Preparing BackTrack5 and wireless networking for penetration testing

As a part of my day-to-day duties, I test security policies, IPS and firewall setups, find vulnerabilities, missing patches, … One of tools I’m using is a “BackTrack” or “BT”. It is a Linux distro packed with tons of utilities for penetration testing and digital forensics.

What I’m about to say is a cliche: always know exactly what you are doing with any sort of activities stated above! Don’t allow any kind of law enforcement agency knocks at your door. So, make sure you have in written the permission to do what you do.

Now, we can run the BT5 in several ways:

  • As a live distro, booting from a so called “Live CD
  • As a “Live USB”, booting and running from an USB stick
  • Running it installed on a physical laptop
  • Running it installed as a virtual machine from the “VMware Workstation

Guess which option we will be using 🙂

In this article we can find how to create a virtual machine, set up a virtual hardware, mount an ISO image and power on the virtual machine. We can cut off some hardware, such as sound card and so on:

SNAGHTML35ad8ce

Please note that we don’t have a network adapter. This is because we will be using a wireless network for testing purposes. This is a little bit trickier to set up. If we would want to use LAN connection, we simply add and set up the virtual network adapter, as described several times in this blog. Also observe that the “USB Controller” must be present. We will use this to plug in our USB Wi-Fi network adapter.

I’m not a hundred percent sure, but I believe that with BT5 we cannot use a built in Wi-Fi card. So we need an USB card. We can find recommendations to use the “Alfa USB Card”, from the “Alfa Network Inc”, but I have the “Netgear WG111v3” which works just fine:

image

Now the installation. We power on the virtual machine with the “BT5.iso” mounted:

image

We just hit <ENTER> on the screens above and below.

image

And after a really short period of time, we have a command prompt in which we type startx and hit <ENTER>. This will start the GUI:

image

We now have two options. The yellow arrow points to the start menu and by using this menu we can set up our system, do an upgrade, do our penetration testing and so on, but when we power off our virtual machine it’s the same process all over again, because all changes are lost. This is so called a live distribution. This is not what we are interested in.

If we click the icon to which the green arrow points, we will actually start the installation process after which we will have the complete BT installed on our hard drive. All changes we make will persist. Just like any ordinary OS installation. So let’s click this dragon icon:

image

We select the language and click “Forward”.

image

After selecting the location, we click “Forward”.

image

Keyboard layout and “Forward”.

image

For disk space, we accept the defaults.

image

After clicking the “Install” button, we just wait for the installation to complete:

image

And this is what we were waiting for:

image

Now we hit “Restart Now”. We should dismount the ISO image from virtual CD/DVD drive, so that installation does not start all over again.

After a reboot, we log in with the username root and the password toor. Then again we run the startx command. After the GUI is powered on, we open the command shell by clicking the small icon located on the bottom left part of the screen. We issue the ifconfig command to see our network adapters:

image

We only see a loopback adapter. There is no wired or wireless adapters. This is fine, because we did not specify any virtual network adapters when setting up a virtual hardware, and we still did not plug in our “Netgear” USB card. But before we plug the USB card in, let’s do some settings. We can play with ifconfig, iwconfig, iwlist, … but we will go straight to the point: setting up the USB Wi-Fi adapter for now and to survive reboots. Let’s open this file “/etc/network/interfaces” with the vi or similar editor:

image

We are interested in wlan0 configuration, so we will change this file to look like this:

image

So we removed all other network adapters except for loopback. We also commented the red squared lines, because we don’t want the DHCP assigned IP parameters. We could uncomment (by removing the hash signs – #) these lines and comment the green squared ones if we would prefer the DHCP to assign our IP parameters. For now, we are using static parameters which are stated inside the green square. I don’t thing we need to explain these parameters. For WAP, some other Wi-Fi settings may apply, but my access point is set up with WPA2. We save this file and exit the editor.

Now we plug in our “Netgear” Wi-Fi adapter. We must sure that in the “VMvare Workstation” the USB adapter is actually connected to the BT VM:

image

And we can verify this from the command line. First the IP addressing:

image

And then the default gateway:

image

Finally, we check and edit the /etc/resolv.conf file, which contains the DNS server information:

image

Ok, let’s test our connectivity:

image

Nice! Before one final step, let’s do a reboot and verify that we are actually going to survive it. First we remove the USB network adapter and then reboot:

#shutdown –r now

If something is wrong at some point, we may try restarting the networking:

#/etc/init.d/networking restart

After the the reboot, we plug the USB adapter back in, wait a while, and test our connectivity again. If everything is OK, one final step remains to be completed before we go hunting – updating the system. This fixes bugs and brings new options for variety of tools. This is done with these commands:

#apt-get update
#apt-get upgrade

The last command can take a while to complete, but once it does, we are ready to go.

Setting this up with the wired adapter is pretty straight forward process and I will leave that for a homework 🙂

 

Thanks for reading.

Advertisements
This entry was posted in LINUX, PENTEST, Security and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s