Easy Backtrack 5 Tutorial Designed For Total Beginners

When it comes to learning how to perform penetration testing with Backtrack 5, you probably know how tough it looks. Hopefully, with this Backtrack 5 Tutorial, we’re going to change that for you. What if you don’t even know what penetration testing is? Well, before we get started, we’re going to tell you. In a nutshell, penetration testing is a way for an individual (or company) to test the security of a network. It sounds a lot like hacking, doesn’t it? Don’t worry! It’s perfectly legal as long as you are using it with good intentions such as exploiting your own network and using the tool to make your network more secure.

Believe us when we say this, there is a big demand for this. After all, if you can get into a company’s network then that means that someone else probably can to. You’ll also hear of penetration testing referred to as ethical hacking or white hat hacking. Either way, it’s all the same. In the Backtrack 5 Tutorial below, we’re going to walk you through the 4 basic steps of penetration testing and teach you what you need to know in order to perform it yourself. Are you ready to get started? Great! Scroll down.

Step 1 – Surveillance

Before we get going with the actual penetration testing, we want to install a free program called “HTTrack” via the Backtrack 5 console. To do this, open Backtrack 5 and enter “sudo apt=get install httrack” and get ready for the next step. Once that’s done, go ahead and type in “httrack” into the console to pull it up. Now, in case you’re wondering, this program will allow us to index all of the pages on a given site before we start the actual penetration testing process. This means that you won’t have to be digging around through some site live and wasting precious time. You also don’t assume the risk of getting kicked off of the server before you get what you need. If that were to happen, you’d need to install this tool anyways so it’s best to play it safe and use it from the beginning.

Next, you will give your path a name (you can leave it blank if you want) and you will enter a website to copy. Once you do that and hit enter, you’ll be given a list of options. To copy the entire website, you’ll simply hit “1” on your keyboard. Give it a few minutes and you’ll have duplicates of the entire site’s contents downloaded.

There are also tools available for download that will let you repeat this process but for sub-domains and emails. We aren’t going to cover that here in this lesson but that’s because it is more of a convenience and isn’t completely necessary. With that being said, it’s about time we move on to Step 2!

Step 2 – Scan The Site

Step 2 forgetting hacking practice is also our favorite step. It’s the actual scanning process and quite frankly, it’s the least complicated step (or one of them). So, the first way to scan the site in question is with a Ping Sweep. To do this, you’ll want to enter the following code into the terminal and wait for the results.

The code: fping –a –g  123.12.12.1 321.32.21.1>hosts.txt

Now, in that code, you’ll notice something strange. There are random numbers in there. Okay, those are sample IP addresses. They aren’t real IP addresses to real sites so you’ll want to replace those with the IP address of a real site (the site you are performing penetration testing on). Essentially, what the Ping Sweet does is it sweeps and scans all the IP addresses from IP address A to IP address B. Make sense?

Once you have these results, we recommend running a vulnerability scan. To do this, enter this code:

“root@bt:~# apt-get install nessus”

Once you have this installed, you can run it by doing the following: Click Applications, Backtrack, Vulnerability Assessment, Vulnerability Scanner, Nessus, and finally, Nessus Start. Then, you wait.

Before you move on to Step 3, we have an additional recommendation that isn’t necessary but it will help. You can easily catalog both email addresses and sub-domains that are associated with the website in question