This document provides instructions for performing various tasks in Backtrack 5 such as gathering information from websites and domains, network scanning, packet sniffing, and man-in-the-middle attacks. It begins with safety cautions and instructions for configuring network settings in Backtrack. It then explains how to use tools like apt-get, HTTrack, Whois, Zenmap, Wireshark, and Ettercap to collect information and conduct attacks. The document emphasizes the educational purpose of these techniques and cautions the reader not to use them for harmful purposes.

1. HACKING WITH
BACKTRACK 5
Zia Ush Shamszaman
ANLAB, ICE, HUFS
Date: 20130412

2. !!Caution!!
This material is for educational
purpose only. We don't intend to ha
ck, crack or anything about
cyber crime

3. Open a terminal in Back track

4. Check your Network and Internet
• Open a terminal type “Ping www.google.com”
• If not working then do this…
• Application > Internet > Wicd Network Manager
• Select Wire/Wireless
• Click the Connect button
• If still have problem then check your Virtual box n
etwork option

5. Using apt-get command
• root@bt:~#
• apt-get update && apt-get upgrade && apt-get dist-upgrade

6. Information Gathering
• Copying the victim web site
• HTTrack is a tool that can copy a website page-by-page a
nd we browse it offline
• Step-1: Open a terminal
• Step-2: Type “apt-get install httrack” // This will install the package
if it is not available in your system
• Step-3: Type “httrack”
• Step-4: Enter project name
• Step-5: Enter the location where the site will be stored
• Example: /root/test
• Step-6: Enter the URL of the victim site

7. Domain Information Collection
• Whois command
• Usinf this command you can collect the domain informatio
n of the victim
• Open a terminal
• Type: “whois <victimdomain>”
• Example: whois hufs.ac.kr
• www.domaintools.com is also an useful web tool to dig a
particular domain name.

8. Collecting email id
• Step-1: Open a terminal
• Step-2: Type “msfconsole” // This is a special tool of ba
cktrack
• Step-3: Type “use gather/search_email_collector”
• Step-4: Type “show options”
• Step-5: Type: “set DOMAIN <victimedomain_name>”
• Example: Type “run”
See the magic

9. Collect Victim information by “Zenmap”
• Application>Internet>Zenmap
• Enter victim IP address/Domain name in the “Target”
• Select a scan type in the “Profile”
• Check Hosts and Service in the left panel
• Select a service to check the open port
• Check Topology
• Check Host Details
• Check Nmap output

10. How to use Wireshark
• Application > Backtrack > Forensics> Network Forensics>
Wireshark
• Select the Interface, e.g eth0
• Select Start
• See the live packets area transferring through the interfac
e
• Go to capture menu
• Stop the capture process
• Go to File menu and Save it in Desktop
• Go to File menu and open the captured fil
Now its all yours..Play with it !! J

11. Man in the Middle Attack

12. Man in the Middle Attack
Before we going to start ettercap we have to configure the /etc/etter.conf
file at /etc.etter.conf
Remove two # from here

13. Step-1

14. Step-2

15. Step-3

16. Step-4

17. Step-5

18. Step-6
Add the Gateway

19. Step-7
Select Victim IP

20. Step-8

21. Step-9

22. Step-10

23. Step-11

24. Step-12

25. Step-13

26. Step-14

28. Step-15

29. Don’t do anything harmful
Thank You J

30. Extra Slides

31. How Port and IP works !

32. HOW DNS Query Works