HOW TO USE BACKTRACK FOR VULNERABILITY MANAGEMENT? HAKIN9 EXTRA 01/2013

Dear Readers,
Welcome to this year’s first issue of Hakin9 Extra. For this special occasion, we decided to take up a special topic. This month, we are focusing on the most recent release of the famous Linux distibution – BackTrack 5 r3. Our first issue on BackTrack appeared to be the magazine you appreciated the most last year. Therefore, we decided to meet your expectations and ask our authors to write about what
you seem to desire to read.
In this month’s edition, William F. Slater, III describes key features and tools of BackTrack 5 r3. Furthermore, Royce Davis teaches you how to configure a Metasploit development system, Guglielmo Scaiola walks you through vulnerability management with Nessus, and Kevin Simons tutors on bruteforcing Drupal6 login pages. As a bonus, you can learn how to conduct VPN pivoting in assistance of Ayman Hammoudeh.
Hakin9’s Editorial Team would like to give special thanks to the authors, betatesters and proofreaders.
We hope our effort was worthwhile and the Haking Extra’s BackTrack 5r3 issue will appeal to you. We wish you a nice read.

BACKTRACK 5R3 EXPLORED
Why Do Hackers Use Backtrack?
By William F. Slater, III
Backtrack distribution has quickly risen to the position of becoming the de facto hacker’s tool for network infrastructures. William F. Slater, III introduces you to Backtrack Linux. His article is not a Backtrack user guide, nor is it a User Guide for any or all the tools that are available in Backtrack Linux. His article shows how to use it to make your organization more secure.

Backtrack Linux – How to Ditch the Menu and Ball from the Command Line?
By Alex Kah
The Backtrack menus already provide an overwhelming amount of tools that will allow you to accomplish almost anything you need in a penetration test or security audit. However, if you never get past the Backtrack menu system, you will be doing yourself a huge disservice. If you want to advance to the next level in your career break away from the norm and explore. Alex Kah in his article provides you with examples of various tools available from the command line in Backtrack Linux.

BACKTRACK 5R3 TOOLS
How to Use OpenVAS (Vulnerability Assessment System)?
By Willie Pritchett
Penetration testers or ethical hackers are probably aware of scanning and identifying vulnerabilities on the target network, Open Vulnerability Assessment System (OpenVAS) is one of the most widely used open source solutions available. It is an excellent alternative to Nessus and offers its updates free of charge. Willie Pritchett examines how to install, configure, and start OpenVAS along with running a scan across a network to assess the vulnerabilities of Windows systems.

How to Use Backtrack and Nessus for Vulnerability Management?
By Guglielmo Scaiola
Ethical Hacking and Penetration Testing are fun but what’s the business value of these activities? What’s the reason that motivates a manager to pay us to hack their network? What’s the ultimate goal? Guglielmo Scaiola believes that this is possible only for a reason that penetration testing is a part of the vulnerability management process. This process is the key of enterprise security.

Backtrack Linux – How to Configure A Metasploit Development System?
By Royce Davis
Backtrack Linux has long since transcended the classification of being a mere Linux Live CD. BT5R3 is a full-fledged Linux distro, which is more then capable of performing as a standalone workstation operating system. Royce Davis in his article presents the necessary steps to get off the ground and running full speed with Backtrack as a developmental platform for the awesome Metasploit Framework. He describes all of the proper settings to install and configure the tools that it is very useful when building extensions to the already expansive Metasploit Framework. Royce Davis covers the following topics: The Ruby Versioning Manager (RVM), Git & The Github, Vim Basic Operations, Vim Configuration & Plugins, The Anatomy of a Metasploit Module, Navigating the Metasploit Framework and submitting your module to the rapid7 dev team for merger into the framework.

HACKING WITH BACKTRACK 5R3
How Do I phish? Advanced Email Phishing Tactics
By Brandon McCann
Email phishing attacks are very compelling and unique to each situation. The process of creating a successful email phishing campaign is very methodical and most of the time and effort goes up front into the planning phase. Brandon McCann in his article answers to your most frequently asked question how to perform email phishing attacks.

How to Brute-force Drupal6 Login Pages?
By Kevin Simons
Authentication is a protocol or process that allows an entity or system to validate your identity. Nowadays, we see a variety of authentication protocols/processes. We have two-factor authentication which basically comes to identification based on what you know (pin) and what you have (bank card). But with online banking systems it might even go further and you end up with multiple factor authentication. Usually, it comes to either using
a digipass system or a bank card system that provides you with a one-time pin of usually 8 characters. Kevin Simons in looks for the password models which are the simplest authentication models to implement.

PLUS
How to Conduct VPN Pivoting?
By Ayman Hammoudeh
Pivoting refers to the method used by penetration testers that uses compromised system to attack other systems on the same network in order to avoid restrictions such as firewall configurations, which may prohibit direct access to all machines. VPN pivoting enables the attacker to create an encrypted layer 2 tunnel into the compromised machine to route any network traffic through that target machine, for example to run a vulnerability scan on the internal network through the compromised machine, effectively giving the attacker full network access as if they were behind the firewall. Ayman Hammoudeh presents how to conduct VPN Pivoting.