.

need some help with BT5r1/2

<<

lahp

Newbie
Newbie

Posts: 3

Joined: Sun Jan 20, 2008 11:08 am

Post Fri Mar 30, 2012 11:57 am

need some help with BT5r1/2

Hi all I need some help with some tools I am new to hacking and can hack WIFI but so far thats about it ... I wish to webhack and network hack (I have permission from companies to do so) and was wondering what tools from BT5 I should use and if there are any guides for using them :) ta!
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Mar 30, 2012 12:02 pm

Re: need some help with BT5r1/2

Welcome to EH-Net.

BackTrack is pretty well organized in that you can look through the menu or sift through the directories to find both 'network' and 'web' attack tools.

We can help you once you have specific questions.

You may want to take a look at these two sites:
BackTrack Forums
BackTrack Wiki

You may also have an interest in this:
Samurai WTF (Web Testing Framework)
<<

lahp

Newbie
Newbie

Posts: 3

Joined: Sun Jan 20, 2008 11:08 am

Post Fri Mar 30, 2012 12:12 pm

Re: need some help with BT5r1/2

BillV wrote:Welcome to EH-Net.

BackTrack is pretty well organized in that you can look through the menu or sift through the directories to find both 'network' and 'web' attack tools.

We can help you once you have specific questions.

You may want to take a look at these two sites:
BackTrack Forums
BackTrack Wiki

You may also have an interest in this:
Samurai WTF (Web Testing Framework)


Thank you for your reply,

I have previously looked through the tools but sadly I do not know how to use them, this was really the main question what one is most suggested and maybe a list of commands to go with it? or a video?
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Fri Mar 30, 2012 12:20 pm

Re: need some help with BT5r1/2

get the book "the basics of hacking and penetration testing" it'll get you started. will give you an idea of not only what tools to use to do it, but a good way to go about it. at under 150 pages it shouldn't take you long.
OSWP, Sec+
<<

unicityd

User avatar

Full Member
Full Member

Posts: 170

Joined: Wed Sep 03, 2008 5:33 pm

Post Fri Mar 30, 2012 12:36 pm

Re: need some help with BT5r1/2

You say that you have permission from others to hack/pen-test their sites yet you have no idea how to do so.  I strongly suggest setting up a home lab, reading some books/articles, playing with the tools and trying to figure out what you are doing before you play with someone else's network.  Without understanding what you are doing, you won't be able to produce anything of value for your target and you may inadvertently break something because you didn't understand the consequences of a tool (e.g. an exploit that kills the targeted service).  If you can practice/learn at home, read books, maybe take a training class or two, you may be able to work your way into a junior position where you can carry out actual penetration testing under the watchful eye of more senior people who can provide some guidance.  Are you working in IT now?  Does your company have a security department or security staff?

There is no specific tool that you use for hacking/pen-testing.  It's all about context.  You'll use different tools depending on whether the target is a specific system/web app or an enterprise network.  You'll probably have some favorite tools for various common tasks (e.g. nmap for port scanning), but you'll need to know which tools to use depending on what you find.  What services can you access?  What versions?  What is the underlying OS?  Can you connect directly to your target or do you have to gain a foothold on another system first?  The number of questions/variables that will come up is infinite.  The more you know and the more experience you have, the better prepared you will be to find the answers.

If you want a book on hacking, try Hacking Exposed, Counter Hack, or Professional Pen Testing Vol. I.  For web applications, the Web Application Hackers Handbook is very good.  I have the 2nd edition, but a new one came out recently.  Heck, read everything you can get your hands on. 

You should also check out this guide by Sil, another member of this site:

http://www.infiltrated.net/pentesting101.html

Do everything Sil says in his tutorial.  Plan to learn networking, programming, and how to manage Windows and one or more variants of Unix/Linux.

Learning a couple of tricks to hack into undefended sites is easy, but if you want to operate at a high level you need to understand networking, system administration, and some programming in addition to understanding a wide variety of security tools and the concepts behind them.  You'll have to move beyond using canned tools to building your own and, especially with web apps, learning to find new vulnerabilities and exploit them.
BS in IT, CISSP, MS in IS Management (in progress)

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software