i know there are a lot of information about everything available in the internet
but im would be glad if you could add a section with information about pentest in the next version
i heard about "Penetration Tester's Open Source Toolkit" and maybe you could make a new version of this book for backtrack:D :D
the reason for my question is that you can decide which informations a relevant so the people cat learn as much as possible about pentesting

Sounds to me like you are asking for a clear cut set of instructions on how to hack some one or somebodies system. I for one will not provide any more info than this (www.google.com). Also I think its kind of grandios of you to ask for a book to be modified just so YOU can understand what is relevant and what is not. the "open source tool kit "book is a huge wealth of information. If your having trouble understanding that then you are putting the cart before the horse. Start small>grow big:)

no i did not mean that
if i want information about how to hack a system i know that google would satisfy me...
to the "Penetration Tester's Open Source Toolkit":
im not every time able to understand all... thats true but i think thats not just the context it could also be the language because i am form Germany
i just wanted to ask if it could be changed that it would a little bit more up to date... you know... things like programs which are not used in backtrack 2
so im sorry for the misunderstanding...:)

Maby then you should have inquried about a german translation of some material. that would have sounded much more legit. Back track 2 final was just released in march so there is not going to be a ton of spoonfed info on it since it is relativley new. I suggest reasearching each tool {I feel like I say this alot} one at a time and use google to translate the man pages for you. What I don't think some new kids understand is that back track is a compiled distro which includes mostly other peoples tools. granted there are some tools wrote by muts and the folks at remote exploit but for the most part they were nice enough to compile every thing we needed into one OS. so that means that every tool has a creator, a website and a manual some where in internet world. you must understand that pen testing is a borderline illegal subject on the internet when we are all anonymous:cool: so we can only advise and not write a book with special directions on how to bring down a network.:)

yeah
maybe there was a misunderstanding again :p
i dont need a translation into german i just said that its not every time quite easy to understand all properly
and i know this thing about backtrack..
i dont want to have information about all tools i wanted to ask for information about this whole subject..
and of course nobody wants an instruction on how to bring a system down...
i just want to understand a little bit more about this total topic
and obviously there is this thread for suggestions for the future so i think its clear that nobody wants now a new version..
so we can only advise and not write a book with special directions on how to bring down a network.
so does that mean you are a real pentester?

Its my Hobby. I dont do it for a living and I only legally test against my own network I have set up at home. I would say I'm pretty good at some types of testing and really lame at others. Im not denying you any help we are just cautious on this site for various reasons ,one of them being I enjoy it and we help each other in ethical ways and I dont want to see it shut down because we gave some 13 year old kid instructions on how to hack his dads wifi, then he gets on and downloads a porn torrent full of viruses and trogens ands it infects dads wireless vpn server/client with his work and next thing you know every hacker on the eastern sea board has a new identity and creditcard number......... this may sound extreme but we do not want to be responsible none the less. Tell us what you need help with specificly and i will try:D

ok^^
Its my Hobby.
thats pretty cool..
lets say i am a little bit older than 13 :p i switched to backtrack some time ago. first just with the live cd and than installed backtrack "1" to my hdd and after the release of backtrack 2 i immediately put it on my disk. and i followed this forum sometimes but never registered...
and i noticed that the people here are careful with information...
the whole point was about basement information about pentesting but if i have the next time a question i will ask you :D

Id say great sounds like you could be a asset to the clan.:DIn my experiance the best way to pentest is on your OWN sterile network{ive crashed a few times with nessus and metasploit]. then when you recive a error or somthing is jacked then ask and post the specific steps and errors so some one can duplicate your steps and help with the error.

your right but sometimes i scan the networks of friends... so i can learn more about scanners (i.e. nmap)
so what are you doing in your OWN network? if you can say that without giving small children tips about hacking their father :p
and of course i know that im not such an expert like you:D

the tools in the kde menu are in order for a reason. Im a advocate of the command line but the menu helps in the order. Im feeling "pure nice" today so here you go.

locate target-I.e. other computer on your net work
break wep and gain accses to AP
open whatever ports on AP you need. gain IP of Target computer.
If your testing from outside your network now go to another location and attack YOUR OWN SYSTEM from outside. you have opened specific ports on the router and used port forwarding to the computer of your choice. now scan for vunerabilities and OS and services. Next locate a exploit that matches the services that your target box is running. Something very important that novice's sometimes dont understand is your not breaking into a computer directly you are exploiting a vunerability in services that the computer is running to gain a shell or upload a .exe backdoor or whatever. Im not going to explain the tools because I fear i said to much already so If i did mother please delete this and reprimand me with a public verbal lashing and a swift kick in the ass.

