BackTrack, the GNU/Linux distribution focused on digital forensics and penetration testing, has a new version out, with the public release (on May 10) of BackTrack 5, code-named Revolution, by the BackTrack development team. BackTrack focuses primarily on
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
BackTrack 5 features a comprehensive arsenal of over 350 security-related tools to test everything from Web applications to RFID systems. The new version of BackTrack lives up to its “Revolution” moniker in that it has been completely overhauled and rewritten from the ground up, providing users with an optimized platform for penetration testing and digital forensics exercises. For the first time in its development road map, BackTrack now includes support for ARM-based systems — a significantly upgrade.
BackTrack 5 features
A major addition in the new version of BackTrack is the 64-bit offering. BackTrack 5 is based on Ubuntu Lucid Lynx v10.04, the latest long term support (LTS) release using Linux kernel v2.6.38. BackTrack 5 is the first version to be released with the complete source code in its repositories. This addition is expected to clear up licensing issues that existed in the previous Backtrack distros. BackTrack 4 is no longer available for download at the developer’s Website, and support for it has officially been discontinued.
Here is a more detailed look at important features of BackTrack 5.
- Support for KDE and Gnome
BackTrack 5 boasts of support for KDE Plasma (4.6), Gnome (2.6) and Fluxbox. This makes it much simpler to migrate from Gnome-based distributions. Unifying the desktop environment has the added advantage of an easier learning curve for new users. Streamlined images for each desktop environment (DE) are available on the backtrack website. Tool integration with supported environments is seamless with DE-specific menu structures. However, while Gnome has a smaller memory footprint and is less resource hungry, the Gnome versions lack default package managers, which need to be added separately.
The KDE plasma desktop used in BackTrack 5. [Courtesy:
- 32-bit and 64-bit support
The addition of 64-bit support in BackTrack 5 makes it possible to tap additional power for processor-intensive tasks such as brute force password cracking. The 32-bit and 64-bit images support various boot modes, including a “Stealth” mode that boots without generating network traffic and a “Forensics” mode for forensic purposes.
- ARM architecture support
An ARM image of BackTrack 5 is available, having officially been tested on the Motorola Xoom tablet and the Motorola Atrix 4G smart phone by the developers. Custom chroot scripts are already available to run BackTrack 5 on Android systems with ARM processors.
Users have successfully deployed BackTrack 5 on Samsung Galaxy S and Sony Xperia smart phones. However, there are still some issues with these systems and not all features are available. There are known issues with wireless drivers on ARM-based systems including lack of support, for WiFi packet injection.
Figure 2. BackTrack 5 on a Motorola Atrix 4G. [Courtesy: backtrack-linux.org]
Anant Srivastava, a Mumbai-based software developer and member of the null community, was one of the first to successfully run BackTrack 5 on a Sony Xperia X10. Srivastava used a rooted Xperia x10 running Android 2.2 (Froyo) with an Android terminal application and an Android VNC viewer.
Figure 3. BackTrack 5 running on a Sony Ericsson Xperia X10. [Courtesy: Anant Srivastava]
- Packaged tools
BackTrack 5’s arsenal of tools have been upgraded to the latest versions. BackTrack 5 comes preloaded with tools for LAN and WLAN sniffing, vulnerability scanning, digital forensics and password cracking. The Metasploit exploit framework v3.7.0 has been packaged into BackTrack 5. The tools are organized into a comprehensive menu structure, streamlined to comply with the PTES and OSSTMM standards.
BackTrack 5 promises to surpass previous versions in terms of functionality and stability. However, users have raised concerns over the discontinued support for Ubuntu repositories. BackTrack 5 instead uses its own repositories, which have been benchmarked to work with its tools. The BackTrack 5 team justified this move by highlighting performance concerns when the custom features of BackTrack’s tools are used with other repositories, including corruption of the installation. There is no official support for any repository other than that which is provided by the developers.