BackTrack 5 | Backtrack 5 tutorial

BackTrack 4 is an penetration testing tool that is run as an live CD , it is an modded form of Linx(Ubuntu) that can be used for hacking.In this tutorial I will show you how to generate payloads in it.

In this tutorial we will be using a useful tool on Backtrack 4 to create a payload which we will then send a slave, the payload created is in exe, once the slave is Social Engineered into running the payload, A meterpreter session will appear to us. We will set it up with a listener on a port, meaning we will have a shell prompt open, waiting for a connection from the slave, once this occurs we have a session, and entry to the victims machine.

Start by opening Bt 4 etc, then scroll to Backtrack, Penetration, Fast-Track, Fast-Track interactive, this will open a prompt like below.

[Image: tut1.png]

Choose option 7, it will then ask what exploit you want to use, choose exploit 2.

[Image: tut2.png]

It will then ask you for an Ip address, you can either enter your own, or the victims, its easier to enter our own (the listener). To obtain your IP on Backtrack 4, open a shall and type ifconfig, your IP appears after inet addr, like below.

[Image: tut3-1.png]

It will then ask you to choose a port for the listener, choose a random port that isnt in use, for this we will use port 4444, and then choose the payload to be compiled in exe format rather than shell script (text). Also choose yes on starting a listener, this basically means a shell will be opened blank, waiting for the slave to run the exe, once run the connection is made, and the listening shell will then spawn the meterpreter session between your and the victims machine.

[Image: tut5.png]

At this point, the payload has been created, and the listener has launched, all you have to do now is locate the payload, I would advise you to rename it, Social Engineer the slave into running it, and then check your listening shell for a connection. If successful you will then have a meterpreter session opened and entry to the victims machine.

Below is the location of the payload you will send.

[Image: tut7.png]

No comments:

Post a Comment