Hint of working exploit
Internet Explorer createTextRange() Code Execution win32
This module exploits a code execution vulnerability in Microsoft Internet Explorer. Both IE6 and IE7 (Beta 2) are vulnerable. It will corrupt memory in a way, which, under certain circumstances, can lead to an invalid/corrupt table pointer dereference. EIP will point to a very remote, non-existent memory location. This module is the result of merging three different exploit submissions and has only been reliably tested against Windows XP SP2. This vulnerability was independently discovered by multiple parties. The heap spray method used by this exploit was pioneered by Skylined.

ok;)
that was informative
but are we allowed to write such things in this tread?
one more thing:D , are you very good in programming?

I Probably went to far. there are many types of programing so you must choose one to lean ruby, pearl ,bash scripting, python, java script, c++ and so on. you still have not eluded to what you are trying to do so I fear ive said to much

so we should stop posting ;)
i learning at the moment c++
i just want to understand the way how computers are working / communicating so that i can make my network secure and that i be able to hack my friends:D and of course that i can hack the government and Microsoft :D ;)
noo im just interested in this subject

last help here (http://tldp.org/LDP/Bash-Beginners-Guide/Bash-Beginners-Guide.pdf)

" but are we allowed to write such things in this tread?
one more thing:D , are you very good in programming?"

NO.......HERE WE DON'T SUPPORT ANY ILLEGAL ACTIVITIES.............:mad:
PLEASE BE CAREFUL WITH YOUR WORDS NEXT TIME...........:rolleyes:

if you need hints on programming maybe i can help you with my little knowledges...........

I never once said or helped him do any thing illegal.

"your right but sometimes i scan the networks of friends."....

not you purehate.....but .... network of friends.....only friends ????....you see what i mean ????

sorry im a little nervous tonight cause one of my cards go out of order...no way....

my apologize

Its all good bro. I wasnt sure if I was outa line so if I was someone tell me. Its so hard to be nice and legit. I missed the line about"scan the networks of friends" Just to let any one reading this know in some states in the US and in some countries Im sure It is against the law Just to be scanning. Im not sure why or if this is even enforced but you have been warned;)if this is you we will not help (http://en.wikipedia.org/wiki/Script_kiddie)

sorry
im very sorry that i made that trouble

" but are we allowed to write such things in this tread?
one more thing , are you very good in programming?"

NO.......HERE WE DON'T SUPPORT ANY ILLEGAL ACTIVITIES.............
PLEASE BE CAREFUL WITH YOUR WORDS NEXT TIME...........
what are you meaning with this
i just asked if we were away from "Feature requests" and than asked about his programming skills...
I never once said or helped him do any thing illegal.
thats absolutely true and i never asked about that
"your right but sometimes i scan the networks of friends."....

not you purehate.....but .... network of friends.....only friends ????....you see what i mean ????
????? yes the network of friends because they give me their ip
some states in the US and in some countries Im sure It is against the law Just to be scanning
i think in germany its legal to scan..
and i hope that i am not a script kiddie...
i just wanted to asked for information about pentesting in the new backtrack version

OK rules established .Hopefully no harm done. Lets just all be friends and hold hands across the world:)

that would be great...:)
finally i just want to learn something from you all

Willkommen im Forum! ;)

i will stick to english, so anyone here can understand... so you wannabe a l33t h4x0r? :D I think Johnny Long (the author of "Google Hacking") can say it better than me:

http://johnny.ihackstuff.com/faqs/frequently-asked-questions/how-can-i-become-a-professional-hacker.html

So, become an expert in window$, Linux (which you already have installed - good) and get to know some programming languages. C++ is a good point to start, i think. You are still young, 14. Right? So you have plenty of free time, right? Use it, and use it good. When you get older you will have other things to worry about.

To get some basics, Wikipedia is also an excellent point to start. Learn how computers are stick together, how they work, how they communicate. this is essential.

For testing purposes, you can also set up your own small "Hack Lab", try using VMWare on another computer on your network and set up another operating system as target for your attacks.

The reason the KDE menu is ordered is because it is used for penetration testing. This are the normal steps used for legal testing, so you have written permission from the owner to attack their network. You try to "pwn" their servers, and make a documentation about all the vulnerabilities and how you managed to get into their servers. So you can hack stuff, and best of it, you get paid for doing this.
If you like to have a closer look, see the BSI manual for doing penetration tests (german link):

http://www.bsi.de/literat/studien/pentest/penetrationstest.pdf

or at the english OSSTMM manual already included in Backtrack: Documents-->OSSTMM-->OSSTMM 2.2

or, use the every-time-favourite: google.
Have fun. If you still have questions, feel free to pm me.