Categories
BackTrack BT Linux Ubuntu UNetbootin VMWare WEP Windows WPA

How to install BT4 dualboot xp on your HDD without vmware or dvd disks

This tutorial is about 1 SATA drive with 2 partitions, the first one has Windows XP

  1. Download BT4 ISO
  2. Download UNetbootin

Launch UNetbootin and choose the ISO path and pick your XP hdd C:

It wont delete your files , it will just add a few BT4 installation files, basically it makes it possible to boot your PC into a live CD without using a disc, and you can safley uninstall it when you enter Windows again

After you install BT4 with UNetbootin you can boot into BT4 easily, youĺl be given the choice of XP or BT4.

While in BackTrack click the file on desktop that says install and follow the prompts.  I formated the second partition with ext2 and 10gb swap.

Once complete reboot, but you won’t be able to boot into BT yet (the one you installed on second partition not the UNetbootin one on XP partition), so boot into the UNetbootin live cd BT and open a terminal and type the following to fix the grub. Note: you can even use a live cd linux for ubuntu if you have one works the same.

sudo grub

find /boot/grub/stage1

— you will get info about where BT is installed something like (hd?,?) mine was (hd1,1)

then type

root (hd1,1)

Reboot and enjoy.

BackTrack links

Categories
BackTrack BT Encryption Grep Linux Nessus Passwords SSL Ubuntu VMWare WEP Windows WPA

Backtrack 4 – USB/Nessus Boot with Persistent Changes

This how-to will show you a method for building a USB thumb drive with the following features:
  • Persistent Changes – Files saved and changes made will be kept across reboots.
  • Nessus and NessusClient installed – Everybody needs Nessus
  • Encryption configured (Note: This is not whole drive encryption)

Tools and Supplies

  1. A USB thumbdrive – minimum capacity 4GB
  2. A Backtrack 3 CDROM, Backtrack 4 DVD or an additional USB thumbdrive  (minimum 2GB) – Used to partition the thumbdrive.
  3. Optional: UNetbootin – A tool to transfer an iso image to a USB drive.
Download the Backtrack 4 Pre Release ISO here.
This tutorial is based on booting Backtrack 4 first. This means that you need some form of bootable Backtrack 4 media. This can be a virtual machine, DVD, or USB drive. Use your favorite method of creating a DVD or USB drive or you can use UNetBootin to create the thumb drive.  Below is a screenshot of using UnetBootin to install Backtrack 4 on a USB drive.
Installing Backtrack 4 with UnetBootin
It is as simple as selecting the image we want to write to the USB drive, the drive to write it to, and then clicking the ‘OK’ button. Warning: Make sure you pick the correct destination drive.
Partition the USB thumbdrive
The first step is to boot up Backtrack 4.  With the release of Backtrack 4 Final, a 4 GB drive is required if we are going to enable persistence.  For Backtrack 3 and Backtrack 4 Beta, we could get away with a 2GB drive.  We will also need to figure out which drive is our target drive. The following command will show the drives available and you can determine from that which is the new USB drive:
dmesg | egrep hd.|sd.
We need to partition and format the drive as follows:
  1. The first partition needs to be a primary partition of at least 1.5 GB and set to type vfat. Also remember to make this partition active when you are creating it. Otherwise you might have some boot problems.
  2. The second Partition can be the rest of the thumb drive.
Below are the steps to take to get the drive partitioned and formatted. These steps are taken from this video on Offensive Security website. A ‘# blah blah‘ indicates a comment and is not part of the command and user typed commands are bolded. One note, we will need to delete any existing partitions on the drive.

