Backtrack 5 contains different tools for exploitation, as discussed before about metasploit and armitage for this article i will discuss about fast track, however I have received different request to write more tutorial forarmitage, i will write for armitage too later. Fast Track is a compilation of custom developed tools that allowpenetration testers the ease of advanced penetration techniques in a relatively easy manner.
Some of these tools utilize the Metasploit framework in order to successfully create payloads, exploit systems, or interface within compromised systems.
If you are beginner and dont have any idea about vulnerability, payload and shell code than first read the article " Introduction to metasploit".
For this tutorial i will use backtrack 5, however you can use some other version(s).
How To Use Fast-Track For Payload Generation
There are three interface available for fast track on backtrack 5, i will show you how to generate payload by using fast track, you can use fast track web interface too for different purposes like auto-pwn. Follow the procedure.
· Click on Applications-->Backtrack-->Exploitation tools-->Network exploitation tools-->Fast-Track-->fasttrack-interactive
· You will get the first window that is menu windows, enter number 8 that is payload generator number.
· On the next window will ask you about payload enter number 2 that is "Reverse_TCP Meterpreter".
· Now we need to encode our payload so that it can easily bypass antivirus software's and IDS. I enter number 2 you can enter of your choice.
· On the next we have to enter IP address of the victim than port number, I have scanned my local network using nmap. Then select the type of payload either EXE or shell code.
· Now a file name payload.exe has been created, you can get the file by going on filesystem-->pentest>exploit-->fasttrack-->payload.exe.
· Use some social engineering technique to run this payload on the victim box than on the fast-track window start listing your payload to get the hack done. When everything is fine you will get the command window of the victim.