Wednesday, January 18, 2012

amap

Information Gathering -> Network Analysis -> Service fingerprinting -> amap

amap is good for detecting applications / services on a given port. We can reveal the app name and even its version number. It works by sending a trigger message to the port, and compares it's database with the response.

The location of the amap trigger files and response database in BackTrack5:
/usr/local/etc/appdefs.trig
/usr/local/etc/appdefs.resp

Example:

root@bt:~# amap <- prints the available options

root@bt:~# amap -b 192.168.1.11 21 <- examining port 21, with printing the banner

root@bt:~# amap -bq 192.168.1.11 21 80 <- scanning port 21, 80, prints banner, but if a port is closed it doesn't give any information about that. If we want to scan multiple ports we need to list them with a space delimiter.


Official website: http://thc.org/thc-amap/

Monday, January 16, 2012

Backtrack basics 11. - Installing Backtrack 5 under Virtualbox

I installed Backtrack5 R1 64bit GNOME version, here are the steps:


1) Make a new VirtualPC, select Ubuntu 64bit version, and set the other parameters (RAM, HDD - min 8GB, network)
2) Select the downloaded ISO file into the CD drive.
3) Boot Backtrack from CD
4) Start the GUI (startx)
5) Click the install.sh icon on the desktop
6) Follow the installation wizard (Step 7) - at 99% it will linger for a while, but it does not freeze, so wait patiently
7) Reboot the system, and if you want, remove the CD
8) Login (root / toor is the default)
9) run "fix-splash" script
10) Start the GUI (startx)
11) Delete the install.sh icon
12) If you want, you can install the VirtualBox apps


http://www.backtrack-linux.org/downloads/
https://www.virtualbox.org/wiki/Downloads