Awhile back I installed a version of Metasploit Pro while juggling a couple other tasks and unfortunately I noted the password in an encrypted text document and forgot the location which in itself was a fail. Regardless of the mistake I made luckily Metasploit Express and Metasploit Pro make it easy enough to change the msf user web console password without any pain. Use the directions below to modify the msf users login information on your Metasploit Pro or Metasploit Express installation.
The sbd command is a netcat clone that offers decent encryption, allows for command execution, and will install on Linux or Windows. You are likely aware of netcat and all of the different ways you can use it including reverse shells, port scanning, etc. The sbd command is a great tool for opening up protected listeners or as noted in the Backtrack Linux menu for maintaining access to servers on compromised networks. Since it is likely you are familiar with nc or netcat below I go into setting up a reverse shell using a secret key between the listener and the connecting client.
The bulk_extractor tool is one of the tools on Backtrack that a single article is not going to do it a lot of justice but hopefully after reading the below you will be able to see the benefits and understand basic usage of this amazing tool. The bulk_extractor actually reminds me of various tools such as Power Grep for Windows that can be used in penetration tests to locate private data worth being called out in a deliverable. By no means will the below be a complete howto for the bulk_extractor but again it will attempt to shed some light on its purpose and some easy ways it can be used.
The ss command is not necessarily specific to Backtrack but is typically included in most Linux or UNIX distributions. This is definitely a core utility though that should be in any pen testers arsenal as it provides great information about any type of socket socket including DCCP sockets, RAW sockets, TCP sockets, UDP sockets and UNIX sockets. There are various switches that are useful based on the task and below I go into multiple examples of using switches for different scenarios.
Backtrack includes a bunch of items that are not in the menu system such as the list-urls.py Python script. This script which has been enhanced by Muts simply queries a specific URL and extracts all of the URL’s from the page. These types of scripts really are handy and knowing your way around Backtrack can save you a ridiculous amount of time.