki, which you can find at the far end of a Google search.
    sounds fun.

  5. #5
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by UndeniablyRexer View Post
    well, I've got to start somewhere, and why not somewhere where all the setup is already done.
    Because then you have NFI how the tools work, nor how they interact with your system, nor the requirements for them to work, nor some of the tools that they rely on.

    So basically, learn the process before you start looking for the tools.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  6. #6
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Another thing that's been said a million times and worth checking out are DC-ICE disks

    De-ICE.net PenTest LiveCDs Project

    You can use BackTrack to pen test on these vulnerable Linux boxes. They have support forums that give you hints as to which tools to use if you get stuck, as well as videos.

  7. #7
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    1

    Default

    @ UndeniablyRexer

    Hello,

    I see where your coming from. When I first became interested in penetration testing, I longed to see an admin C:> prompt or a VNC exploit as these truly let ya know you own a machine. I respect where your starting from, you've got some fairly up-to-date XP and Vista machines.

    When you PWN one of these you will truly become much more interested in pen testing. Might I suggest you run a few insecure apps on these machines {old versions of Apache or an up to date version of IIS : ) lol} as many fully patched XP/ Vista boxes are (in the real world) vulnerable to these attacks.

    but even without running insecure apps the latest XP/Vista boxes are still vulnerable to certain attacks. Might I suggest you take a look at

    hxxp://forums.remote-exploit.org/backtrack3-howtos/19129-metasploiting-bt3-reverse-tcp-9.html

    Download phoenix910's PDF tutorial and have a good read of it. It will show you how to own a patched XP/Vista box and also get you used to using Metasploit (one of Backtracks Most Useful Tools for Pentesting).

    If you have any specific questions as how to use certain tools included with Backtrack for Penetration Testing Specific OS's or apps feel free to PM me. I'll help out where I can. In the meantime have fun!!

    TheLyNx

  8. #8
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by Lincoln View Post
    Another thing that's been said a million times and worth checking out are DC-ICE disks
    I second the notion for the De-Ice cd's for a starter.
    Fast and easy to setup, work with and penetrate.
    Not to mention it starts with basic tools not all the "fancy high-end" ones like fast track and or metasploit.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •