Thứ Bảy, 23 tháng 11, 2013

Hướng Dẫn Thực Hành - BackTrack 5 : Lesson 11- How to Enable Tamper Data

{ How to Enable Tamper Data }

Section 0. Background Information
  • What is tamper data?
    • Tamper Data is a Firefox Extension which gives you the power to view, record and modify outgoing HTTP/HTTPS requests (headers and post parameters)
  • Pre-Requisite Lab
    1. BackTrack: Lesson 1: Installing BackTrack 5 
      • Note: This is not absolutely necessary, but if you are a computer security student or professional, you should have a BackTrack VM.
  • Lab Notes
    • In this lab we will do the following:
      1. We will enable Tamper Data in Firefox on BackTrack 5R1.
  •  
Section 1. Configure BackTrack Virtual Machine Settings
  1. Edit the BackTrack5R1 VM
    • Instructions:
      1. Select BackTrack5R1 VM
      2. Click Edit virtual machine settings
  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Network Adapter
      2. Click on the Bridged Radio button
      3. Click on the OK Button

Section 2. Play and Login to BackTrack
  1. Play the BackTrack5R1 VM
    • Instructions:
      1. Click on the BackTrack5R1 VM
      2. Click on Play virtual machine
  2. Login to BackTrack
    • Instructions:
      1. Login: root
      2. Password: toor or <whatever you changed it to>.
  3. Bring up the GNOME
    • Instructions:
      1. Type startx

Section 3. Open Console Terminal and Retrieve IP Address
  1. On BackTrack, Start up a terminal window
    • Instructions:
      1. Click on the Terminal Window
  2. Obtain the IP Address
    • Instructions:
      1. ifconfig -a
    • Note(FYI):
      • My IP address 192.168.1.109.
      • In your case, it will probably be different.
      • This is the machine that will be use to attack the victim machine (Metasploitable).
Section 4. Enable Tamper Data
  1. Start Firefox
    • Instructions:
      1. Click on Firefox
     
  2. Select Add-ons
    • Instructions:
      1. Tools --> Add-ons
  3. Enable Tamper Data
    • Instructions:
      1. Click on Extensions
      2. Click on Tamper Data Enable Button
  4. Restart Firefox
    • Instructions:
      1. Click Restart Now (See Picture)

Section 15. Proof of Lab
  1. Proof of Lab, (On a BackTrack Terminal)
    • Instructions:
      1. find /root/.mozilla/firefox/* -name "localstore.rdf" | xargs grep -i tamper | wc -l
        • find /root/.mozilla/firefox/*, Search the (/root/.mozilla/firefox/) path
        • -name "localstore.rdf", Search for the file (localstore.rdf).
        • xargs grep -i tamper, Search for the string (tamper) and ignore case.
        • wc -l, Count the number of results.
      2. date
      3. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • e.g., echo "John Gray"
    • Proof of Lab Instructions:
      1. Do a PrtScn
      2. Paste into a word document
      3. Upload to website www.antoanthongtin.edu.vn

Không có nhận xét nào:

Đăng nhận xét