Thursday, May 26, 2011

HOWTO : Back|Track 5 on VirtualBox 4.0.8

(A) Install Back|Track 5 on VirtualBox

Install VirtualBox 4.0.8 on the host computer, such as Ubuntu 11.04 as usual. Then install Back|Track 5 on the VirtualBox. Next is to install Oracle VM VirtualBox Extension Pack and Guest Additons.

Oracle VM VirtualBox Extension Pack is installed on the host computer, such as Ubuntu 11.04. You can find it on the Download page.

To install Guest Additons, just click "Devices" -- "Install Guest Additions" on the menu.

Do the following on the guest computer (Back|Track 5) :

cd /media/VBOXADDITONS_4.0.8_71778
./VBoxLinuxAddtions.run


To fix the boot up screen.

fix-splash

Do the following on the host computer (Ubuntu 11.04) :

Add you (username) to the group of vboxusers, e.g. samiux as username.

useradd -G vboxusers samiux

Go to "Users and Groups", "Advanced Settings" -- "User's Rights" select "Use VirtualBox solution".

Then, reboot your host to make it effective.

Remember not to enable USB 2.0 on the VirtualBox as some USB dongles do not work properly when it is enabled.

Finally, the following wireless USB dongles have been tested and they are all working perfectly out of the box. They are all support injection too.

TP-Link TL-WN321G 54Mbps Wireless G USB Adapter
TP-Link TL-WN821N 300Mbps Wireless N USB Adapter
TP-Link TL-WN822N 300Mbps High Gain Wireless N USB Adapter


*** This tutorial is also applied to VirtualBox 4.1.2.

Remarks :

When the kernel of Back|Track 5 is upgraded, the Guest Additions will be damaged. You need to do the following on Back|Track 5 and then reinstall the Guest Additions :

prepare-kernel-sources
cd /usr/src/linux
cp -rf include/generated/* include/linux/


(B) Create Metasploitable virtual machine (Optional)

Go to the following link to download the "Metasploitable" which is an Ubuntu 8.04 server with some flaws.

http://blog.metasploit.com/2010/05/introducing-metasploitable.html

Set the downloaded Metasploitable as virtual hard drive at VirtualBox. The network adapter is set to "Host-Only". The virtual hard disk space is at least 8GB and 512MB RAM for the Metasploitable.

(C) The VirtualBox intranet

Now, the IP address of eth0 of Metasploitable is similar to 192.168.56.101. The IP address of eth0 and eth1 of Back|Track are similar to 10.0.2.15 and 192.168.56.102 respectively.

You may require to execute the following command at Back|Track in order to see the two network interfaces and their IPs.

/etc/init.d/networking restart

Back|Track can access (or ping) Metasploitable via IP address. Back|Track can surf the internet but Metasploitable cannot.

At last, your penetration environment is set up.

(D) Free Tutorials

(1) Metaploit Unleashed
(2) Fast-Track
(3) Social-Engineer Tootkit
(4) Got Milk?
(5) How to Metasploit Beginner to Advanced (Video)
(6) SecurityTube.net (Video)
(7) BackTrack WiKi

(E) Non-free Training

Offensive Security

(F) Resources

(1) Exploits Database
(2) Metaploit Blog
(3) Offensive security Blog
(4) Yet another Back|Track in Gnome
(5) Metasploit
(6) Google Hacking-Database
(7) BackBox Linux

You may find the following links useful :

HOWTO : Bug fix for Back|Track 5

HOWTO : WEP cracking with Back|Track 5

HOWTO : WPA/WPA2 cracking with Back|Track 5

HOWTO : No skill hacking with Armitage on Back|Track 4 R2

HOWTO : Sniffing SSL with ettercap on Back|Track 5

HOWTO : The Onion Router (Tor) on Back|Track 5

HOWTO : FeedingBottle 3.2 on Back|Track 5

HOWTO : Update script for Back|Track 5

HOWTO : Yet Another Update script for Back|Track 5

HOWTO : Yet Another Back|Track 5 on Dell Streak 5

HOWTO : RTL8191SE wireless card on Back|Track 4 R2

HOWTO : Adobe Flash 10.3 on Back|Track 5

HOWTO : Back|Track 5 on Lenovo ThinkPad X100e

Does Snort really protect your network?

HOWTO : Solves the Wireshark not loading on Back|Track 5

HOWTO : Register to OSVDB and Nessus on Back|Track 5

HOWTO : Anonymous in chat.freenode.net with XChat

HOWTO : Pure-ftpd and atftpd on Back|Track 5

HOWTO : SSH Tunneling - Remote Port Forwarding

HOWTO : Penetration Testing in the Real World

g0tmi1k's Video Series

That's all! See you.