How to Get an Account Facebook With Web Clone in Backtrack Unknown rwxr-xr-x 0 04:00

Title	How to Get an Account Facebook With Web Clone in Backtrack
Permission	rw-r--r--
Author	Unknown
Date and Time	04:00
Category
Share

irst open your backtrack terminal and type ifconfig to check your IP 



Now Again Open Your Backtrack terminal and Type cd  /pentest/exploits/set
Now Open Social Engineering Toolkit (SET) ./set

Now choose option 2, “Website Attack Vectors”.

In this option we will select option 4 “Tabnabbing Attack Method”.

In this option we will choose option 2 “Site Cloner”.

Enter the URL of the site you want to clone. In this case http://www.gmail.com and hit enter. SET will clone up the web site. And press return to continue.

Now convert your URL into Google URL using goo.gl and send this link address to your victim via Email or Chat.

Pentest using Raspberry Pi Unknown rwxr-xr-x 0 22:21

Title	Pentest using Raspberry Pi
Permission	rw-r--r--
Author	Unknown
Date and Time	22:21
Category
Share

What is Raspberry Pi? Raspberry Pi is an ARM GNU / Linux box mini size. It used by some people to create mini PC to support their works. Raspberry Pi can be plugged in to your LCD monitor using HDMI and your USB keyboard or mouse because Raspberry Pi have not output and input device. Raspberry Pi is also used as a penetration testing box. By installing Backtrack Linux or Kali Linux it will be a pentesting device. You can install some tools for penetration testing for information gathering, vulnerability exploitation, maintaining access, reverse engineering, social engineering, etc.

Now let’s choose some penetration distribution for pentesting. Out beloved penetration distribution, Backtrack Linux, can't run on Raspberry Pi without modifications. But BackTrack Linux’s successor “Kali Linux” can run on Raspberry Pi. Not only available for Raspberry Pi , but also available for other ARM architectures. Kali Linux is based on Debian GNU / Linux distribution.

Kali Linux’s tools are categorized as Top 10 Security Tools, there are :

1. Information Gathering
2. Vulnerability Analysis
3. Web Applications
4. Password Attacks
5. Wireless Attacks
6. Exploitation Tools
7. Sniffing/Spoofing
8. Maintaining Access
9. Reverse Engineering
10. Stress Testing
11. Hardware Hacking
12. Forensics
13. Reporting Tools

You can download Kali Linux Raspberry Pi version from http://cdimage.kali.org/kali-images/kali-linux-1.0-armel-raspberrypi.img.gz

Now the other distribution is Raspberry Pwn. Raspberry Pwn is an installer from Pwnie Express for transforming a Debian distribution on Raspberry Pi into a penetration testing tool.

Installation of Raspberry Pwn

• Resize the root partition and use the whole SD card.
• Start the SSH service and SSH into your Raspberry Pi so that you can have access into the terminal or console of your Debian box
• Change to the root user:
  # sudo -s
• Install git (Must connected to the Internet):
  # apt-get install git
• Download or clone the Raspberry Pwn installer from:
  # git clone https://github.com/pwnieexpress/Raspberry-Pwn.git
• Move into the Raspberry-Pwn directory and run the installer script:
  # cd Raspberry-Pwn
  # ./INSTALL_raspberry_pwn.sh

Not only these 2 Linux penetration distribution for Raspberry Pi but there are many of them, PwnPi, PwnBerryPi, and etc.

Information Gathering Using Domain Name Unknown rwxr-xr-x 0 22:18

Title	Information Gathering Using Domain Name
Permission	rw-r--r--
Author	Unknown
Date and Time	22:18
Category
Share

Hacker can gather lots of information just by identifying a domain name of the website. Yes you are right, Information Gathering Using Domain Name. Domain name is a system where we provide a hostname which is automatically converted into the real IP address, so people don’t need remember the IP address, just the domain name or DNS address. When gathering information from a domain name, the first thing need to do is WHOIS. A domain name stores the information about the registered user of domain name itself, IP address, IP address range, and etc. Not only that, with WHOIS we can get the information about domain’s registrant, his contacts, his address, when the domain will expire, etc.

