I personally use exiftool to extract EXIF or Exchangeable Image File data from files including Microsoft Office files such as .doc, .xls, and .ppt. The newer versions of Microsoft Office have new file extensions as you know which are .docx, .pptx, and .xlsx. The version of exiftool on Backtrack Linux doesn’t extract EXIF data from the latest MS Office file formats however you can easily download the latest exiftool for use on Backtrack Linux 5. Use the information below to download the latest exiftool on Backtrack, install a necessary Perl library, and then start extracting EXIF data from the newer Microsoft Office file versions.
The asp-auditor application located in Backtrack 5 R3 is fairly outdated but it still does a good job of finger printing ASP servers but the vulnerabilities that it may locate link to articles that no longer exist on the developers personal web site. Below we show two examples where asp-auditor, which is written in Perl, is run against a older Microsoft IIS web server running an ASP web site and a newer Microsoft IIS web server running an ASP web site. If your only goal is determining the IIS version and other basic ASP information then the tool could be useful.
SQLDict servers one purpose which is to brute force Microsoft SQL Server passwords. The easiest way to launch SQLDict is using the Backtrack navigation menu which launches the SQLDict.exe application using wine. The interface is easy to use as shown in the below example images.
If your daily driver is a Macbook or similar and you also manage a network that has Microsoft SQL Server running on it then it can be useful to login to those MSSQL Servers remotely. Even if its simply to view database layout or verify a service is running properly by actually connecting to it there is no doubt that having an easy method to connect to Microsoft SQL from OSX is beneficial. There are a bunch of JAVA based clients such as SQuirreL SQL Client or SQLRazor that are great applications but I personally use DBVisualizer or Navicat which are both described in more detail below.
We have had a couple requests to write a post about readpst which is included in the default path of Backtrack 5 and also located in the Backtrack menu underneath Forensics/Forensics Analysis Tools. The readpst application will read PST files which are also known as Microsoft Outlook Personal Folders and convert them to mbox, MH, or KMail formats. There are various other switches that can be used to output each email into a separate file, include attachments, modify contact formats, be recursive, etc. I will explain basic functionality below along with a couple of the formats and various switches.