ComputerSecurityStudent (CSS) [Login] [Join Now]




|UNIX >> BackTrack >> BackTrack 5 R1 >> Current Page |Views: 15654

(BackTrack 5 R1: Lesson 11)

{ How to Enable Tamper Data }


Section 0. Background Information
  • What is tamper data?
    • Tamper Data is a Firefox Extension which gives you the power to view, record and modify outgoing HTTP/HTTPS requests (headers and post parameters)

  • Pre-Requisite Lab
    1. BackTrack: Lesson 1: Installing BackTrack 5 R1
      • Note: This is not absolutely necessary, but if you are a computer security student or professional, you should have a BackTrack VM.

  • Lab Notes
    • In this lab we will do the following:
      1. We will enable Tamper Data in Firefox on BackTrack 5R1.
  • Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2013 No content replication of any kind is allowed without express written permission.

     

Section 1: Configure BackTrack Virtual Machine Settings
  1. Edit the BackTrack5R1 VM
    • Instructions:
      1. Select BackTrack5R1 VM
      2. Click Edit virtual machine settings

     

  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Network Adapter
      2. Click on the Bridged Radio button
      3. Click on the OK Button

 

Section 2: Play and Login to BackTrack
  1. Play the BackTrack5R1 VM
    • Instructions:
      1. Click on the BackTrack5R1 VM
      2. Click on Play virtual machine

     

  2. Login to BackTrack
    • Instructions:
      1. Login: root
      2. Password: toor or <whatever you changed it to>.

     

  3. Bring up the GNOME
    • Instructions:
      1. Type startx

 

Section 3: Open Console Terminal and Retrieve IP Address
  1. On BackTrack, Start up a terminal window
    • Instructions:
      1. Click on the Terminal Window

     

  2. Obtain the IP Address
    • Instructions:
      1. ifconfig -a
    • Note(FYI):
      • My IP address 192.168.1.109.
      • In your case, it will probably be different.
      • This is the machine that will be use to attack the victim machine (Metasploitable).

     

Section 4: Enable Tamper Data
  1. Start Firefox
    • Instructions:
      1. Click on Firefox

     

  2. Select Add-ons
    • Instructions:
      1. Tools --> Add-ons

     

  3. Enable Tamper Data
    • Instructions:
      1. Click on Extensions
      2. Click on Tamper Data Enable Button

     

  4. Restart Firefox
    • Instructions:
      1. Click Restart Now (See Picture)

 

Section 15: Proof of Lab
  1. Proof of Lab, (On a BackTrack Terminal)
    • Instructions:
      1. find /root/.mozilla/firefox/* -print | xargs grep -i tamperdata 2>/dev/null | wc -l
        • find /root/.mozilla/firefox/*, Search the (/root/.mozilla/firefox/) path
        • xargs grep -i tamperdata, Search for the string (tamperdata) and ignore case (grep -i).
        • 2>/dev/null, Send standard error into a black hole .
        • wc -l, Count the number of results. Where (-l) is a lowercase L.
      2. date
      3. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • e.g., echo "John Gray"
    • Proof of Lab Instructions:
      1. Do a PrtScn
      2. Paste into a word document
      3. Upload to Moodle


Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth