BackTrack 4 Beta released

backtrack

The Remote Exploit Development Team has just announced BackTrack 4 Beta. BackTrack is a Linux based LiveCD intended for security testing and we’ve been watching the project since the very early days. They say this new beta is both stable and usable. They’ve moved towards behaving like an actual distribution: it’s based on Debian core, they use Ubuntu software, and they’re running their own BackTrack repositories for future updates. There are a lot of new features, but the one we’re most interested in is the built in Pico card support. You can use the FPGAs to generate rainbow tables and do lookups for things like WPA, GSM, and Bluetooth cracking. BackTrack ISO and VMWare images are available here.

100 thoughts on “BackTrack 4 Beta released

  1. As someone who’s itching to try this out, can a fellow hack-a-day junkie point me to a mirror?

    i can do any form except torrent, i live on campus.

    they need mirrors.

  2. I hate that. I spent ages last night downloading BT3 and installing it on a 2GB Stick.

    That is twice now that this has happened. Before was with Auditor. I want a refund of my missing sleep. Bummed but looking forward toward another too little sleep night.

  3. At last a use for Backtrack!. I’m also very happy they’ve moved away from Slackware and are focusing on Debian (which is my distro of choice).

    I am also very pleased with regards to the rainbow table lookup function, too.

    Well done Remote-Exploit.

  4. I’d stay away from the pb version. Who knows what was added to it. The only people who got it early were people at the con, well most of us there were hackers….. So if you use this version and your computer tries to hack teh gibson all by itself, don’t say you weren’t warned.

  5. same here, downloaded the live-iso; it’s up and running but i’m not getting inside. could someone give me a pointer at where to look for the login?

  6. humm,.. i wish there was an powerpc version off this.. becouse my only laptop is an old Powerbook G4.. o well, i will try it on my desktop anyway :D

  7. I just bought a MSI GX630-028US laptop and I was disappointed that BT3 didn’t work on it. But this version worked, didn’t recognize the internal wireless card but I’ve got an external one that does.

  8. With regards to the bcm43xx, since BT2, It’s been all right with injection but it doesn’t always play ball. It does inject and you have to boot up with your wifi enabled (by ensuring you shut it down left on). With BT3, it was some what more stable. However, It stops injecting and changing mac etc.. so a reboot is in order.

    I’ll try my BCM4311 as soon as I can on BT4 beta.

  9. does anybody know, how much these Pico cards cost? They all have at least a virtex-4 pfga and a PowerPC Processor inside => my guess 1500$ for the smallest one.

  10. @moloch
    I’m using the b43 driver included in
    the Linux 2.6.27 tree.

    Monitor mode works, injection doesn’t.

    If you want to do some wifi hacking, I
    really encourage you to get a Ralink
    or Atheros miniPCI card.
    Otherwise, there are also some
    el cheapo mini wifi routers (Fon) with
    awesome Atheros chipsets that does the job.

    Greets

  11. too bad most commercial clusters and intranets use NT implementations. I guess you could use the cgi fuzzers, and aircrack on your days off while boasting you run linux.

    oh yeah 4chan kids can use it to attack web servers too.

  12. @TJHooker

    Not really. Most clusters out there are
    beowulf Linux. I must admit though that
    there were a lot more some years ago.
    The multicore battle changed all the game.

    At the time I enjoyed a lot installing
    OpenMOSIX Linux on all boxens of my
    classroom. Too bad openmosix lost
    interest on this days..

    Anyway, backtrack provides some forensics
    tools also, not just attack tools.
    IMHO, this is a nice way to promote
    Linux and some of their tools to
    interested people. At least I like it a lot
    to do Linux demonstrations at local schools.

  13. @n00bhunter: Every robotic manufacturing cluster and embedded network I see in the states is mostly embedded xp on custom protocols. this is general motors newer manufacturing plants, almost all of the banking networks including atm machines.

    I usually only see bsd and linux clusters in isps and research facilities along with public server solutions.

    even on risc interfaces it’s usually embedded java or htc++ firmware or some sun microsystems solution. on rare occasions vms on various hardware too.

    I’m in the places daily. Even the most most modern POS systems use a non-linux solution. This only leaves public servers and some other networks. BT4 isn’t really effective for reverse engineering Nt stuff. that’s why i say the wlan cracking, brute forcers, and protocol fuzzers are all it’s really good for from a professional stand point.

  14. @TJHooker

    I believe you, although I’m more familiar
    with the Academic environment.

