Hackavision

I'm seeing a lot of my viewers still use Windows, and since I haven't posted any Windows information yet (don't worry, I will!) I felt like posting a how-to on dual-booting (or single-booting) the penetration testing suite I use called Backtrack 5 would be very helpful to everyone viewing my blog. Here's a quick list of the things you'll need to install Backtrack 5: a USB stick with at least 2gigs of free space (mine is 8gigs), I would suggest 4gigs as a minimum. a computer to install it to (you can dualboot, or fresh install and overwrite a disk) an Ethernet Internet connection makes this easier in the updating stage.

I've written most of a how-to and explanation of how to use two programs, SSLStrip and Ettercap, to sniff networks and grab passwords even if a secure connection is used (HTTPS rather than HTTP), but I have to cover a few topics before I release it. First, I need to explain how to install SSLStrip for those people not using Backtrack 5, then I must explain ARP (Address Resolution Protocol) poisoning and spoofing, since this is an important part of using SSLStrip and Ettercap to grab passwords. If you're using Backtrack 5, like I mentioned before SSLStrip should be installed already and located in the "/pentest/web/sslstrip" folder and can be run by typing "python sslstrip.py" For the users not using Backtrack 5, follow the directions below:

Now that I've briefly covered some WEP/WPA cracking, lets install an important tool to our arsenal for issuing exploits and "payloads" (a name for exploits). This program is called "Metasploit" and is considered by many to be one of the most important hacking/pentesting tools around. It has an amazing array of exploits that can be used on many vulnerable machines, and when coupled with the vulnerability scanner Nessus (I'll cover this in the future) becomes a highly sophisticated tool we can use to hack into and secure our networks. I'm installing this on Ubuntu Gnome Backtrack 5 (the newest release), so if you're on a different GUI (like KDE) and aren't using BT5, some things might be different. NOTE: It may be useful for new users to check out my  Linux commands overview that I recently updated (the day this post was released). Hopefully you know the basics of Linux navigation and listing commands, so lets begin.