LAB 1: Installing BackTrack 5 R1 in Virtual Machine

OBJECTIVE: To install BackTrack 5 R1 in Vmware

REQUIREMENTS
Computer
Vmware
BackTrack 5 R1 iso file


STEPS
Be sure that you have Vmware installed on your system.
Step 1: Here, we are going to create New Virtual Machine for
installing Backtrack 5 R1. So, we have to click on New Virtual
Machine option in VMware.








Step 2: So, as you see it has opened New Virtual Machine
wizard. It is prompting that what type of configuration do you
want? Select Typical (recommended) then click on Next.


Step 3: Here, it is prompting for selecting ISO Image. So, we are
going to select BackTrack 5 R1 ISO image. After selecting ISO
image just click on Next button to proceed with installation.


Step 4: Here, it is prompting for Guest operating system. It
means which operating system you are going to install on this
virtual machine. As you might know that BackTrack OS is based
on Linux. So, select Linux as your Guest operating system. In
version it will automatically select Ubuntu.


Step 5: Here, it is prompting for Virtual Machine Name and
Location. So, enter Pentest as our Virtual Machine Name. Here,
we have to choose Location, it means where we want to install
BackTrack 5 R1. Before we select Location, first open D: drive in
My Computer and create one folder there & name this folder
My Virtual Machines. Now open your newly created folder My
Virtual Machines & inside that folder create one more folder &
name this folder BackTrack. Now coming back to our New
Virtual Machine Wizard, In Location browse for our newly
created folder BackTrack in D:\My Virtual Machines\BackTrack.
Select BackTrack folder and then click on Next.


Step 6: Here, it is prompting for Maximum disk size (GB). Enter
20 GB there, and then click on Next.

Step 7: Here, it is prompting for Hardware. In Memory it has
512 MB by default; there is no need to increase Memory for
BackTrack because it works fine in 512 MB. Select Floppy &
click on Remove button to remove it. Select Network Adapter &
change its setting from NAT to Bridged. Finally, click on OK.


Step 8: In this step we have to review all settings & then click
on Finish option. Then it will start Installation of BackTrack 5 R1.




Step 9: Here, just Hit enter key to continue with installation.


Step 10: Here, dont change selection and Just Hit enter key to
continue. So, it will boot in Default Boot Text Mode.


Step 11: Here, type startx on terminal, to start a Graphical User
Interface.





Step 12: Here, just double click on install BackTrack icon.




Step 13: Here, English is by default, so just click on Forward
button to proceed.



Step 14: Here, select your Location to India in world map for
India Time and just click on Forward button to proceed.


Step 15: Here, In Keyboard layout, just click on Forward button
to proceed.


Step 16: Here, where do you want to put BackTrack Live? Select
Erase and use the entire disk option and just click on Forward
button to proceed.


Step 17: Finally click on Install button to proceed.


Step 18: Here, as you see it has started installing BackTrack 5 R1
operating system.


Step 19: Here, as you see its still installing BackTrack 5 R1 OS.
In progress bar its showing 99%. Please be patient here
because it will take at least 10 minutes more to complete.
Surely after 10 minutes it will prompt you to restart the system,
so for that just click on restart button. (Note: When it prompt
then only you have to click on Restart now button)





Step 20: Here, as you see BackTrack 5 R1 is installed properly.
But still we need to install VMware Tools (that includes
Graphics, Sound drivers etc) So, for that we need to Shutdown
our BackTrack OS. So, click on System option & Shut Down.





Step 21: Here, just click on Shut Down.


Step 22: Here, as you see that our BackTrack OS has been Shut
Down. Now, click on Edit Virtual Machine Settings.









Step 23: Here, in Virtual Machine Settings Dialog, Select
CD/DVD (IDE) option. As, you see on the right hand side of
Dialog, its is still using BackTrack ISO image. So, we need to
change this setting.


Step 24: Here, Select Use Physical Drive option & Auto detect
settings. Then click on OK. Then click on Power on This Virtual
Machine.




Step 25: Here, BackTrack is started. Now we are going to move
further to install VMware Tools for our BackTrack OS. So, for
that just right click on your Virtual Machine Name Pentest &
click on Install VMware Tools option.





Step 26: As you see here, VMware Tools ISO image has been
mounted automatically.


Step 27: Now, next step is to create a directory in / and name
this directory vmware.