fdisk /dev/sda # use the appropriate drive letter for your system
# delete existing partitions. There may be more than one.
Command (m for help): d
Partition number (1-4): 1
# create the first partition
Command (m for help): n
Command action
e   extended
p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-522, default 1):
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-522, default 522): +1500M
#create the second partition
Command (m for help): n
Command action
e   extended
p   primary partition (1-4)
p
Partition number (1-4): 2
First cylinder (193-522, default 193):
Using default value 193
Last cylinder, +cylinders or +size{K,M,G} (193-522, default 522):
Using default value 522
# Setting the partition type for the first partition to vfat/fat32
Command (m for help): t
Partition number (1-4): 1
Hex code (type L to list codes): b
Changed system type of partition 1 to b (W95 FAT32)
# Setting the partition type for the second partition to Linux
Command (m for help): t
Partition number (1-4): 2
Hex code (type L to list codes): 83
# Setting the first partition active
Command (m for help): a
Partition number (1-4): 1
Command (m for help): w
# now it is time to format the partitions
mkfs.vfat /dev/sdb1
mkfs.ext3 -b 4096 -L casper-rw /dev/sdb2

Two things to notice above in the format commands; 1) we are using ext3 instead of ext2 and 2) you must include the -L casper-rw portion of the command. Being able to use ext3 is great because of journaling. The -L casper-rw option helps us get around the problem we had where we had to enter the partition name in order to get persistence working. As you will see, that is no longer necessary.  So go ahead and partition and format the drive according the layout above.
Make it a bootable Backtrack 4 USB thumb drive
  1. Mount the first partition.
  2. Copy the Backtrack files to it.
  3. Install grub.

Following are the commands to execute. Again, ‘#’ denote comments and user typed commands are in bold.

# mount the first partition, sda1 in my case.
mkdir /mnt/sda1
mount /dev/sda1 /mnt/sda1

# copy the files, you will need to find where the ISO is mounted on your system.
cd /mnt/sda1
rsync -r /media/cdrom0/* .

# install grub
grub-install –no-floppy –root-directory=/mnt/sda1 /dev/sda

That’s it. We now have a bootable Backtrack 4 USB thumb drive.
Persistent Changes
This is done much differently and more easily than it was in Backtrack 4 Beta or Backtrack 3. First of all, for basic persistence, we don’t have to do anything at all. There is already a menu option that takes care of it for us. Unfortunately, it is only for console mode so we need to make a couple changes.  We want to do the following things:
  1. Change the default boot selection to persistent.
  2. Set the resolution for our gui.

To do so, do the following. Again, ‘#’ …comment….user typed…blah blah.

cd /mnt/sda1/boot/grub
vi menu.lst

# change the default line below to ‘default 4′ and append ‘vga=0×317′ (that’s a zero) to the kernel line to set the resolution to 1024×768
# By default, boot the first entry.
default 4
.
.
.
title                Start Persistent Live CD
kernel           /boot/vmlinuz BOOT=casper boot=casper persistent rw quiet vga=0×317
initrd            /boot/initrd.gz

:wq

Here is my entire menu.lst file for reference.

# By default, boot the first entry.
default 4
# Boot automatically after 30 secs.
timeout 30

splashimage=/boot/grub/bt4.xpm.gz
title                Start BackTrack FrameBuffer (1024×768)
kernel                /boot/vmlinuz BOOT=casper boot=casper nopersistent rw quiet vga=0×317
initrd                /boot/initrd.gz
title                Start BackTrack FrameBuffer (800×600)
kernel                /boot/vmlinuz BOOT=casper boot=casper nopersistent rw quiet vga=0×314
initrd                /boot/initrd800.gz
title                Start BackTrack Forensics (no swap)
kernel                /boot/vmlinuz BOOT=casper boot=casper nopersistent rw vga=0×317
initrd                /boot/initrdfr.gz
title                Start BackTrack in Safe Graphical Mode
kernel                /boot/vmlinuz BOOT=casper boot=casper xforcevesa rw quiet
initrd                /boot/initrd.gz

title                Start Persistent Live CD
kernel                /boot/vmlinuz BOOT=casper boot=casper persistent rw quiet vga=0×317

initrd                /boot/initrd.gz
title                Start BackTrack in Text Mode
kernel                /boot/vmlinuz BOOT=casper boot=casper nopersistent textonly rw quiet
initrd                /boot/initrd.gz
title                Start BackTrack Graphical Mode from RAM
kernel                /boot/vmlinuz BOOT=casper boot=casper toram nopersistent rw quiet
initrd                /boot/initrd.gz
title                Memory Test
kernel                /boot/memtest86+.bin
title                Boot the First Hard Disk
root                (hd0)
chainloader +1