WHOIS can only reveal basic information, not all of the available information of domain name. Ok lets try using WHOIS to gathering a domain information. Open your Terminal and run the WHOIS program or you can search and use free service of WHOIS in the internet.

whois google.com

Now you get domain name information. There are domain name, registered through, registrant, and domain servers. Usually, WHOIS will return the following information about a domain:

• Inetnum
  The IP range the address.
• Route
  The address prefix to be routed.
• Descr
  A short description of related to the domain.
• Origin
• Mnt-by
• Changed
  The Information about who last updated the database object of domain name.
• Source
  The database place / source of the registered domain name.

And some optional attributes are:

• Country
  The country of the domain registrant. Two letter code of the country.
• Holes
  The Lists about address prefixes that are not reachable through the route.
• Member of
• Inject
  Specifies which routers perform the aggregation.
• Aggr-mtd
• Aggr-bndry
• Export-comps
• Components
  The component routes used to form the aggregate.
• Remarks
• Notify
  The email address where the notification of updated information will be send. 
• Mnt-lower
• Mnt-routes

Remember, not all of the domain name stores its registrant data. Some of domain are private. So Information Gathering Using Domain Name is easy, right?

How to using Fern-WiFi-Cracker on Backtrack 5 R3 Unknown rwxr-xr-x 0 22:16

Title	How to using Fern-WiFi-Cracker on Backtrack 5 R3
Permission	rw-r--r--
Author	Unknown
Date and Time	22:16
Category
Share

Fern-WiFi-Cracker is a Wireless Penetration Testing Tool written in python. It provides a GUI for cracking wireless networks. Fern Wi-fi cracker automatically run aireplay-ng, airodump-ng and aircrack-ng when you execute Fern-WiFi-Cracker. They are run separately but Fern-WiFi-Cracker  uses the aircrack-ng suite of tools. You can use Fern-WiFi-Cracker  for Session Hijacking or locate geolocation of a particular system based on its Mac address. Before using Fern-WiFi-Cracker make sure that your wireless card supports packet injection.

You can open Fern-WiFi-Cracker with go to
Backtrack >> Exploitation Tools >> Wireless exploitation tools >> WLAN exploitation >> Fern-WiFi-Cracker

Then select your wireless interface

Click the Wi-Fi logo button on the top and it will start the network scanning. You can set setting by double click in the application window.

After scanning you will see active button of WiFi WEP cracking or WPA cracking. Because the available of WiFi is WEP click the button

New dialog box will open. Set the setting  with select the WEP network from the list and select the type of attack. After you complete set the setting now launch the attack with click the Attack button.

Wait until the progress bar 100% complete and after it’s complete the Fern WiFi Cracker will starts aircrack for cracking wifi password.

Password will be shown in the button of window.

John the Ripper, The Password Cracking Program Unknown rwxr-xr-x 0 22:06

Title	John the Ripper, The Password Cracking Program
Permission	rw-r--r--
Author	Unknown
Date and Time	22:06
Category
Share

John the Ripper is a totally free password cracking software program. Primarily created for your UNIX operating-system, this presently works on 15 unique platforms. This has become the most popular password testing and also breaking applications since it brings together several password crackers in one bundle, autodetects password hash types, and also provides a easy to customize cracker. It may be work towards numerous encrypted password types such as many crypt password hash types most often available on various Unix types.

Extra modules have got expanded its capability to contain MD4-based password hashes and even passwords stored in LDAP, MySQL, and others. One of many modules John the Ripper may use is the dictionary attack. It will take word string samples (usually from a document, known as a wordlist, that contains words and phrases found in a dictionary), encrypting it within the exact same format as the password getting analyzed (including both the encryption algorithm and also key), and also evaluating the result for the encrypted string.

Additionally, it may execute a number of adjustments for the dictionary words and also try out all these. Several adjustments will also be applied to John the Ripper's single attack mode, that changes a great related plaintext (such as a username with the encrypted password) plus check ups any varieties up against the encrypted hashes.

John the Ripper also provides a brute force mode. With this kind of attack, the program passes through all of the possible plaintexts, hashing each one of these as well as evaluating this on the input hash. John the Ripper works by using character frequency tables to test plaintexts that contains more often used characters very first. This process is useful to get cracking passwords that don't include dictionary wordlists, however it will take quite a long time to operate.

Download the John the Ripper