Step 28: Now Open Terminal and run these commands:
cd /
cd media
cd VMware Tools
ls
tar C /vmware zxvf VMwareTools-8.1.3-203739.tar.gz
After invoking this command it will show you progress
Once progress stops.
Type these command:
cd /vmware
ls
cd vmware-tools-distrib
ls
Now you need to execute vmware-install.pl file, so for that type this command:
./vmware-install.pl
Then it will ask you some questions:
Installing VMware Tools.
In which directory do you want to the install binary files?
[/usr/bin]
Hit enter key
What is the directory that contains the init directories (rc0.d/ to rc6.d/)?
[/etc]
Hit enter key
What is the directory that contains the init scripts?
[/etc/init.d]
Hit enter key
In which directory do you want to install the daemon files?
[/usr/sbin]
Hit enter key
In which directory do you want to install the library files?
[/usr/lib/vmware-tools]
Hit enter key
The path usr/lib/vmware-tools does not exist currently. This program is going to create it, including needed
parent directories. Is this what you want?
[yes]
Hit enter key
In which directory do you want to install documentation files?
[/usr/share/doc/vmware-tools]
Hit enter key
The path /usr/share/doc/vmware-tools does not exist currently. This program is going to create it, including
needed parent directories. Is this what you want?
[yes]
Hit enter key
The installation of VMware Tools 8.1.3 build-203739 for Linux completed successfully. You can decide to remove
this software from your system at any time by invoking the following command: "/usr/bin/vmware-uninstall-
tools.pl".
Before running VMware Tools for the first time, you need to configure it by invoking the following command:
"/usr/bin/vmware-config-tools.pl". Do you want this program to invoke the command for you now? [yes]
Hit enter key
Searching for GCC...
Detected GCC binary at "/usr/bin/gcc".
The path "/usr/bin/gcc" appears to be a valid path to the gcc binary.
Would you like to change it? [no]
Hit enter key
Would you like to change it? [yes]
Type no and Hit enter key
Now it will show you many warning just like below but you do not need to care about
these warning.
Just Press Enter key several times to continue.
WARNING: This program cannot compile any modules for the following reason(s)...
This program could not find a valid path to the kernel headers of the running kernel. Please ensure that the
header files for the running kernel are installed on this system.
[Press Enter key to continue]
Step 29: Finally it will be installed, so, after successful
installation of VMware Tools just right click on VMware Tools
icon on desktop & click on Eject. Now, the last step is to restart
your BackTrack OS Virtual Machine.


Step 30: Now, its time to take Snapshot of BackTrack 5 R1.So,
for that go to VM---Select Snapshot---then select Snapshot
Manager.


Step 31: Click on Take Snapshot.


Step 32: Enter the Name & Description same ---Fresh Copy
Then click on OK.


Step 33: As you see here, snapshot has been taken. Now, click
on Close.


Step 33: Configure the Access Point with open Authentication
and SSID as Wireless Lab











YOU ARE DONE
CONCLUSION:
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
------------------------------To be filled by trainer--------------------------
Remarks:
Poor Fair Good Very Good Excellent

Trainers Signature

















LAB 2: Configuring your Wireless Card
OBJECTIVE: To setup the wireless card to work with backtrack
REQUIREMENTS
Computer
Vmware
Backtrack Virtual Machine
Wireless Adapter

STEPS
Step 1: Put your wireless card and start the backtrack machine.
Step 2: Once you log in to the backtrack open the terminal and
type iwconfig to see the wireless interface.










Step 2 : Type ifconfig wlan0 up to bring up the interface and
see the details of your card by typing ifconfig wlan0
Step 3 : Connecting to your AP
First see the list of networks you have
Step 4 : Issue the command iwlist wlan0 scanning
Here you can see all the networks select your network which
you created.
Step 5 : Issue the command iwconfig wlan0 essid Wireless Lab
to associate your wireless card with Wireless Lab.
Step 6: Issue the command iwconfig wlan0 to check whether
it has associated or not.
Step 7 : Set your IP Address from the same subnet
Issue the command ifconfig wlan0 192.168.0.2 255.255.255.0
up
Step 8 : Verify with the command ifconfig wlan0
Step 9 : Now issue the command to ping AP ping 192.168.0.1
YOU ARE DONE
CONCLUSION:
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
------------------------------To be filled by trainer--------------------------
Remarks:
Poor Fair Good Very Good Excellent

Trainers Signature










LAB 3: Creating Monitor Mode Interface
OBJECTIVE: To Configure the wireless card to monitor mode
REQUIREMENTS
Computer
Vmware
Backtrack Virtual Machine
Wireless Adapter

