BT5R3 Released!

BT5R3 has been released along with some cool new tools. I upgraded yesterday, but haven't been able to test any of the new tools out yet. That is mostly because I was trying to figure out a way to fix metasploit. I'm not sure what other problems I will run into with this upgrade, but not having metasploit to play with was quite irritating. When you try to access the framework the following errors are produced:

When accessing Metasploit from the desktop environment:
sh: msfconsole: command not found
sh: msfupdate: command not found
sh: msfcli: command not found

When accessing Metasploit from the command line the following errors are produced:
msfconsole: command not found
msfupdate: command not found
msfcli: command not found

I tried to figure out a solution, then I tried to find a solution. I couldn't find anything, but I didn't want to just uninstall/reinstall since that felt like defeat. Then I realized that I was just wasting my own time when I already knew that uninstalling and reinstalling metasploit would fix my problem. I removed metasploit then used the installer I had previously downloaded from Rapid7's website for v4.4. The install went smoothly and I proceeded to run msfupdate afterwards. Now I'm back in business fooling around in my test environment.

So why am I writing a post about a frustrating, yet easy to solve problem? As a word of caution to those of you who like me, frustrate easy. R3 maybe the latest and greatest but as of this posting it is not stable and doesn't mix well with R2 if you're performing an upgrade. If stability is important to you, or you don't want to have to spend any time fixing your backtrack it maybe wise to wait a few more weeks before trying to upgrade to R3.

Easy-Creds aka the mosfun you can have with a strangers facebook account.

No, I'm not advocating that you hack random people's Facebook accounts, but I thought the title was catchy. Easy-Creds is a really sweet bash script written by Eric Milam that utilizes other tools (i.e ettercap & sslstrip) to capture credentials mostly via man in the middle attacks (MITM). Normally, I would do a type up on how to set up easy-creds for MITM. However, this week I found a well done youtube video on how to set up easy-creds. I like this video for two reasons. First, it exemplifies the quality that I would like to have in my videos once I am in a position to make them. Secondly, it does a terrific job of walking the viewer through the set up process.

http://www.youtube.com/watch?v=TLJOVozAaXc

The only thing I would add too this is at approximately 4:24 when he is explaining how to fix your dchp3-server, his advice is great, but it won't work for everyone.

When you go to update/install dhcp3 inside easy-creds you will most likely recieve an error message similiar to this:

The following packages have unmet dependencies:
dhcp3-server: Depends: dhcp3-common (= 3.1.3-2ubuntu3.2) but 3.1.3-2ubuntu3.3 is to be installed
E: Broken packages
root@bt:~#

 An alternative solution to the one he outlines in his video is to force a install of the version of dhcp3-common that bt5 is asking us for. One method for doing this is to use synaptic package manager. What follows is a short walk through:

apt-get install synaptic

Once synaptic is done installing fire it up and search for dhcp3-common. It should appear at the top of the search results. Select dhcp3-common then click on the "Package" menu at the top of the screen. Select "Force Version.." A new menu should appear with a drop down box. Select, "3.1.3ubuntu3.2 (stable)" then click force version, and finally "Mark." Press the "Apply" button with the green check mark. When the dialog box opens up, review the changes you are about to make and verify that everything is correct. Let synaptic install the package and then close the program.
Unfortunately, you will be removing dhcp3-common, dhcp3-gtk, dhcp3-daemon, and also Wicd. In my opinion the removal of these other packages makes this a flawed solution, but one that we can fix. It is very important at this point you do not reboot or make any sudden movements towards the power button on the front of your computer. If you do, you'll find that using the internet/networking just got  a lot harder with out Wicd. Open up a terminal and reinstall wicd:

apt-get install wicd

After wicd is installed, go ahead and install dhcp3-server.

apt-get install dhcp3-server

Now, when you go to add the "at0" interface in the walk through your file should appear the same as it does in the video.

just say no to startx

I dislike startx and the generic login process to backtrack. So, this is how you remove it:

apt-get install gdm

Next, open up your root folder and add a blank file. Save it as:

.bash_profile

Open it and add the following text:

startx
ctrl+o
enter
ctrl+x  

Save and exit the file.

Now we need to edit the /etc/rc.local file. Feel free to open it with either gedit or nano and add the following:

/usr/sbin/gdm &

 You're going to want to place that line of text before the line that says, "exit 0." Finally, reboot your computer and rejoice in your new login screen.