border: 1px solid #d2d2d2; padding: 0px 8px 0px 8px; color: #a19999; font-size: 12px; height: 25px; width: 165px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; margin:0px; } .submitbutton{ background:#F66303; border: 1px solid #F66303; text-shadow: 1px 1px 1px #333; box-shadow: 3px 3px 3px #666; font:bold 12px Arial, sans-serif; color: #fff; height: 25px; padding: 0 12px 0 12px; margin: 0 0 0 5px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; cursor:pointer;}

Receive all updates via Facebook. Just Click the Like Button Below

You can also receive Free Email Updates:

Powered By Blogger Widgets

Related Posts Plugin for WordPress, Blogger...

Saturday, November 10, 2012


Install flash player on Backtrack 5  R2  step by step

Download the file below and click save to save the .deb file like shown in the screen shot

DOWNLOAD flash_player_10_linux.tar 

Now type the below inside termianl, make sure you are in the downloads directory first  do an  ls   if needed to make sure.

tar xvfz install_flash_player_10_linux.tar.gz

The result should look like the screenshot below if it went correctly

Now keep terminal open and type in the command below and press enter

mkdir ~/.mozilla/plugins

Last but not least type the command shown below into the same terminal window and press enter

mv -f ~/.mozilla/plugins/

Thats it, Flash Player should now be installed and working. Hope you enjoyed this tutorial and it helps someone out...

Thursday, November 8, 2012

Metasploit Penetration Testing Cookbook

Metasploit software helps security and IT professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security assessments. Capabilities include smart exploitation, password auditing, web application scanning, and social engineering. Teams can collaborate in Metasploit and present their findings in consolidated reports. The goal of the software is to provide a clear understanding of the critical vulnerabilities in any environment and to manage those risks.

Here is a brief table of contents for Singh's book:

Chapter 1: Metasploit Quick Tips for Security Professionals covering: configuration, installation, basic use, and storing results in a database
Chapter 2: Information Gathering and Scanning covering: passive and active gathering, social engineering, scanning, Nessus, NeXpose, and Dradis
Chapter 3: Operating System-based Vulnerability Assessment covering: exploits, Windows XP, remote shells, Windows 2003, Windows 7, Linux, and DLL injection
Chapter 4: Client-side Exploitation and Antivirus bypass covering: IE, Word, Adobe Reader, payloads, and killing anti-virus
Chapter 5: Using Meterpreter to Explore the Compromised Target covering: Meterpreter commands, privilege escalation, communication channels, and snooping on Windows targets
Chapter 6: Advanced Meterpreter Scripting covering: hash dumps, back doors, pivoting, Railgun, pivoting, and killing firewalls
Chapter 7: Working with Modules for Penetration Testing covering: Auxiliary modules, admin modules, SQL injection, post-exploitation, and creating new modules
Chapter 8: Working with Exploits covering: mixins, msfvenum, going from exploit to Metasploit module, and fuzzing
Chapter 9: Working with Armitage covering: Getting started, information gathering, and targeting multiple machines
Chapter 10: Social Engineering Toolkit covering: Installation, configuration, spear-phishing, website attacks, and infectious media generation.

To summarize, if you are looking for a Metasploit book in cookbook format than this book would be a good choice.    


Friday, November 2, 2012

BackBox Linux 3.0

A Linux distribution based on Ubuntu

BackBox is a Linux distro based on the Ubuntu operating system, developed to perform security assessments and penetration tests.

BackBox is designed to be easy to use and fast. It provides a minimal but powerful and complete desktop environment.

What's New in This Release: [ read full changelog ]

· System upgrade
· Bug corrections
· Performance boost
· Improved start menu
· Improved Wi-Fi dirvers (compat-wireless aircrack patched)
· New and updated hacking tools


jSQL Injection V0.2 is a java tool for automatic database injection

An easy to use SQL injection tool for retrieving database informations from a distant server.

You can discuss about jSQL Injection on the discussion group.

jSQL Injection features:

GET, POST, header, cookie methods
normal, error based, blind, time based algorithms
automatic best algorithms detection
data retrieving progression
proxy setting
For now supports MySQL.

Running injection requires the distant server url and the name of the parameter to inject.

If you know an injection should work but the jSQL tool doesn't access the database, you can inform me by email or use the discussion group.

For a local test, you can save the following PHP code in a script named for example simulate_get.php, and use the URL in the first field of the tool, then click Connect to access the database:

    mysql_connect("localhost", "root", "");

    $result = mysql_query("SELECT * FROM my_own_table where my_own_field = {$_GET['lib']}") # time based
    or die( mysql_error() ); # error based

    if(mysql_num_rows($result)!==0) echo" true "; # blind

    while ($row = mysql_fetch_array($result, MYSQL_NUM))
        echo join(',',$row); # normal



Twitter Delicious Facebook Digg Stumbleupon Favorites More