Finally the time has come. The BackBox Team proudly announces the major release of BackBox v5. It took long due to several development processes, but we worked hard and got through it.
In this major release we made some structural changes, we removed outdated tools and added new ones.
What’s new
New logo and identity
Updated Linux Kernel 4.8
Updated all hacking tools
System requirements
32-bit or 64-bit processor
1024 MB of system memory (RAM)
10 GB of disk space for installation
Graphics card capable of 800×600 resolution
DVD-ROM drive or USB port (3 GB)
The ISO images for both 32bit & 64bit can be downloaded from the official web site download section:
Becoming a member of our association will make you part of a group of people who share the same interests and whose goal is to promote and encourage the availability of cutting edge open-source security-oriented technologies. The small subscription fee enables us to keep on improving our Project and to plan official BackBox events.
Benefits of registered/paid membership:
Direct interaction with the BackBox core team to get support
Test and participate on the new BackBox beta release and new tools
Discount and vouchers for events and training courses
Access to the list of available job offers
And much more…
The price for the membership is €10.00 per Year and, if you join now, your membership will be valid up to december 2018.
Join the BackBox Community and be involved in our ambitious project!
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2017-06-05 11:40:152018-10-02 21:04:24BackBox Membership, now open
We noticed that CVE registration requires that the vendor should be notified of the issue raised. Yet, no one, neither the author of the exploit (FarazPajohan https://www.exploit-db.com/author/?a=8879) nor the person who claims to have exploited the system (Hosein Askari), did attempt to get in touch with us in relation to this discovery.
Having found his personal email, we approached Hosein Askari, the person who claimed to have exploited the system, asking him to prove what he stated in the CVE. So far, we haven’t heard back from him.
Said that, our team has worked to test the exploit in order to confirm whether the statement published at the following link were true or false:
Having clear in mind that our first and only interest is to test the CVE, we set up our target virtual machine running BackBox Linux v4.6 (the “vulnerable” version, according to the CVE), ready to perform all kind of tests to be sure that we leave no blank spaces.
On the attacker’s side, we downloaded the exploit from https://www.exploit-db.com/exploits/41781/ and compiled it with gcc. Once we got the binary, we executed the exploit against the target VM.
In the meanwhile, we monitored the health status of the target. The target VM didn’t feel the CPU consumption claimed in the CVE, rather it was in quite a healthy state.
We have performed several additional tests, both on BackBox 4.6 and the latest stable release 4.7. The result was absolutely negative: the system did not suffer any impairment, no crash occured and no anomalies in the CPU consumption/usage were detected.
Given our results, we have opened a dispute with Mitre (which you can find in the CVE page now) to declare the author’s statement to be untrue, with no foundations and no proof of concept. Moreover, the author even recycled an old exploit, which can be found here: https://www.exploit-db.com/exploits/41350/
Reading his description of the CVE, he refers to RFC1812 section 5.3.7. However, taking a look at RFC1812 section 5.3.7, it is specifically about routers. Below a snippet from the Introduction of https://tools.ietf.org/html/rfc1812 :
[...]
This memo defines and discusses requirements for devices that perform
the network layer forwarding function of the Internet protocol suite.
The Internet community usually refers to such devices as IP routers or
simply routers;
[...]
In conclusion, we state that the CVE-2017-7397 is completely false and based on imaginary assumptions, without any proof of concept. We have asked MITRE to revoke this CVE, marking it as false record.
We would like to invite anyone, including the author, to prove us otherwise. Also, we remind everyone that we are a Free Open Source Software Community and as such we will be delighted if someone will report us bugs and/or vulnerabilities on our system. In the end, this is what a community is made for.
Happy Hacking!
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2017-04-07 13:01:552018-10-02 21:06:18False CVE on BackBox 4.6 unmasked
The BackBox Team is pleased to announce the updated release of BackBox Linux, the version 4.7.
We thought to release a new minor version to give our users the opportunity to have a stable and up-to-date sytem till the next official major release, i.e. BackBox 5, stilll under development.
In this release we have fixed some minor bugs, updated the kernel stack, base system and tools.
The ISO images for 32bit & 64bit can be downloaded from the official web site download section:
BackBox Linux 5.2 released!
/in ReleasesThe BackBox Team is pleased to announce the updated release of BackBox Linux, the version 5.2.
In this release we have fixed some minor bugs, updated the kernel stack, base system and hacking tools.
What’s new
System requirements
The ISO images for both 32bit & 64bit can be downloaded from the official web site download section:
https://www.backbox.org/download
BackBox Linux 5.1 released!
/in ReleasesThe BackBox Team is pleased to announce the updated release of BackBox Linux, the version 5.1.
In this release we have fixed some minor bugs, updated the kernel stack, base system and tools.
What’s new
System requirements
The ISO images for both 32bit & 64bit can be downloaded from the official web site download section:
https://www.backbox.org/download
BackBox Linux 5 released!
