Postgresql in BackTrack5 and Metasploit Framework .

I have just installed the new and improved BackTrack 5 in virtualbox. As always, i made an apt-get update && apt-get dist-upgrade -y and after that a msfupdate.

I launched Metasploit framework, and was about to start postgresql when i realized that BT 5 is with MySQL. After playing around with MySQL, i decided to install and setup PostgreSQL instead. The commands i used was:

apt-get install postgresql-8.4 rubygems libpq-dev 

Hack facebook account and Gmail account .

Now in this tutorial I am going to show you how to hack facebook account using backtrack 5 With Cyber Evils. So just follow the simple steps.

Open your backtrack 5’s terminal and type cd /pentest/exploits/set



Now Open social Engineering Tool kit (SET) ./set



Just hit ENTER and SET will Open , Now just select 1st option (1 Social-Engineering Attacks) and hit enter after that 2nd number (just type 2 as shown in snapshot)

Hack Android Phone with Metasploit AND Steal Data.

HOW TO REMOTELY STEAL DATA FROM ANDROID PHONES

A quick guide on how to steal data from an android device (smart phones, tablets etc) on your network. We will be using metasploit to launch the Android content provider file disclosure module. Next we will use ettercap to do dns spoofing through arp poisoning.
I will be giving a brief explanation on how to set up the attack as i do not have any sophisticated victim scenario set up. This will work on Android 2.2 or earlier, i have not done any test on other versions, lets see if we can get any free test subjects today. You may download the PDF version of this tutorial here.
Description
The Android content provider file disclosure module exploits a cross domain issue within the Android web browser to ex-filtrate files from a vulnerable device.
Lets Begin

1) Load up a terminal and type: msfconsole.

Pivot from Victim System to Owning the Network with Metasploit

How to Pivot from Victim System to Owning the Network with Metasploit

To own a network and retrieve the key data, we only need to find ONE weak link in the network. It makes little sense to beat our heads against heavily fortified systems like the file and database server when we can take advantage of the weakest link of all: Humans. (I wish the weakest link of all were Robots… maybe some other time)





To own a network and retrieve the key data, we only need to find ONE weak link in the network. It makes little sense to beat our heads against heavily fortified systems like the file and database server when we can take advantage of the weakest link of all: Humans. (I wish the weakest link of all were Robots… maybe some other time)
Somewhere on the network, some clerk with little work to do and lots of time to play on the Internet can be enticed to visit our malicious website, open our malicious Word doc, or view our malicious PDF.
Once we compromise this single target on the network, we can then pivot from that single compromised system to own the network and ultimately grab the goodies on the server or database server.

Best Steganography Tools

What is steganography? Steganography is defined as the art of hiding information, data or messages in an image. The advantage of steganography is that those who are outside the party even do not realize that some sort of communication is being done.

Steganography comes in different forms:

1. Hidden information in Text Files
2. Hidden information in Image Files
3. Hidden information in Document Files
4. Hidden information in Video Files
5. Hidden information in Audio Files
6. Hidden information in E-Mails

How to Hide File behind Images

Stools

S-Tools is a steganography tool that hides files in BMP, GIF, and WAV files.


Download

Enabling Nessus on BackTrack 5

Nessus 4.4.1 now comes pre-installed on BackTrack 5 and requires that the user activate the installation. Before you activate Nessus on your BackTrack 5 installation, be certain you have installed Nessus either to the hard drive on the computer you plan to use or inside of a virtual machine that you plan to keep on the same host system. If you activate Nessus on a bootable USB thumb drive, DVD or a virtual machine and move it to a new host system, the Nessus activation code will no longer be valid.
The Nessus activation ties itself to the physical system on which it is installed. If you do decide to move the virtual machine to a new system, or jump around to different systems using a bootable USB thumb drive or DVD, you will have to re-activate Nessus. If you are using a Nessus ProfessionalFeed, you are allowed to reset your activation by clearing the current connection between a host and an activation code.
 By logging into the Tenable Customer Support Portal and going to "Activation Codes", you can reset the activation code-to-host pairing. ProfessionalFeed users are currently limited to one reset every 30 days. HomeFeed users will need to re-register Nessus when moving between physical hosts.

Step 1 - Obtaining An Activation Code

Once you have Nessus installed on BackTrack 5, you will need to obtain a Nessus activation code. If you wish to purchase a ProfessionalFeed, you can visit the Tenable Store. If you are using Nessus at home or wish to evaluate Nessus, you can register a HomeFeed. It’s important to note that the HomeFeed is limited to 16 IP addresses per scan (whereas the ProfessionalFeed allows you to scan an unlimited number of IP addresses). The ProfessionalFeed also gives you access to features such as Configuration and Sensitive Data Auditing, SCADA plugins, Nessus Technical Support and access to the Tenable Customer Portal.

Step 2 - Activating Nessus

Be certain that your BackTrack 5 installation has access to the Internet and activate Nessus using your newly obtained activation code as follows:


Click for larger image
As shown above, this will also initially download the appropriate plugins based on which feed you've chosen.

How To Hack: What is SQL Injection and How Does It Work?

A SQL Injection, is basically a code injection that exploits the area vulnerable to SQL Injection. The injected code will be exploiting the Database, to get Information. Such as Emails, Usernames, Passwords, etc.
In this Tutorial, we’ll be looking for the Admin Panel’s credentials. Keep in mind, I said Admin Panel, not control panel. While performing an SQL Injection, you may not always find what you’re looking for. Some sites have secured the important information, so that it will not be compromised so easily.

Finding a Vulnerable Site

You can find a vulnerable site using Dorks. Use google, it’s the best way. A dork is something like this

Code:
inurl:news.php?id=
inurl:event.php?id=
inurl:order.php?id=
inurl:user.php?id=
inurl:restaurant.php?id=
inurl:buy.php?id=

There are Hundreds of Thousands of others, and there are also some Posts about Dorks, so you could read those if you want to find a good site to exploit with SQL Injection.