Hacking with backtrack for Bachelor students in HUFS

1. HACKING WITH
BACKTRACK 5
Zia Ush Shamszaman
ANLAB, ICE, HUFS
Date: 20130412

2. !!Caution!!
This material is for educational
purpose only. We don't intend to ha
ck, crack or anything about
cyber crime

3. Open a terminal in Back track

4. Check your Network and Internet
• Open a terminal type “Ping www.google.com”
• If not working then do this…
• Application > Internet > Wicd Network Manager
• Select Wire/Wireless
• Click the Connect button
• If still have problem then check your Virtual box n
etwork option

5. Using apt-get command
• root@bt:~#
• apt-get update && apt-get upgrade && apt-get dist-upgrade

6. Information Gathering
• Copying the victim web site
• HTTrack is a tool that can copy a website page-by-page a
nd we browse it offline
• Step-1: Open a terminal
• Step-2: Type “apt-get install httrack” // This will install the package
if it is not available in your system
• Step-3: Type “httrack”
• Step-4: Enter project name
• Step-5: Enter the location where the site will be stored
• Example: /root/test
• Step-6: Enter the URL of the victim site

7. Domain Information Collection
• Whois command
• Usinf this command you can collect the domain informatio
n of the victim
• Open a terminal
• Type: “whois <victimdomain>”
• Example: whois hufs.ac.kr
• www.domaintools.com is also an useful web tool to dig a
particular domain name.

8. Collecting email id
• Step-1: Open a terminal
• Step-2: Type “msfconsole” // This is a special tool of ba
cktrack
• Step-3: Type “use gather/search_email_collector”
• Step-4: Type “show options”
• Step-5: Type: “set DOMAIN <victimedomain_name>”
• Example: Type “run”
See the magic

9. Collect Victim information by “Zenmap”
• Application>Internet>Zenmap
• Enter victim IP address/Domain name in the “Target”
• Select a scan type in the “Profile”
• Check Hosts and Service in the left panel
• Select a service to check the open port
• Check Topology
• Check Host Details
• Check Nmap output

10. How to use Wireshark
• Application > Backtrack > Forensics> Network Forensics>
Wireshark
• Select the Interface, e.g eth0
• Select Start
• See the live packets area transferring through the interfac
e
• Go to capture menu
• Stop the capture process
• Go to File menu and Save it in Desktop
• Go to File menu and open the captured fil
Now its all yours..Play with it !! J

11. Man in the Middle Attack

12. Man in the Middle Attack
Before we going to start ettercap we have to configure the /etc/etter.conf
file at /etc.etter.conf
Remove two # from here

13. Step-1

14. Step-2

15. Step-3

16. Step-4

17. Step-5

18. Step-6
Add the Gateway

19. Step-7
Select Victim IP

20. Step-8

21. Step-9

22. Step-10

23. Step-11

24. Step-12

25. Step-13

26. Step-14

28. Step-15

29. Don’t do anything harmful
Thank You J

30. Extra Slides

31. How Port and IP works !

32. HOW DNS Query Works