Reboot and either select “Start Persistent Live CD” or just wait since we set it to auto-boot to persistent mode. To test it, create a file and reboot again. If your file is still there, everything is golden.
Install Nessus
Download the Ubuntu Nessus and NessusClient packages from nessus.org. The 32-bit 8.10 version worked fine for me.  Again, with Backtrack 4 things are little easier. To install the Nessus server, simply execute the following command to install the package.

dpkg install Nessus-4.0.2-ubuntu810_i386.deb

Things used to be a little bit more complicated for the client, but with the release of the pre-final version, it is just as easy as installing as the server.

dpkg install NessusClient-4.0.2-ubuntu810_i386.deb

Finally it’s time to configure Nessus. Execute each of the following and follow the prompts. My entries are below for fun.

#create server certificate
/opt/nessus/sbin/nessus-mkcert
This script will now ask you the relevant information to create the SSL
certificate of Nessus. Note that this information will *NOT* be sent to
anybody (everything stays local), but anyone with the ability to connect to your
Nessus daemon will be able to retrieve this information.
CA certificate life time in days [1460]:
Server certificate life time in days [365]:
Your country (two letter code) [FR]:US
Your state or province name [none]:Confused
Your location (e.g. town) [Paris]:Somewhere In Time
Your organization [Nessus Users United]:
.
.
.
Congratulations. Your server certificate was properly created.
.
.
# add user
/opt/nessus/sbin/nessus-adduser
Login :Me
Authentication (pass/cert) : [pass]
Login password :
Login password (again) :
Do you want this user to be a Nessus ‘admin’ user ? (can upload plugins, etc…) (y/n) [n]:y
User rules
———-
nessusd has a rules system which allows you to restrict the hosts
that Me has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the nessus-adduser manual for the rules syntax
Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)
Login             : Me
Password         : ***********
This user will have ‘admin’ privileges within the Nessus server
Rules             :
Is that ok ? (y/n) [y]y
User added

We want to disable Nessus starting at boot. We are going to do some things a little later than require that Nessus not be running at boot.
/usr/sbin/update-rc.d -f nessusd remove

This command does not remove the Nessus start scripts. It only removes the links that cause Nessus to start at boot time.

The next thing we need to do is register our installation so we can get the plugin feed. You need to go here and request a key. That is a link to the free feed for home use. Use appropriately.
Once you have your key. Execute the following to update your plugins. Please note that there are two dashes before register in the nessus-fetch line below. They can display as one sometimes.

/opt/nessus/bin/nessus-fetch register [your feed code here]

When that is done, and it is going to take a few minutes, you are ready to start the server and client. Be aware that with version 4.0, while the command to start returns quickly, the actual starting of the service may take a minute or two. In many cases, I have actually had to reboot before Nessus started working. You can use netstat -na to check that the server is listening on port 1241.

/etc/init.d/nessusd start
/opt/nessus/bin/NessusClient

Configure Encryption
Since we are using this tool to poke at peoples networks and systems, with permission of course, it is very important that the information we find be protected. To do this, we are going to setup an encrypted volume that will eventually become our home directory.
This can be done with the gui or via command line. We will be using the gui because we need to be able to format the volume with ext3 and, as yet, I have not been able to figure out how to do that via the command line on linux.
Truecrypt Configuration (Time 0_00_12;24)
Truecrypt Configuration (Time 0_00_16;18)
Truecrypt Configuration (Time 0_00_28;12)
Truecrypt Configuration (Time 0_00_28;12)
Truecrypt Configuration (Time 0_00_29;00)
Truecrypt_size
Truecrypt Configuration (Time 0_00_41;18)
Truecrypt Configuration (Time 0_00_44;24)
Truecrypt_type
Truecrypt Configuration (Time 0_00_50;18)
You will get a message that the volume was successful created. Click on the ‘OK’ button, then exit the Truecrypt gui, both the ‘Create Volume’ windows and the main windows. We want to be back at the command prompt at this point.
If you want to test the your filesystem, execute the following, note the -k ” is two single quotes, not a double quote:

truecrypt -t -k ” protect-hidden=no /my_secret_stuff /media/truecrypt1
mount
cd /media/truecrypt1
df .

