Compared to other major Linux distributions, Linux Backtrack is relatively new (first beta version appeared on February 2006). It originated from the merger of two former pentesting distributions, namely WHAX and Auditor Security Collection. Back then, Backtrack was based on Slackware and encompassed a big database of drivers to make it run out of the box. The ISO image for live discs was the first appearance of Backtrack and soon, Offensive Security provided an USB version of Backtrack for installing on flash drivers.
Ever since, Backtrack acquired a lot of attention, with many people fascinated about the great integration of security tools almost like an all-in-one, but criticism didn’t lack too. People wanted their work saved. Many too new or too old hardware didn’t work and professionals were saying it isn’t a full operating system, no support for package management, etc. This and many more issues forced the Backtrack developers to add support for installing it on hard drives, ability to save changes and stuff like that. Ultimately, they changed from Slackware-based to Ubuntu-based, utilizing the full power of apt-get, creating package repositories and making the installation point and click. There is still much discussion in the community if Backtrack may or may not be a full operating system, but in my opinion (although it may be arguable that it’s not), it still makes you wonder why if it can do everything that other major distros do, people still consider it not to be a full operating system?
Install and Run
The easiest way to getting started with Backtrack is to burn the ISO-image on a CD (the latest version of Backtrack, Backtrack 4 needs a dvd) and boot your PC from it. If you want Backtrack on your usb stick, you can either use a software called UNetbootin or copy the files from the Livedisc onto the flash drive and make it bootable. Both methods are covered on the official Backtrack website (here and here respectively). Booting your Backtrack will land you on a command prompt which you can use to work with, but I prefer the comfort of kde so I type startx to get x-server started. Even the latest backrack is still using kde 3.5, which for us old gurus is in favorite of the newer kde 4 (one of the main arguments being that kde 4 uses way much more ressources than its preceedor).
The file structure is essentially the same as in other linux distros, with one additional directory on the root directory called pentest. This directory essentially holds all the tools that make Backtrack an effective OS for doing heavy penetration tests. You can access the tools from that directory, or take the short way (like me) and go to the menu on the panel, where all the tools are easily accessible.
All these security tools in the pentest directory are categorized in subdirectories based on what type the tool is and what it does. Several subdirectories include:
- enumeration varius information gathering tools
- scanners different port, vulnerability and other type of scanners
- sniffers packet sniffers for passive information gathering
- exploits exploitation utilities
- passwords password crackers etc.
Besides this small difference, Backtrack in its core reassembles the usual attributes of a Linux Operating System.
Backtrack includes all of the known (and not so known) security tools used by hackers, pentesters and even script kiddies like: The Metasploit Framework, Burpsuite, Maltego, Dradis, Nmap, ng Wireless Cracking suite etc. Besides that, Backtrack also has different services integrated like httpd, mysql, ssh, tftpd, vnc etc all accessible from the menu on the panel.They are used for quick testing when auditing source code and other stuff. Backtrack also has wine already installed, to access windows drives and run windows programs.
Most of the time you will be accessing these tools through the menu on the panel. Selecting your tool of choice will either launch the gui of it (if available) or a terminal window will open with the working directory being the directory which actually holds the tool. Also when there is no gui, Backtrack will launch the tool’s help page alongside the terminal window so you can instantly see the specific options to that tool.
Backtrack being now based on Ubuntu uses apt-get to keep itself up to date.It maintains its own repositories on offensive-security.com which are enabled by default. You can also add Ubuntu repositories but they need a little tweaking sometimes to make them run.