Wednesday, January 13, 2010

BackTrack 4 Final First Impressions

I just finished installing BackTrack 4 Final and I thought I would list some of my initial impressions of it here.

I performed a fresh install of BackTrack 4 Final, over the top of my old BackTrack 4 PreFinal install.  Apparently an upgrade is possible (according to this) but it sounds like it might cause some small niggles so I decided to go with the fresh install option.

Theres a few things that immediately stand out as being different from BT 4 PreFinal. 

The most obvious change is the new desktop background, featuring the familiar dragon with some new features added.

BT4 Final still uses the Ubiquity installer, launched via a icon on the desktop, however this time during the very simple installation (only 7 steps) we actually get the option to resize the existing partitions when we install, instead of having to delete all existing data.  This will be handy for dual boot installations.

The BT4 Final installer also no longer installs a limited privilege user to be used after the system is installed, and instead uses the root account with the familiar 'toor' password. 

I guess this will help prevent some of the confusion felt by new users when they try and run programs that require root privileges, however I personally prefer NOT to run everything as root, so I created myself a new unprivileged user to use for logging in.
adduser lupin

And since /etc/sudoers comes preconfigured to allow members of the admin group to run any program via sudo, I enabled sudo access for my new user by adding them to the admin group.

usermod --groups admin lupin

Where it previously had a local copy of the milw0rm exploit database, BackTrack now has a local copy of the exploit-db, which was created a little while back to fill the void when milw0rm stopped receiving new exploits.  There is also a script to update the exploits stored locally.

A number of things also appear to be the same as in BackTrack 4 PreFinal. 

The general KDE menu structure and layout of the /pentest directory seems the same as in BT4 Prefinal.  There are apparently new and custom tools added to this edition, but I haven't been able to immediately identify them. Thats hardly surprising though when you consider the sheer number of tools that BackTrack has included.

There also still doesn't appear to be any method to automatically update the system when security related patches are released.  If you are running BT4 Final as an installed system you will need to make use of the following commands (run as root) to keep your system up to date.  These will update your system from the Offensive Security repositories.  You might want to delay trying to acess the repositories at the moment however, as they seem to be under quite a load, what with the recently release of the new BackTrack version.

apt-get update
apt-get upgrade

Like in every other BaackTrack edition before it, in BackTrack 4 Final networking is not started by default.  The reasoning behind this is in order to not send DHCP messages onto client networks during a pentest.  On the system I have BackTrack 4 Final installed on, I do like to start networking automatically, and you can do this too via the following commands run as root.

Start networking automatically:

update-rc.d defaults networking

Start  wicd service automatically (this provides GUI based wireless network configuration, and will auto connect to any wireless network you have configured for connection in the wicd GUI):

update-rc.d defaults wicd

The BackTrack GUI desktop is also not started by default.  Personally, although I use the command line a lot, I always boot the GUI so I can easily switch between multiple command line windows and browse the web, so I automatically start the GUI using kdm.  Run the following as root to do this (make sure you have Internet connectivity first):

apt-get install kdm

Within Firefox, we also have many of the same addons as were installed in BT4 Prefinal, including NoScript (which is THE must have addon for Firefox - I never browse without it), as well as Tamper Data, HackBar, GreaseMonkey, Firebug and FoxyProxy Standard.  Apart from NoScript, the majority of these start off disabled, so you need to Enable them in your AddOns window to make use of them.

We also see that the Desktop path is set to the users home directory as it was in BT4 PreFinal.  I personally find this annoying, because every file that gets created in your home folder then ends up on the desktop, leading (in my case at least) to very rapid clutter.  I create a Desktop folder under my home directory and set the Desktop location to this new folder using the K->System->Settings->System Administration->Paths menu option.

BackTrack 4 also uses the basic version of vi that seems to come preinstalled on all Linux distributions, which I always replace with vim (vi improved).

apt-get install vim

I will be playing with BackTrack 4 Final a bit more over the next few days to see what else has changed and what other customisations I may need to make.  Already, I think that there might be a few missing menu options for my new unpriviliged user that I might have to move over from the the root users .kde3 folder and reconfigure to run as sudo.  I am also having an issue with my mouse pointer deforming under certain circumstances that I will have to look into.

All in all however, it seems like the BackTrack Team has done a good job on this release and I congratulate them on their success.