Xplico is a NFAT or Network Forensics Analysis Tool that is designed to either capture traffic in real time sessions or to provide an interface to upload PCAP (Packet Capture Data) files for analysis. The current version in Backtrack Linux 5 release 3 is 0.7 however the latest Xplico version is Xplico 1.0.1. I believe there are some dependencies required in the later versions of Xplico so I will write an updated article once Backtrack 6 comes up and the latest version of Xplico can easily be installed.
If you have ClientExec installed in a sub-directory say /clientexec and want to require HTTPS only for ClientExec the easiest way to accomplish this is by putting a .htaccess file inside of the sub directory itself. There are numerous solutions to this posted as CE Knowledge Base Articles and within the CE forums but many of them did not work for me so I wanted to post the solution that worked on setup using CentOS as the operating system and using Apache/PHP/MySQL on that platform.
Network stress testing is taken for granted sometimes however it is extremely useful in many aspects of a network. Typically when someone is thinking of stress testing something technology related they are thinking of stress testing a web application of some sort however it is beneficial to also stress test every piece of network hardware from the firewall to the web server that the application is running on to make sure there are no weaknesses once packets touch your network. With that said there are some great applications within Backtrack that provide stress testing capabilities such as siege which is classified as a HTTP/HTTPS Stress Tester which depending on the location you test from could also test network hardware between the Internet and the web server running the application being tested.
When testing websites it may be beneficial to spoof the referer URL. I have used these methods in the past to locate bugs in code or files that have been infected with forms of search engine click jacking. The two easiest methods that I have found are using the Google Chrome extension called Spoofy or just using curl from the Linux CLI. Typically using curl is the easiest but if you are not familiar with curl then Spoofy also provides similar results. Below I describe both methods in detail.
The other day while configuring a Asus RT-N16 wireless router we had installed DD-WRT software on I decided to turn off HTTP access to the web admin interface. After making this change I got pulled away to test something else and never tested it so I was surprised when I attempted to login today and I was unable to login to the DD-WRT web interface using HTTP or HTTPS. Turns out something was not allowing HTTPS to start and since I had disabled HTTP the wireless router was no longer listening on port 80 or port 443. Below is information on how to start Apache after logging into a wireless router running DD-WRT either via SSH or via telnet.