SoftTrick

Cracking iOS Passwords I’d venture to guess that many phone and tablet passwords ( really, they’re just 4-digit PINs) can be guessed outright. A mobile device gets lost or stolen and all the person recovering it has to do is try some basic number combinations such as 1234, 1212, or 0000. Soon, voilà! — the system is unlocked. Many phones and tablets running iOS, Android, and Blackberry OS are configured to wipe the device if the incorrect password is entered X number of times (often 10 failed attempts). A reasonable security control indeed. But what else can be done? Some commercial tools can be used to crack simple passwords/PINs and recover information from lost or stolen devices or devices undergoing a forensics investigation.

Tracing the Location You would need to know the IP address of the webserver in order to trace the exact location. There are several methods to figure it out. We will use the simplest one, that is, the ping command. Ping command sends icmp echo requests to check if the website is up. It’s used for network troubleshooting purposes.

Installing BackTrack on Your Hard Drive If you run BackTrack from VMware or virtual box, any changes you made would be removed after rebooting; to solve this issue, we need to install BackTrack on the hard drive.

What Is BackTrack? So now that you are familiar with Linux, let me introduce you to BackTrack. BackTrack is a Linux penetration testing distro developed by Offensive Security especially for ethical hackers and penetration testers. It contains all the popular tools and software used for pen testing a variety of services, networks, and devices. BackTrack 5 is the latest version of the Linux penetration testing distro at the time of writing this chapter. It comes in two flavors: Gnome and KDE. Gnome is an Ubuntu-based Linux operating system that has officially been introduced only in the latest version of BackTrack. Here is a screenshot of BackTrack 5.

File Permission in Linux Although there are already a lot of good security features built into Linux-based systems, based upon the need for proper permissions, I will go over the ways to assign permissions and show you some examples where modification may be necessary. Wrong file permission may open a door for attackers in your system. Group Permission Owner —The Owner permissions apply only the owner of the file or directory; they will not impact the actions of other users. Group —The Group permissions apply only to the group that has been assigned to the file or directory; they will not affect the actions of other users. All User/Other —The All Users permissions apply to all other users on the system; this is the permission group that you want to watch the most. Each file or directory has three basic permission types: Read —The Read permission refers to a user’s capability to read the contents of the file. Write —The Write permissions refer to a user’s capability

Linux Basics In order to become a good ethical hacker or penetration tester, you need to be conversant with Linux, which is by far one of the most powerful operating systems. Linux is really good for ethical hacking and penetration testing because it is compatible with a wide variety of related tools and software, whereas other operating systems such as Mac and Windows support fewer of these software and tools. In this chapter, I will teach you some of the very basics of operating a Linux OS. If you are already familiar with Linux basics, you can skip this chapter. One of the most common questions asked in many forums is “Which Linux distro should I use?” As there are tons of Linux distros such as Ubuntu, Fedora, Knoppix, and BackTrack you can use any Linux distro you want as all work in a similar manner. However, I suggest you use BackTrack if you really wish to dig deeper into this subject because it is all encompassing from a penetration tester’s perspective. Major