BackTrack – Testing Wireless Network Security
BackTrack – Testing Wireless
Network Security
Installing and Configuring
BackTrack
In this chapter, we are going to look at the following with respect to using BackTrack:
• Downloading and configuring BackTrack
• Installing BackTrack
• Updating BackTrack
• Validating the interfaces
• Customizing Gnome
• Creating a virtual machine
Before we focus on downloading, installing and configuring Backtrack,
I will provide a brief introduction to Backtrack. The BackTrack distribution is
actually a combination of two different distributions merged together. There
are many distributions that are available, but BackTrack distribution has been
created specifically for professional security and penetration testing. The BackTrack
distribution was the result of a merger between the two distributions Whax and
Auditor. For a brief on some of the distributions, including Auditor, you can find
a presentation that I gave at Black Hat in 2005 via this link:
http://www.blackhat.com/presentations/bh-usa-05/bh-us-05-cardwell.pdf
The name BackTrack comes from the term backtracking, which is the name of a
search algorithm.
Installing and Configuring BackTrack
[ 6 ]
Downloading and configuring BackTrack
The BackTrack distribution comes in a variety of formats; the format you choose
is largely a matter of personal preference and your comfort with creating virtual
machines. Each one of the distributions has the same tools; they only differ in
the utilities that are available with the desktop once you enter the windowing
environment. The available distributions come in either a 32-bit or 64-bit distribution;
most users will be fine with 32-bit distributions. The main consideration is the amount
of random accessory memory (RAM) you will have available for the installation. If you
can allocate more than 4 GB of RAM, you can choose the 64-bit distribution; if not then
go with the 32-bit option. BackTrack will work with as little as 1 GB of RAM, but the
tools you use within it might need more, so 2 GB or more is recommended.
An important point to note is that you should always verify the image files
of anything you download. That is why there is an MD5 hash for each of the
downloads. If you do not know how to do this, you can do a search for it on the
Internet. There are a number of tools that can be downloaded to assist you with
verifying the hash of a file.
The ISO file allows you to take the image and burn it to a DVD, allowing you to boot
from the image and run BackTrack from the DVD. Alternatively, you can also mount
the image using a virtualization tool and boot it that way.
For our purposes, we will use the virtual machine, as it is easy to use and has been
configured with the tools; this allows you to copy and paste within the VM and have
a full screen virtual environment. We will also include steps later in the chapter for
booting the ISO image in VMware Workstation, as that will result in the identical
interface that will be experienced when booting from a DVD image. VMware
Workstation was one of the first virtual environment software products and allows
us to run multiple computers on one machine.
BackTrack can be downloaded from its official website at http://www.BackTracklinux.
org/downloads/. Once you go to the website, you will see that there is a
registration request there; this is optional, and downloading the distribution is not
required. On the Downloads page, you will see a drop-down window that you will
use to select the version of the distribution that you want to download. Once you
click on the drop-down window, the other windows will be populated as displayed
in the next screenshot:
Chapter 1
[ 7 ]
We will be using the BackTrack 5 R3 distribution with the window manager Gnome
(32-bit) and the VMware image installation for the book; download the image, and
then we will continue with the installation.
Installing BackTrack
Once you have downloaded the image, you will need to have certain VMware
software to run the image; you can get the software from www.vmware.com. VMware
Player is smaller with fewer options, although VMware Workstation contains many
features. Both versions have a trial version available, and it is recommended that you
select one and try it out. For this book, we are using VMware Workstation Version 9
as that is the latest version as of this writing. To access the software downloads page,
go to http://www.vmware.com/products/workstation/index.html. VMware
software allows you to perform many functions in a virtual environment, and this
can be an additional security measure for you. If you are using a Mac, you will need
to download VMware Fusion for that; refer to http://www.vmware.com/products/
fusion/overview.html. Also, if you want to use the ISO image to create a DVD and
boot from that, you can do that too. The way in which we start BackTrack is the only
thing that differs from the other distributions; once they start, they all require the
same number of steps to be configured and used.
Installing and Configuring BackTrack
[ 8 ]
You may also want to note here that there are more virtualization products than
VMware, and if you want to try others, you may; some of the popular, free ones are:
• VirtualBox – https://www.virtualbox.org/wiki/Downloads
• Xen – http://www.xen.org/products/downloads.html
• Hyper-V – http://www.microsoft.com/en-us/server-cloud/hyper-vserver/
default.aspx
Hyper-V requires you to have either Windows Server 2008 or Windows Server 2012
installed. There are two reasons why we are using VMware Workstation in this book:
• It has fantastic documentation and support
• The image from BackTrack has the tools installed, and this makes for much
better user experience
As always, software is a matter of personal preference and taste, so try different
versions and see which one works best for you.
The procedure for starting the tool once you have downloaded the virtual machine
is pretty straightforward. Open the image in the virtual machine tool you are using
and check the settings. You should see a screen similar to the one shown in the next
screenshot. You want to check that there is a network adapter present, and that the
RAM is set to a value that you can support on your host machine. As a reminder,
2 GB of RAM is recommended. An example is shown in the next image where the
RAM is not sufficient and would need to be changed; you do this by clicking on
Edit virtual machine settings. Once you have configured this, click on Power on
this virtual machine. If you are prompted before the VM boots up, leave the default
settings, as they are and let the machine boot.
