Articles

Recovering deleted items is a common practice in computer forensics and data recovery services. Whether the data being recovered was accidentally or purposely deleted it still remains on the drive until it is overwritten. This is due to the simple fact that when a file is deleted only the references to the files location on the disk are erased from the Master File Table (MFT) or similar depending on what format you use. What this does is tell the OS that there is now free space that can be used on the hard drive, but the actual data still remains on the disk.

The process of installing Backtrack 3 Beta to a virtual machine is very similar to installing it to a real hard drive without the complexities of configuring a dual boot (LILO) MBR! I have found running Backtrack as a VMware appliance more useful than dual booting in most testing situations because you can just bounce back and forth between host and guest operating systems.

Open VMware Workstation and choose “new virtual machine”, the wizard will launch.

This is the second segment of a four part tutorial covering the most common situations in which ARP spoofing is utilized and the mechanics involved. In this segment I will cover a couple of man in the middle (MITM) attacks possible while ARP spoofing using the GUI version of Ettercap (available in Backtrack) . Please maintain your ethics and don’t misuse this information as it is for educational purposes, I am not responsible for any illegal activities!

How this tutorial is divided:

This is a four part tutorial covering the most common situations in which ARP spoofing is utilized and the mechanics involved. In this segment I will cover basic Ethernet sniffing utilizing tools available in Backtrack to capture plain text packets and read their content with Ettercap's GUI. Please maintain your ethics and dont misuse this information, I am not responsible for any illegal activities!

How this tutorial is divided:

Crack WPA using Cowpatty, aireplay, and airodump...

First, we need to get some information about the network. In this attack, we need a connected client.
Run the command