This will show that the volume is mounted and the amount of disk space you have left. Our next step is to have this volume mounted when we log in. We do this by editing the root user’s .profile file. Add the truecrypt command above to root’s .profile so it looks like this:

# ~/.profile: executed by Bourne-compatible login shells.
if [ "$BASH" ]; then
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
fi

truecrypt -t -k '' --protect-hidden=no /my_secret_stuff /media/truecrypt1

mesg n

The next time you reboot you will be asked for the password for the volume and it will be mounted for you.

Now it is time to tweak a few tings

Tweak a few things
The first thing we are going to do is go ahead and configure networking to start at boot time. It’s convenient and easy to disable if we need to. All we have to do is execute the following command.

/usr/sbin/update-rc.d networking defaults

Next thing we want to do is make sure all our tools and the system itself is up-to-date. First execute the following:

apt-get update

This is update the software repository information. Next, execute the this command:

apt-get upgrade

The system will determine if there is anything that needs to be updated and then prompt you to continue. Individual packages can be updated by including the package name after upgrade.
This next bit is interesting and I was surprised it worked. We are going to reset the root user’s home directory during the login process to the mounted truecrypt volume. This will ensure that anything written to the home directory will be encrypted.  The following commands will set this up for us:

cd /media/truecrypt1
rsync -r –links /root/ .
# add the bold lines below
vi /root/.profile

# ~/.profile: executed by Bourne-compatible login shells.
if [ "$BASH" ]; then
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
fi

truecrypt -t -k '' --protect-hidden=no /my_secret_stuff /media/truecrypt1

export HOME=/media/truecrypt1
export HISTFILE=/media/truecrypt1/.bash_history


cd

mesg n

:wq

The next time you reboot, when you are finally in the system, your home directory will be /media/truecrypt1.
There is one last thing we want to do. We want to change nessus to log to the encrypted volume. This is very easy. The file that controls this is /opt/nessus/etc/nessus/nessusd.conf. We need to create a place for the log files to go. So execute the following

cd /media/truecrypt1
mkdir -p nessus/logs

Once you have done that, edit the /opt/nessus/etc/nessus/nessusd.conf file and change this:

.
.
.
# Log file :
logfile = /opt/nessus/var/nessus/logs/nessusd.messages
# Shall we log every details of the attack ? (disk intensive)
log_whole_attack = no
# Dump file for debugging output
dumpfile = /opt/nessus/var/nessus/logs/nessusd.dump
.
.
.

to this:

.
.
.
# Log file :
logfile = /media/truecrypt1/nessus/logs/nessusd.messages
# Shall we log every details of the attack ? (disk intensive)
log_whole_attack = no
# Dump file for debugging output
dumpfile = /media/truecrypt1/nessus/logs/nessusd.dump
.
.
.

That’s it. You are all done now.

BackTrack links
Categories
BackTrack Bootable BT BT 4 BT4 Linux Passwords Ubuntu UNetbootin USB Utility VMWare WEP Windows WPA

How to make Backtrack 4 boot from USB

In this article we will describe how we can make a USB Bootable drive for Backtrack 4 Linux distribution. The new release is based on Debian/Ubuntu and not on Slackware as it was used to be in earlier versions (Backtrack 3 and below).

In this article the UNetbootin Windows version tool has been used to demonstrate the above scenario.

Requirements:
Minimum USB Drive capacity 1 GB
Format the USB to FAT32

Tools:
http://unetbootin.sourceforge.net/
http://www.remote-exploit.org/cgi-bin/fileget?version=bt4-beta-iso

Workaround:

1. Download BT4 Beta ISO
2. Download UNetbootin to make our usb bootable
3. Run Unetbootin and select bt4-beta.iso for diskimage
4. Select USB Drive letter and click on OK to start making a bootable usb drive

After the creation process finishes restart your machine and boot from the new usb bootable drive created and enjoy Backtrack 4 Beta on your system.