Chapter 1
[ 9 ]
Once the machine has booted, you will need to log in with root as the ID and a
password of toor (root in reverse). This will bring you to the shell interface of
BackTrack. We want to start up the windowing environment, but before we do that,
we want to check and verify that our network has started. Enter ifconfig; you
should see a result similar to in the next screenshot:
In some versions of the BackTrack distribution, you might not have an interface
named eth1. If you only have the lo (loopback) interface, you have to start the
network; the way to do this is by using /etc/init.d/networking start.
This will start your network.
root@bt:~# /etc/init.d/networking start
To avoid having to do this the next time you start BackTrack, enter the update-rc.d
networking defaults command. This will change the configuration, and each time
you start BackTrack, the network will be started for you.
root@bt:~# update-rc.d networking defaults
There is a possibility that when you restart, you will not get a network address;
this is rare with the latest software, but just in case, you might want to enter the
ifconfig command again.
root@bt:~# ifconfig
If you are not connected to the network, that is, if you don't have an IP address,
you can enter dhclient.
root@bt:~# dhclient
Installing and Configuring BackTrack
[ 10 ]
Next, you want to start the XWindows environment; you do this by entering the
startx command in the command shell.
root@bt:~# startx
This will start the XWindows Gnome desktop. Once the window comes up, the first
thing you want to do is to open a shell on your desktop. You can accomplish this by
going to Applications | Accessories | Terminal. The next thing you want to do is to
fix your display within the virtual environment inw the VMware Workstation menu
at the top of the screen. Navigate to View | Fit Guest Now to correct the display;
your screen should now be in fullscreen mode, as shown in the following screenshot:
Next, you want to change the password from the default value of toor, which is not
a strong password. And to be honest, everyone knows it; so let us change it now. In
your command shell terminal window, enter passwd.
root@bt:~# passwd
Chapter 1
[ 11 ]
This will start the password change process. Enter a password of your choice; it will
not echo on the screen as you type it in, and you will be requested to re-enter your
password to confirm it. Make sure you do not forget your password, as it can be a
challenge to recover it; it is not impossible, but it is a challenge nonetheless and is
beyond the scope of this book.
As you can see from the previous screenshot, there is a transparent background
in the shell. There is a simple procedure to customize your shell, and we will do
that now. I prefer to have a white background with black text, which we will now
configure. In the title of the terminal window, navigate to Edit | Profile Preferences.
Once the window opens, you want to click on Background; this is where you will
set the transparency of the shell window. My preference is to have no transparency,
click on Transparent Background, then drag the slider to the right and set it to
Maximum as shown in the next screenshot:
Installing and Configuring BackTrack
[ 12 ]
The next thing we will set is the actual colors of the terminal windows. We do this
by clicking on Colors and then setting the colors for the terminal as identified in the
following screenshot:
Once you have set the colors and transparency for the terminal, you should have
a shell with the colors that you prefer and customized in your profile, so that each
time you open a terminal window it will be configured to your preferences.
Updating BackTrack
Now that we have set up the basics on our BackTrack machine, we want to update
the tool and make sure that it is current. The developers of BackTrack have instituted
an update capability using the apt-get utility. The first thing we want to do is to
update the package. This requires a working Internet connection on your host; verify
this by opening a web browser window and accessing a website. Once you have
verified that you are connected to the Internet, go back to the BackTrack machine
and enter the apt-get update command in a terminal window.
root@bt:~# apt-get update
Chapter 1
[ 13 ]
Once you have entered the command, you should see a display similar to the one
shown in the next screenshot:
Once the update has finished, there should be a message saying that the update
was successful. Once the update is complete, the next thing to do is to upgrade the
distribution itself; we do that also with the apt-get command. Enter apt-get distupgrade
in the terminal window.
root@bt:~# apt-get dist-upgrade
The output of this command should be similar to the one in the following screenshot:
The output indicates the packages that are available and will be upgraded. Once
you have reviewed them, you are ready to do the upgrade; enter Y to start the
upgrade. Once the upgrade has finished, you are done with the main updates
and upgrades for BackTrack.
Installing and Configuring BackTrack
[ 14 ]
Validating the interfaces
There is one more thing we want to correct when it comes to our network, because
there is a problem with the allocation of the interfaces at boot time when you make
copies of a Linux virtual machine. If you enter ifconfig and your interface does not
say eth0, you should correct the network.
root@bt:~# ifconfig
We do this by opening the configuration file and removing all references to the
network interfaces that are there. In your shell, enter gedit.
root@bt:~# gedit
This will open the graphical editor that is contained within the Gnome distribution.
In the editor, navigate to File | Open; when the window opens, navigate to the
configuration file that is located at /etc/udev/rules.d/. To navigate to the folder,
click on the File System folder in the window. This will put you in the root of the
file system; then, it is only a matter of drilling down until you get into the rules.d
folder. Select and open the 70-persistent-net.rules file. Once you are in the
file, delete the old interfaces that are there; highlight the line that starts with # PCI
Device and all the lines after that right up to the end of the file, and then delete
them as shown in the next screenshot:
No comments:
Post a Comment