    I cannot agree with you though about BT4
    being ineffective against NT networks. As
    you know, published vulnerabilities take
    a lot of time to be patched by the non
    perfect windows update system..

    The metasploit framework does a pretty
    good job bringing up all the holes for you.

    John-the-ripper can bruteforce NTLM
    passwords, nikto can scan IIS servers
    (not only) for “old” stuff.

    wireshark is full of nice heuristics that
    helps you on what to look for.

    ettercap is essential for MITM attacks and
    exploiting hostile traffic.

    aircrack, kismet ….

    Now I would like to hear about a windoz
    livecd specialized in network forensics
    from you. What about using it to crack
    UNIX boxens?

    Oh.. right..

  15. backtrack doesn’t work on thinkpads (ibm or lenovo) what use is it? — They are one of the few manufacturers with built in atheros chips, you’d think hackers would be smart enough to use them.

  16. @wardarts: works good on a t42 without any modifications. I’ve used 2-4 on it.

    @n00bhunter: Yeah but you gotta think most active researchers are doing most of their work in debuggers and with assembler based on the NT memory maps.

    I know gcc and some virtual environments can do a lot, but run time debugging and dumping based on an nt environment isn’t even remotely implemented.

    When it comes to protocol reversal and black boxing software or hardware I know linux and bsd dominate for many reasons, one being it’s mostly open and ready driver framework.

  17. Is it posible to set the intel 4965agn in monitor and inject with this release of backtrack 4 without patching any driver? All needed is included in this release?. Thanks.

  18. I’m having a problem with asus n10 notebook backtrack4 doesnt seem to be detecting the wireless. I was really hoping to have some fun with backtrack :(. Anybody have an idea how to fix this / install drivers?

    Thanks!

  19. awesome, i just booted it in vm, everything works great, its very fast, i couldn’t believe its on debian now, so i did `cat /etc/deb and WOW!

  20. Hi ,

    I have been using bt3 for a while , but when i tried loading it to a pen drive , it is non-persistent. ie I am not able to save changes to my Pendrive , they are all lost after a reboot. Tried a lot of things on the forums , can somebody suggest me something.

    I have a BT3 loaded on a Transcend 8Gb usb.

    +Abhi

  21. Hi I am new to backtrack 4 I already start the program with vmware iso image seem to be working great but I still don’t know how to use it any one help please I am interested in wpa wep craking

  22. hello all i am new to using backtrack so i want to
    know wpa hack i need dictionary for livebox and tele2 what can i do is it in backtrack 4 or i have to download or i have to install or how to install plz plz any one can help me explan me how to install a good dictionary for wapa hack thanks a lot all of them to hear mi my mail address is sajidsajid71@hotmail.com mail mi plz

  23. im a newwb and im still strugglin with crackin weep, if you can believve that! haha its suposed to be easy and i bin tryin for months now with no luck….pllease help..deeds3353, thannx

  24. anyone know why i cant enter the password to logon, “root” username goes in fine but the only 2 keys that work for passord entry are esc and enter

  25. @Fox and anyone else asking for help;
    Google Is Your Friend. Only Learn What You Need. Whack in
    `/etc/init.d/network start` <– Somthing like that, its on the starting console.
    and then `startx` Use Firefox and google it.

  26. e-z way to crack wep …… idiot proof …
    start bt…. once your in open console(little black box at the bottom left corner type..
    op
    “airmon-ng ”
    see what the name of your interface is…
    in my case it shows two wifi0 and ath0 the two are the same next type
    “airmon-ng stop ath0″
    so ath0 does not exist any more now we got to start a new one.type
    “airmon-ng start wifi0″
    great now you just put your card in monitor mode yay now we can find a network to crack
    now type
    “airodump-ng ath0″
    you will get a list of networks and clients
    find one with the wep encryption … (you need at least a signal strength of at least 10 …) k all you need is the bssid hit ctrl and X on your key board highlight it . right click copy note the channel it is on
    go to the bottom left of the screen open the menu go to backtrack/radio…./802…./all plug your info in you don’t need a client … select the channel then injection to max
    and find spoonwep open it and you will figure it out
    anyoone feel free to correct me if im wrong

  27. Hi;
    I download Backtrack4 ISO, 874 Mb. When try to burning CD, the Nero return that CD capacity insufficient. Try put DVD its informs that must CD not DVD.
    What´s happens ?

    ppenha at gmx.net

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s