Default Backtrack 4 username is root and password is toor.

Note: Be sure that your install the MBR on the USB drive by executing drive:bootbootinst.bat on your USB drive.

Keywords:

backtrack 4 usb thumb drive bootable
backtrack4 usb boot laptop
how to make bt4 bootable from usb

BackTrack links
Categories
Aircrack-ng BackTrack Linux WGET

Keeping Backtrack up-to-date

Updating & Upgrading Backtrack

/usr/bin/apt-get -y update
/usr/bin/apt-get -y upgrade

To download and install all new updates, run

apt­-get dist-­upgrade

The first time you run the apt-get update, you may get an error “GPG error : http://ppa.launchpad.net intrpid Release: The following signatures couln’t be verified because the public key…”

Quick fix :

wget http://apt.pearsoncomputing.net/public.gpg
sudo apt-key add public.gpg
rm public.gpg

Run apt-get update again and it should work.

Upgrading the distro to the lastest version :

apt-get update && apt-get dist-upgrade -y

Warning : an “upgrade”  in BT4Beta will also upgrade KDE to 3.5.. If KDE is not working anymore after update/upgrade  ?  (a.k.a. ‘startx’ does not seem to work) :

root@bt:~# cd /etc/alternatives/
root@bt:/etc/alternatives# mv x-session-manager x-session-manager-broken
root@bt:/etc/alternatives# ln -s /opt/kde3/bin/startkde x-session-manager
root@bt:/etc/alternatives# startx

 Updating security components

/pentest/exploits/fast-track.py -i

First update fast-track, then update other individual components (Metasploit, Aircrack, nikto, etc; or choose ‘9’ to update all)
If updating nikto doesn’t work :

Updating Nikto...
cd: 1: can't cd to /pentest/scanners/nikto/
/bin/sh: ./nikto.pl: not found

Fix :

root@bt:~# mkdir /pentest/scanners/nikto/
root@bt:~# ln -s /usr/bin/nikto /pentest/scanners/nikto/nikto.pl
root@bt:/pentest/exploits/~# ./fast-track -c 1 2
Categories
BackTrack BT Google Hard Drive Install Linux Partition Remote-Exploit Ubuntu VMWare WEP Windows WPA

Installing Backtrack 3 to a harddrive

I started with a clean drive, so you might have to manipulate your partition tables. I’m going to assume that you’re comfortable working with partition tables. If not, work on your googleing.

Here are the steps I took to install Backtrack 3 on to my laptop harddrive.

1. Boot system from Backtrack 3 CD.
2. Once booted, open a terminal and type; cfdisk
3. Re-configure your partitions. I made several; / , /boot, /var, /tmp, /home, swap. Be sure to set your / or /boot partition to be bootable.
4. When your changes are complete, use the write option and type YES to confirm the changes.
5. Reboot, booting from the Backtrack 3 CD again.
6. When the system restarts, open a terminal and enter preform the following;

bt~# mkswap /dev/sda5
bt~# swapon /dev/sda5

This formats and enables swap space. You’ll need this later
7. Create directories needed to mount up the partitions you just created. I used the following;

bt~# mkdir -p /mnt/backtrack/{boot,home,tmp,var}

8. Now format and mount the partitions you created earlier in steps 1-4. I used the following commands;

bt~# mkfs.ext3 /dev/sda6
bt~# mount /dev/sda6 /mnt/backtrack/
bt~# mkfs.ext3 /dev/sda7
bt~# mount /dev/sda7/mnt/backtrack/var
bt~# mkfs.ext3 /dev/sda8
bt~# mount /dev/sda8 /mnt/backtrack/tmp
bt~# mkfs.ext3 /dev/sda9
bt~# mount /dev/sda9 /mnt/backtrack/home

