Backtrack Archives - 7ASecurity Blog https://7asecurity.com/blog/ Helping you secure apps and websites Thu, 24 Apr 2025 07:10:00 +0000 en-US hourly 1 https://7asecurity.com/blog/contents/uploads/2019/06/favicon.ico Backtrack Archives - 7ASecurity Blog https://7asecurity.com/blog/ 32 32 Kali Linux: Dude, where’s my sshd-generate? https://7asecurity.com/blog/2013/04/kali-linux-dude-wheres-my-sshd-generate/ https://7asecurity.com/blog/2013/04/kali-linux-dude-wheres-my-sshd-generate/#comments Fri, 19 Apr 2013 00:35:00 +0000 UPDATE: This probably only affects the VMWare image, you will know if it also affects the Kali install if your hashes match my sample hashes below. So the fine folks at offensive security released this new distro called “Kali Linux” recently, which is essentially: Replacing Backtrack Based on Debian (instead of Ubuntu) One of the …

The post Kali Linux: Dude, where’s my sshd-generate? appeared first on 7ASecurity Blog.

]]>
https://7asecurity.com/blog/2013/04/kali-linux-dude-wheres-my-sshd-generate/feed/ 5
Installing and using LAPSE Plus in BackTrack 5/Ubuntu https://7asecurity.com/blog/2013/01/installing-and-using-lapse-plus-in/ https://7asecurity.com/blog/2013/01/installing-and-using-lapse-plus-in/#comments Wed, 23 Jan 2013 04:37:00 +0000 An interesting tool for Java source code analysis is OWASP LAPSE Plus. You can see the instructions to set it up on the project’s page or Click to explore. OWASP LAPSE Plus requires Eclipse Helios and a number of people who know more than me at stack overflow suggest that you should not install eclipse …

The post Installing and using LAPSE Plus in BackTrack 5/Ubuntu appeared first on 7ASecurity Blog.

]]>
https://7asecurity.com/blog/2013/01/installing-and-using-lapse-plus-in/feed/ 4
Backtrack 5 Shell Script to Change the Ruby Environment automatically https://7asecurity.com/blog/2011/10/backtrack-5-shell-script-to-change-ruby/ Fri, 07 Oct 2011 21:06:00 +0000 NOTE: I also posted this to the BeEF Project Wiki Click to explore Some Backtrack 5 security tools need ruby 1.8 (i.e. whatweb) and others ruby 1.9.2 (i.e. BeEF). This script automates the switch. By setting the ruby environment to the correct ruby version we can run all tools. This script aims to make this …

The post Backtrack 5 Shell Script to Change the Ruby Environment automatically appeared first on 7ASecurity Blog.

]]>
Read Meat Series: Backtrack 5 Installation Script for BeEF https://7asecurity.com/blog/2011/07/read-meat-series-backtrack-5/ Sat, 30 Jul 2011 06:12:00 +0000 This is just a quick note to let you know that I recently put together a Backtrack 5 Installation Script on the BeEF project wiki here. You won’t have to install BeEF by hand on your Backtrack 5 H4x0r server farms and clouds anymore ;).

The post Read Meat Series: Backtrack 5 Installation Script for BeEF appeared first on 7ASecurity Blog.

]]>
Acquiring a Raw Hard Drive image with Backtrack 5 over the network https://7asecurity.com/blog/2011/07/acquiring-raw-hard-drive-image-with/ Sat, 23 Jul 2011 02:16:00 +0000 Let’s imagine the following fictional scenario: You are operating on a shoe string security budget. An old Windows XP SP0 machine was compromised and you are tasked with acquiring a raw hard drive image so that you can perform some forensics on that image later on. To keep things simple we are leaving memory forensics …

The post Acquiring a Raw Hard Drive image with Backtrack 5 over the network appeared first on 7ASecurity Blog.

]]>
Testing for SSL-TLS (OWASP-CM-001) https://7asecurity.com/blog/2011/07/testing-for-ssl-tls-owasp-cm-001/ Sat, 16 Jul 2011 01:17:00 +0000 A nice tool for SSL cipher testing is this Perl script: ssl-cipher-check.pl, however, in Backtrack and also on other distros you may get this error the first time you run it: ssl-cipher-check.pl -vw my.exampledomain.com 443 … ERROR: Unable to find /usr/bin/gnutls-cli-debug. Please install the gnutls-devel package To avoid that simply install the missing package as …

The post Testing for SSL-TLS (OWASP-CM-001) appeared first on 7ASecurity Blog.

]]>
Meterpreter keylogger: Getting passwords the easy way https://7asecurity.com/blog/2011/07/meterpreter-keylogger-getting-passwords/ https://7asecurity.com/blog/2011/07/meterpreter-keylogger-getting-passwords/#comments Sat, 09 Jul 2011 00:33:00 +0000 In a recent pen test, after compromising the host machine I faced the fact that LM hashes were disabled, and the passwords in use were relatively strong so the normal dictionary and brute-force attacks would not work straightaway. Because it was a long pen test, I had an idea: I could use the meterpreter key …

The post Meterpreter keylogger: Getting passwords the easy way appeared first on 7ASecurity Blog.

]]>
https://7asecurity.com/blog/2011/07/meterpreter-keylogger-getting-passwords/feed/ 1
Testing for HTTP Methods and XST (OWASP-CM-008) https://7asecurity.com/blog/2011/07/testing-for-http-methods-and-xst-owasp/ Sat, 02 Jul 2011 00:36:00 +0000 When Testing for HTTP Methods and XST a common vulnerability to find is XST. When you manually verify that this vulnerability is truly present (i.e. not a tool false positive) you can use tools like netcat but sometimes the web server is using SSL and netcat will not work straightaway. You can get around this …

The post Testing for HTTP Methods and XST (OWASP-CM-008) appeared first on 7ASecurity Blog.

]]>
Registering and using Nessus in Backtrack 5 https://7asecurity.com/blog/2011/06/registering-and-using-nessus-in/ Sat, 25 Jun 2011 00:33:00 +0000 Unlike previous Backtrack versions Nessus now comes installed by default on Backtrack 5. This is very cool because all that is left for you is to activate Nessus! If that was not enough, when you upgrade Backtrack the instructions to register are just shown to you: …. root@bt:~# apt-get upgrade … – Please run /opt/nessus/sbin/nessus-adduser …

The post Registering and using Nessus in Backtrack 5 appeared first on 7ASecurity Blog.

]]>
Dumping Hashes on Win2k8 R2 x64 with Metasploit https://7asecurity.com/blog/2011/06/dumping-hashes-on-win2k8-r2-x64-with/ https://7asecurity.com/blog/2011/06/dumping-hashes-on-win2k8-r2-x64-with/#comments Wed, 01 Jun 2011 01:00:00 +0000 Update 19:00 – Also related to this is this post by Carlos Perez, Unfortunately the script is not yet in the metasploit trunk today. But you can download it and copy it to the appropriate folders in the meantime. So, I compromised a Win2k8 R2 x64 host during a pen test and wanted to dump …

The post Dumping Hashes on Win2k8 R2 x64 with Metasploit appeared first on 7ASecurity Blog.

]]>
https://7asecurity.com/blog/2011/06/dumping-hashes-on-win2k8-r2-x64-with/feed/ 1