Pentesting an OS
does BT3 have the tools to pentest an OS? If so, what are they?
what are you trying to do on what OS ? BT is made for just that ... I mean that is what BT is all about .. you need to start from the beginning. goto my site download portable metasplpoit and portable w3af then start messing with BT from what it sounds like your a not quite ready for BT
Yes.Originally Posted by UndeniablyRexer
They are listed on the Backtrack wiki, which you can find at the far end of a Google search.
Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".
The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.
well, I've got to start somewhere, and why not somewhere where all the setup is already done. Any OS, but XP and Vista in particular. I want to test the difficulty of obtaining access to my XP box from inside the network.what are you trying to do on what OS ? BT is made for just that ... I mean that is what BT is all about .. you need to start from the beginning. goto my site download portable metasplpoit and portable w3af then start messing with BT from what it sounds like your a not quite ready for BT
Anyway, I went to your site, those programs look promising. Thanks.
sounds fun.They are listed on the Backtrack wiki, which you can find at the far end of a Google search.
Because then you have NFI how the tools work, nor how they interact with your system, nor the requirements for them to work, nor some of the tools that they rely on.
So basically, learn the process before you start looking for the tools.
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
Another thing that's been said a million times and worth checking out are DC-ICE disks
De-ICE.net PenTest LiveCDs Project
You can use BackTrack to pen test on these vulnerable Linux boxes. They have support forums that give you hints as to which tools to use if you get stuck, as well as videos.
@ UndeniablyRexer
Hello,
I see where your coming from. When I first became interested in penetration testing, I longed to see an admin C:> prompt or a VNC exploit as these truly let ya know you own a machine. I respect where your starting from, you've got some fairly up-to-date XP and Vista machines.
When you PWN one of these you will truly become much more interested in pen testing. Might I suggest you run a few insecure apps on these machines {old versions of Apache or an up to date version of IIS : ) lol} as many fully patched XP/ Vista boxes are (in the real world) vulnerable to these attacks.
but even without running insecure apps the latest XP/Vista boxes are still vulnerable to certain attacks. Might I suggest you take a look at
hxxp://forums.remote-exploit.org/backtrack3-howtos/19129-metasploiting-bt3-reverse-tcp-9.html
Download phoenix910's PDF tutorial and have a good read of it. It will show you how to own a patched XP/Vista box and also get you used to using Metasploit (one of Backtracks Most Useful Tools for Pentesting).
If you have any specific questions as how to use certain tools included with Backtrack for Penetration Testing Specific OS's or apps feel free to PM me. I'll help out where I can. In the meantime have fun!!
TheLyNx
I second the notion for the De-Ice cd's for a starter.
Fast and easy to setup, work with and penetrate.
Not to mention it starts with basic tools not all the "fancy high-end" ones like fast track and or metasploit.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
Posting Permissions