9. Once all targets are mounted, use the following command to copy the live cd to your harddrive;

cp –preserve -R /{bin,dev,pentest,root,usr,etc,lib,opt,sbin}

10. Create additional directories

bt~# mkdir /mnt/backtrack/{mnt,proc,sys,tmp}

11. Mount up /mnt/backtrack/dev

bt~# mount –bind /dev /mnt/backtrack/dev

12. Mount slash proc!

bt~# mount -t proc proc /mnt/backtrack/proc

13. Copy our Linux Kernel into place

bt~# cp /boot/vmlinuz /mnt/backtrack/boot

14. Use choot to your new Backtrack 3 installation.

bt~# chroot /mnt/backtrack /bin/bash

15. Edit /etc/lilo.conf

bt~# nano /etc/lilo.conf

and ensure both the boot and root reflect your local installation. I used options similar to the following;

boot /dev/sda
root /dev/sda5

16. When your changes are complete, write the file and exit nano.
17. Install lilo on /dev/sda

bt~# lilo -v

18. Almost done! Edit /etc/fstab to reflect your partition layout. It should be pretty simple to copy and modify existing entries. Check and double check. If this file is wrong, your system may not boot.
19. Once done, exit your chrooted environment

bt~# exit

20. Reboot! Remove the CD from the drive. If everything has gone properly, your system should boot Backtrack 3. I had to login as root and use the startx command to start KDE.

BackTrack links

Categories
BackTrack Linux Security Windows

BT4 PreFinal Manual Installation to Hard Drive

Create the following volumes:

  • /dev/sda1 +64M Partition Boot Sector
  • /dev/sda2 Varies Swap
  • /dev/sda3 Varies /
  • /dev/sda4 Varies Windows (this is optional)

Format Drives

  • root@bt:~# mke2fs /dev/sda1
  • root@bt:~# mkswap /dev/sda2
  • root@bt:~# swapon /dev/sda2
  • root@bt:~# mkreiserfs /dev/sda3

Manually Copy OS Files

  • root@bt:~# mkdir /mnt/bt4
  • root@bt:~# mount /dev/sda3 /mnt/bt4/
  • root@bt:~# mkdir /mnt/bt4/boot
  • root@bt:~# mount /dev/sda1 /mnt/bt4/boot
  • root@bt:~# cp –preserve -R /{bin,dev,home,pentest,root,usr,boot,etc,lib,opt,sbin,var} /mnt/bt4/
  • root@bt:~# mkdir /mnt/bt4/{mnt,tmp,proc,sys}
  • root@bt:~# mount -t proc proc /mnt/bt4/proc
  • root@bt:~# mount -o bind /dev /mnt/bt4/dev/

Kernel BootSplash

  • root@bt:~# cd /media/cdrom0/boot
  • root@bt:~# cp –preserve -R {bootsplash,vmlinuz,initrd.gz} /mnt/bt4/boot/

Switch to Newly Created Installation

  • root@bt:~# chroot /mnt/bt4/ /bin/bash

Edit GRUB

  • root@bt:~# nano /boot/grub/menu.lst

———————————————————————————-
timeout 5 #The number of seconds GRUB should wait before booting an OS
default 0 #The entry which should be booted by default
fallback 1 #The entry which should be booted in the event of the first one failing

splashimage=(hd0,0)/grub/bt4.xpm.gz

# This is an example of using a separate partition for /boot (as in this example)
title BT4 PreFinal
root (hd0,0) # Boot Partition
kernel /vmlinuz root=/dev/sda3 rw vga=0x317 # 0x317 defines the right resolution for the monitor
initrd /initrd.gz
bootsplash

title Microsoft Windows XP Home #An entry for a Windows installation
root (hd0,3)
makeactive
chainloader +1
———————————————————————————-

Installing GRUB (When /boot resides in its own partition as in this example)

  • root@bt:~# grub
  • grub> find /grub/stage1
    (hd0,0)
  • grub> root (hd0,0)
  • grub> setup (hd0)
  • grub> quit

Note: The “root” line must point to the location of your /boot/ partition if you have one. If you do not have one, point it at your / partition.

