It is a tool that allows you to make a consultation by means of IP ranks to obtain DNS names of this IPs in addition with simplicity and speed.

(Source: http://backtrack.offensive-security.com/index.php?title=Tools#DNS-Ptr)

We used this command: dns-ptr 69.41.185.195 20

That all!

pavs

Backtrack 2 Hacking Hacking Tools News Software Review

DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more.

The following is a list of the current features:

An Open Source Project.
Perform an Internet Number whois lookup.
Retrieve possible uptime data, system and server data.
Perform a SubDomain search on a target host.
Perform an E-Mail address search on a target host.
Perform a TCP Portscan on the host target.
A Modular program allowing user specified modules

(Source: http://www.mor-pah.net/index.php?file=projects/dmitry)

We used this command: dmitry -winsepffb -o host.txt google.com

The output won’t contain in a single screenshot so we will do a partial screenshot and you can look at the output in a text file.

For some reason the last part of the scan didn’t get saved in the txt file but you can see it on the screenshot.

You can see the whole output: http://www.linuxhaxor.net/host.html

That’s all!!

pavs

Backtrack 2 Hacking Hacking Tools News Software Review

ASS, the autonomous system scanner, is designed to find the AS of the router.
It supports the following protocols: IRDP, IGRP, EIGRP, RIPv1, RIPv2, CDP, HSRP
and OSPF.
In passive mode (./ass -i eth0), it just listens to routing protocol packets
(like broadcast and multicast hellos).
In active mode (./ass -i eth0 -A), it tries to discover routers by asking for
information. This is done to the appropriate address for each protocol (either
broadcast or multicast addresses). If you specify a destination address, this
will be used but may be not as effective as the defaults.
EIGRP scanning is done differently: While scanning, ASS listens for HELLO
packets and then scans the AS directly on the router who advertised himself.
You can force EIGRP scanning into the same AS-Scan behavior as IGRP uses by
giving a destination or into multicast scanning by the option -M.
For Active mode, you can select the protocols you want to scan for. If you
don’t select them, all are scanned. You select protcols by giving the option -P
and any combination of the following chars: IER12, where:

* I = IGRP
* E = EIGRP
* R = IRDP
* 1 = RIPv1
* 2 = RIPv2

Usage is trival:
./ass [-v[v[v]]] -i <interface> [-p] [-c] [-A] [-M] [-P IER12]
-a <autonomous system start> -b <autonomous system stop>
[-S <spoofed source IP>] [-D <destination ip>]
[-T <packets per delay>]

Where:
-i <interface> interface
-v verbose
-A this sets the scanner into active mode
-P <protocols> see above (usage: -P EIR12)
-M EIGRP systems are scanned using the multicast
address and not by HELLO enumeration and
direct query
-a <autonomous system> autonomous system to start from
-b <autonomous system> autonomous system to stop with
-S <spoofed source IP> maybe you need this
-D <destination IP> If you don’t specify this, the appropriate
address per protocol is used
-p don’t run in promiscuous mode (bad idea)
-c terminate after scanning. This is not
recommened since answers may arrive later and
you could see some traffic that did not show
up during your scans
-T <packets per delay> packets how many packets should we wait some
miliseconds (-T 1 is the slowest scan
-T 100 begins to become unreliable)

(Source: http://www.mirrors.wiretapped.net/security/packet-construction/irpas/irpas-README.txt)

We used this command: ass -vvv -i eth0 -P EIR12 -M -a -p -D 192.168.1.1

That’s all.

pavs


Hacking News Software Review

Backtrack 2 is the last edition of a very famous and widely used penetration testing Linux Live Distro. We will try to do walkthrough of every single (or as much as possible) tools that comes with backtrack 2. Since this is a very large project, and the distro itself contains approximately 255 unique tools. It will almost impossible to post it as one HOWTO. So we will try to do One post at a time.

But first Lets give you a look and feel about Backtrack 2:

Since Backtrack 2 is live distro and not an installed system it comes with default username to “root” and password of “toor”.

Here is how Backtrack looks like after you boot it from the CD:

You have a choice of using either KDE or Fluxbox. In most of our HowTo’s we will be using KDE. As I am more familiar with it. I would have preferred Gnome but backtrack doesn’t come with it.

To use KDE type “Startx”, to use Fluxbox type in “flux”, very simple.

This is how Backtrack KDE window manager looks like with some of it’s tools.

Continue Reading… Backtrack 2 Hacking Hacking Tools News Nmap Software Review