STEPS
Step 1 : Type iwconfig to see your wireless interface
Step 2 : Issue the command ifconfig wlan0 up to bring the card
up.
Step 3 : Verify the card that it is now up by issuing the
command ifconfig wlan0
Step 4 : To put your card into monitor mode we will use the
utility which is inbuilt in backtrack i.e airmon-ng so first issue
the command airmon-ng to verify that it has detected the card,
you should see the wlan0 interface as the output.
Step 5 : Now issue the command airmon-ng start wlan0 to
create a monitor mode interface corresponding to wlan0.this
will be named something in my case lets say mon0.
Step 6 : Now verify that the monitor mode interface is created
by issuing the command airmon-ng
Step 7 : Issue the command ifconfig to see your newly created
monitor mode interface.
YOU ARE DONE
CONCLUSION:
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
------------------------------To be filled by trainer--------------------------
Remarks:
Poor Fair Good Very Good Excellent

Trainers Signature



LAB 4: Sniffing Packets using monitor mode interface
OBJECTIVE: Capture packets using wireshark from mon0
interface.
REQUIREMENTS
Computer
Vmware
Backtrack Virtual Machine
Wireless Adapter

STEPS
Step 1 : Learn the Wlan Frames
In WLANs, communication happens over frames. A frame has
the following header structure:





The Type field defines the type of WLAN frame, which has three
possibilities:

1. Management frames: Management frames are
responsible for maintaining communication between
the access points and wireless clients. The
Management frames can have the following sub-
types:
a. Beacon
b. Probe Request
c. Probe Response
d. Association Request
e. Association Response
f. Disassociation
g. Authentication
h. De-authentication

2. Control frames: Control frames are responsible for
ensuring a proper exchange of data between the
access point and wireless clients. Control frames can
have the following sub-types:
a. Request to Send (RTS)
b. Clear to Send (CTS)
c. Acknowledgement (ACK)

3. Data frames: Data frames carry the actual data sent on the
wireless network. There are no sub-types for data frames.
Step 2 : Switch ON your AP Wireless Lab
Step 3 : start wireshark by typing Wireshark
Step 4 : Click on capture----interface
Step 5 : select packet capture from mon0 interface by clicking
on the start button.

Step 5 : Select one packet and you can able to see the all the
details inside the second window.
Step 6 : click on triangle infront of the IEEE 802.1 Wireless LAN
management frame.
Step 7 : To view all the Management frames in the packets
being captured, enter the filter wlan.fc.type == 0 into the filter
window and click on Apply. You can stop the packet capture if
you want to prevent the packets from scrolling down too fast.
Step 8 : To view Control Frames, modify the filter expression to
read wlan.fc.type == 1
Step 9 : To view the Data Frames, modify the filter expression to
wlan.fc.type == 2
Step 9 : To additionally select a sub-type, use the
wlan.fc.subtype filter. For example, to view all the Beacon
frames among all Management frames use the following filter
(wlan. fc.type == 0) && (wlan.fc.subtype == 8)
Step 10 : Alternatively, you can right-click on any of the header
fields in the middle window and then select Apply as Filter |
Selected to add it as a filter
Step 11 : Find the channel on which the Wireless Lab
access point is running on. To do this, open a terminal and
run airodump-ng bssid 00:21:91:D2:8E:25 mon0 where
00:21:91:D2:8E:25 is the MAC address of our access point.
Let the program run, and shortly you should see your
access point shown on the screen along with the channel
it is running on

Step 12 : Lock our wireless card on the same channel that
is channel, 11. To do this run the command iwconfig mon0
channel 11 and then run iwconfig mon0 to verify the same.
You should see the value Frequency: 2.462 GHz in the
output. This corresponds to Channel 11

Step 13 : Start sniffing on the mon0 interface. After
Wireshark has started sniffing the packets, apply a filter
for the bssid of our access point as shown next using
wlan.bssid == 00:21:91:D2:8E:25 in the filter area. Use the
appropriate MAC address for your access point

Step 14 : In order to see the data packets for our access
point, add the following to the filter (wlan.bssid ==
00:21:91:d2:8e:25) && (wlan.fc.type_subtype == 0x20).
Open your browser and type 192.168.0.1

YOU ARE DONE
CONCLUSION:
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
____________________________________________________
------------------------------To be filled by trainer--------------------------
Remarks:
Poor Fair Good Very Good Excellent

Trainers Signature