Installing Nessus on Backtrack 5R3

Hello Friends, Today i am showing how to install Nessus on Backtrack 5 R3 First go to the Nessus Website and register by clicking here the Activation code will be send to your e-mail ID, Now take the Activation code Open an new terminal in Backtrack 5R3  and type the following command to download the Nessus apt-get install nessus after complete download next type this command root@bt:/opt/nessus/bin/nessus-fetch --register xxxx-xxxx-xxxx-xxxx-xxxx it...

Read more...

How to Run "C Program" in Linux

Hello friends, sometimes we need to run the C programs in the Linux Box, Today i am showing you people how to run an "C language program" from the Linux System. In linux we can use the gcc command to run C programs Most of the time by default the gcc installed in the linux. Type the following command to verify the gcc is installed : which gcc output /usr/bin/gcc To find the version of the gcc gcc --verision output gcc (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3Copyright (C) 2011 Free Software Foundation, Inc.This is free software; see the source for copying conditions.  There is NOwarranty;...

Read more...

BeEF Lab

Hello friends we seen how to start and test BeEF in the previous post. Now in this post we will be seeing how to work with XSS Vulnerability by using BeEF Framework. Lab Setting: 1.XP Virtual Machine (Victim) 2.Backtrack VM (Attacker) Attacker: 1.Start BeEF in the Backtrack. Now we will get the UI URL and the HOOK URL 2.Open the browser (any browser but firefox is preferable) 3.Copy the UI URL from the terminal and paste it in a...

Read more...

BeEF - Browser Exploitation Framework

BeEF is the Browser Exploitation Framework. The BeEF is an powerful security Framework. It Mainly focuses on the browser based exploits. If you want to see the real exploitaiton with the XSS(Cross Site Scripting) the beef can be good one. By using Beef we can see what we can do with the XSS Vulnerability. How to start with BEEF In Backtrack Beef is already there but before that you have to install it once Applications --> Backtrack...

Read more...

Acunetix

Hello Friends today we are seeing the popular web application scanner called Acunetix, The Acunetix is one of the best web application scanners, we are having a lot of other scanners like IBM Appscan, Acunetix HPWeb Inspect Netsparker W3af In this only the w3af is the opensource web application scanner that is freely available with the Backtrack 5 comming to the Acunetix here i am showing the Acunetix version 7 and how to install and use...

Read more...

Command Execution Vulnerability Exploitation

Today i will be showing how to hack the website with the command execution vulnerability.we will be see this on the DVWAWhat is Command Execution ?OS command injection is a technique used via a web interface in order to execute OS commands on a web server.The user supplies operating system commands through a web interface in order to execute OS commands. Any web interface that is not properly sanitized is subject to this exploit. With the ability...

Read more...

Access DVWA from Backtrack

Hi, Today i will show you, How to access the DVWA(Damn Vulnerable Web Application) that is installed on the xp machine from the backtrack1.First we require the XP machine and Backtrack machine in same network meansif the XP machine ip is 192.168.0.22 then backtrack should also be in the same network like 192.168.0.562.Install the XAMPP in the XP macine and start the services like Apache and Mysql 3. Download the DVWA(Damn Vulnerable Web Application)...

Read more...

Installing Google Chrome in Backtrack 5

Friends , Many asking how to install the Google chrome browser in the backtrack 5, today we will be seeing how to install that Let us see the steps 1.In the root type as apt-get install chromium-browser 2.change to chrome-browser directory  cd /usr/lib/chromium-browser 3.Type the following command  hexedit chromium-browser 4.You will be getting the hex-code , Here you have to search for geteuid...

Read more...

Stuxnet

Stuxnet -- Stuxnet is an Computer Worm discovered in the year of June 2010, that is initially spreading via windows machines and targeting the Siemens Systems. it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit. The worm will spread very fastly and it is mainly target to the Siemens SCADA(supervisory control and data acquisition) Systems that...

Read more...

Basic Commands for Windows

Hello Friends, for all your reference i am placing some basic windows commands. Quote: compmgmt.msc - Computer management devmgmt.msc - Device manager diskmgmt.msc - Disk management dfrg.msc - Disk defrag eventvwr.msc - Event viewer fsmgmt.msc - Shared folders gpedit.msc - Group policies lusrmgr.msc - Local users and groups perfmon.msc - Performance monitor rsop.msc - Resultant set of policies secpol.msc - Local security settings services.msc -...

Read more...

What is Hacking

                    The word "hacking" has two definitions. The first definition refers to the hobby/profession of working with computers. The second definition refers to breaking into computer systems. While the first definition is older and is still used by many computer enthusiasts (who refer to cyber-criminals as "crackers"), the second definition is...

Read more...

Interpol swoop nets 25 suspected 'Anonymous' hackers

Interpol has arrested 25 suspected members of the 'Anonymous' hackers group in a swoop on over a dozen cities in Europe and Latin America, the global police body said Tuesday. "Operation Unmask was launched in mid-February following a series of coordinated cyber-attacks originating from Argentina, Chile, Colombia and Spain," said the world police body based in the French city of Lyon. The statement cited attacks on the websites of the Colombian...

Read more...

SQLmap Step By Step Tutorial

Today we will see the step-by-step tutorial of Sqlmap. Sqlmap is developed in Python and it is available with Backtrack 5 and Backtrack 5 R1 and all versions of Backtrak, Otherwise you can download seperately also from $ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev Sqlmap is is best sql injection tool. With sqlmap we can know the database name and type of database i.e,Mysql or SqlServer or ........ and we can find the database...

Read more...