Categories
BackTrack BT BT4 HD HDD ISO Linux Ubuntu VMWare WEP Windows WPA

HowTo: Backtrack 4 (Beta) Hard Drive Installation

UPDATE: See BackTrack 4 Pre-Release Hard Disk Install for updated instructions for the newer BackTrack 4 Beta.

Backtrack 4 does not contain an installer, so we wrote this step by step guide based on muts cookbook on how to install Backtrack 4 on our hard disk drive.

Step 1 – Creating the partitions
First we will need to create three partitions to be able to install backtrack on our hard disk drive. We will need boot, swap and root partitions to be created. (We can still create 2 partitions and install the boot inside the root partition)

fdisk /dev/sda

Creating the partitions

Enter ‘n‘ for new partition.
Enter ‘p‘ for primary.
Partition number ‘1‘.
Press Enter to accept default First cylinder.
Enter Size: ‘+256M

Enter ‘n‘ for new partition.
Enter ‘p‘ for primary.
Partition number ‘2‘.
Press Enter to accept default First cylinder.
Enter Size: ‘+1024M

Enter ‘n‘ for new partition.
Enter ‘p‘ for primary.
Partition number ‘3‘.
Press Enter to accept default First cylinder.
Enter Size: ‘+32G‘ NOTE: I used 32GB, you can use a size you prefer.

NOTES:
– Select ‘p’ to print the partition table and verify newly created partitions.

Type ‘w‘ to write changes and exit fdisk.

Activate Boot Partition & Specify Swap

Step 2 – Format the file systems
I formated my file system with mkreiserfs for root partition, ext2 for boot and swap for the swap partition.

mkfs.ext2 /dev/sda1

prepare swap using:

mkswap /dev/sda2
swapon /dev/sda2

mkfs.reiserfs /dev/sda3

Step 3 – Mount and Copy Directories

Now its time to copy over the backtrack files to the hard drive and configure it to run the backtrack on boot.

Mount and Copy the Directory Structure using:

mkdir /mnt/bt4
mount /dev/sda3 /mnt/bt4/
mkdir /mnt/bt4/boot
mount /dev/sda1 /mnt/bt4/boot/
cp –preserve -R /{bin,dev,home,pentest,root,usr,boot,etc,lib,opt,sbin,var} /mnt/bt4/
mkdir /mnt/bt4/{mnt,tmp,proc,sys}
chmod 1777 /mnt/bt4/tmp/
mount -t proc proc /mnt/bt4/proc/
mount -o bind /dev /mnt/bt4/dev/
chroot /mnt/bt4/ /bin/bash

NOTE: The copy operation will take some time so be patient until it finish

Step 4 – Configure Bootloader

nano /etc/lilo.conf

We will need to configure /etc/lilo.conf and define the boot and root partition so we will be able to boot into backtrack. In case we do not correctly define the root partition we will get an error “Kernel panic: no init found”.

Configure fstab

Edit /etc/fstab and append the following lines:

/dev/sda3 / reiserfs defaults 0 0 # AutoUpdate
/dev/sda2 none swap sw 0 0

Execute lilo -v

NOTE: lilo may not be installed, if not make sure you are connected to the Internet (use ifconfig to view IP address, etc., and dhclient to renew IP address if necessary). Once connected run the following to install lilo.

apt-get install lilo

You will receive the message, “LILO configuration
It seems to be your first LILO installation. It is absolutely necessary to run liloconfig(8) when you complete this process and execute /sbin/lilo after this.
LILO won’t work if you don’t do this.

So, select OK then run liloconfig, then /sbin/lilo. If you get the message, “fatal: cannot open: /etc/lilo.conf” you are basically screwed and need to search for a solution.

Execute lilo -v and reboot

Reference: http://www.offensive-security.com/documentation/bt4install.pdf

BackTrack links

Keywords:

install bt4 final to the hard disk hdd
backtrack 4 no clients
make persistent hard drive install
install backtrack 4 from usb to hard drive
bt4 manual
backtrack 4 hdd image

Categories
BackTrack BT Google Linux Security Ubuntu VMWare WEP Windows WPA

Installing Backtrack 3 to a harddrive

I started with a clean drive, so you might have to manipulate your partition tables. I’m going to assume that you’re comfortable working with partition tables. If not, work on your google-fu.

Here are the steps I took to install Backtrack 3 on to my laptop harddrive

1. Boot system from Backtrack 3 CD.

2. Once booted, open a terminal and type cfdisk

3. Create these 3 partitons:

A. sda1=/boot
B. sda2=swap
C. sda3= /

NOTE: Format A and C using mkfs.ext3 /dev/sda1 and mkfs.ext3 /dev/sda3.

4. Boot your live CD and open a bash shell and begin. If your swap is not yet made then do this..(otherwise omit this step)

bt~# mkswap /dev/sda2
bt~# swapon /dev/sda2

5. Starting installation

bt~# mkdir /mnt/backtrack
bt~# mount /dev/sda3 /mnt/backtrack/
bt~# mkdir /mnt/backtrack/boot/
bt~# mount /dev/sda1 /mnt/backtrack/boot/

(note: If you only have one partiton to install backtrack to simply omit this step)

bt~# cp –preserve -R /{bin,dev,pentest,usr,etc,lib,opt,sbin,var,root} /mnt/backtrack/
bt~# mkdir /mnt/backtrack/{mnt,proc,sys,tmp,boot,root}
bt~# mount –bind /dev/ /mnt/backtrack/dev/
bt~# mount -t proc proc /mnt/backtrack/proc/
bt~# cp /boot/vmlinuz /mnt/backtrack/boot/

6. Now for lilo.

bt~# chroot /mnt/backtrack/ /bin/bash
bt~# nano /etc/lilo.conf

7. Now I like to delete all the BS in the lilo config file so here is what mine would look like. (remember to set your own VGA accordingly )

lba32
boot /dev/sda
prompt
timeout=60
change-rules
reset
vga=791
image = /boot/vmlinuz
root = /dev/sda3
label = backtrack3_final

GRUB users (Thanks to drwalter)

title Backtrack 3 KDE
rootnoverify (hd0,2)
kernel /boot/vmlinuz vga=791 root=/dev/sda3 ro autoexec=xconf;kdm
boot

title Backtrack 3
rootnoverify (hd0,2)
kernel /boot/vmlinuz vga=791 root=/dev/sda3 ro
boot

REMEMBER: hd0,2 would be for partition 3 NOT 2. Change accordingly!

Excellent. Save that and then execute lilo (I like to use the verbose flag)

bt~# lilo -v

after that exit your chroot enviorment

bt~# exit

and reboot and cross your fingers

bt~# reboot

BackTrack links
Categories
BackTrack Linux SSH

BackTrack SSH Configuration

Edit ssh config and disable root logon via ssh :

sudo vi /etc/ssh/sshd_config

and set “PermitRootLogin” to no.

If you get an error about the ssh_host_dsa_key or ssh_host_rsa_key not being found, generate the keys and try again

Starting OpenBSD Secure Shell server: sshd
Could not load host key: /etc/ssh/ssh_host_dsa_key
Could not load host key: /etc/ssh/ssh_host_rsa_key

Generate host keys :

ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

Start sshd (“sudo /etc/init.d/ssh start”)
If you want to enable ssh to start at boot time, run update-rc.d ssh defaults

Categories
BackTrack Linux Pyrit wifi WPA

BackTrack: Pyrit demonstration (GPU cracking video)

Pyrit takes a step ahead in attacking WPA-PSK and WPA2-PSK, the protocols that protect today’s public WIFI-airspace. Pyrit’s implementation allows to create massive databases, pre-computing part of the WPA/WPA2-PSK authentication phase in a space-time-tradeoff. The performance gain for real-world-attacks is in the range of three orders of magnitude which urges for re-consideration of the protocol’s security. Exploiting the computational power of Many-Core- and other platforms through ATI-Stream, Nvidia CUDA, OpenCL and VIA Padlock, it is currently by far the most powerful attack against one of the world’s most used security-protocols. For more background see this article on the project’s blog.

In this video, PureH@te Short demos the passthrough option of pyrit which eliminates the need for giant tables taking up all your hard drive space.