/in ReleasesFinally the time has come. The BackBox Team proudly announces the major release of BackBox v5. It took long due to several development processes, but we worked hard and got through it.
In this major release we made some structural changes, we removed outdated tools and added new ones.
What’s new
System requirements
The ISO images for both 32bit & 64bit can be downloaded from the official web site download section:
https://www.backbox.org/download
BackBox Membership, now open
/in NewsOnline subscriptions to our association are officially open. Click here to join us.
Becoming a member of our association will make you part of a group of people who share the same interests and whose goal is to promote and encourage the availability of cutting edge open-source security-oriented technologies. The small subscription fee enables us to keep on improving our Project and to plan official BackBox events.
Benefits of registered/paid membership:
The price for the membership is €10.00 per Year and, if you join now, your membership will be valid up to december 2018.
Join the BackBox Community and be involved in our ambitious project!
False CVE on BackBox 4.6 unmasked
/in NewsA member of BackBox community brought to our attention the existence of CVE-2017-7397 asking if it were an actual vulnerability.
Short answer: No, it’s not.
Long answer: Here follows our analysis.
We started by taking a look at CVE requirements for new CVE submissions (http://cve.mitre.org/cve/request_id.html).
We noticed that CVE registration requires that the vendor should be notified of the issue raised. Yet, no one, neither the author of the exploit (FarazPajohan https://www.exploit-db.com/author/?a=8879) nor the person who claims to have exploited the system (Hosein Askari), did attempt to get in touch with us in relation to this discovery.
Having found his personal email, we approached Hosein Askari, the person who claimed to have exploited the system, asking him to prove what he stated in the CVE. So far, we haven’t heard back from him.
Said that, our team has worked to test the exploit in order to confirm whether the statement published at the following link were true or false:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7397
Having clear in mind that our first and only interest is to test the CVE, we set up our target virtual machine running BackBox Linux v4.6 (the “vulnerable” version, according to the CVE), ready to perform all kind of tests to be sure that we leave no blank spaces.
On the attacker’s side, we downloaded the exploit from https://www.exploit-db.com/exploits/41781/ and compiled it with gcc. Once we got the binary, we executed the exploit against the target VM.
In the meanwhile, we monitored the health status of the target. The target VM didn’t feel the CPU consumption claimed in the CVE, rather it was in quite a healthy state.
We have performed several additional tests, both on BackBox 4.6 and the latest stable release 4.7. The result was absolutely negative: the system did not suffer any impairment, no crash occured and no anomalies in the CPU consumption/usage were detected.
Given our results, we have opened a dispute with Mitre (which you can find in the CVE page now) to declare the author’s statement to be untrue, with no foundations and no proof of concept. Moreover, the author even recycled an old exploit, which can be found here: https://www.exploit-db.com/exploits/41350/
Reading his description of the CVE, he refers to RFC1812 section 5.3.7. However, taking a look at RFC1812 section 5.3.7, it is specifically about routers. Below a snippet from the Introduction of https://tools.ietf.org/html/rfc1812 :
[...]This memo defines and discusses requirements for devices that perform
the network layer forwarding function of the Internet protocol suite.
The Internet community usually refers to such devices as IP routers or
simply routers;
[...]
In conclusion, we state that the CVE-2017-7397 is completely false and based on imaginary assumptions, without any proof of concept. We have asked MITRE to revoke this CVE, marking it as false record.
We would like to invite anyone, including the author, to prove us otherwise. Also, we remind everyone that we are a Free Open Source Software Community and as such we will be delighted if someone will report us bugs and/or vulnerabilities on our system. In the end, this is what a community is made for.
Happy Hacking!
BackBox Linux 4.7 released!
/in ReleasesThe BackBox Team is pleased to announce the updated release of BackBox Linux, the version 4.7.
We thought to release a new minor version to give our users the opportunity to have a stable and up-to-date sytem till the next official major release, i.e. BackBox 5, stilll under development.
In this release we have fixed some minor bugs, updated the kernel stack, base system and tools.
The ISO images for 32bit & 64bit can be downloaded from the official web site download section:
https://www.backbox.org/download
What’s new
System requirements
Upgrade instructions
To upgrade from a previous version (BackBox 4.x) follow these instructions:
sudo apt-get updatesudo apt-get dist-upgrade
sudo apt-get install -f
sudo apt-get install --install-recommends linux-generic-lts-xenial xserver-xorg-core-lts-xenial xserver-xorg-lts-xenial xserver-xorg-video-all-lts-xenial xserver-xorg-input-all-lts-xenial libwayland-egl1-mesa-lts-xenial
sudo apt-get install ruby ruby-dev ruby2.1 ruby2.1-dev ruby2.2-dev ruby2.2 --reinstall
sudo apt-get purge ri1.9.1 ruby1.9.1 bundler libruby2.0 ruby2.0 ruby2.0-dev libruby1.9.1 ruby-full
sudo gem cleanup
sudo rm -rf /var/lib/gems/1.*
sudo rm -rf /var/lib/gems/2.0.*
sudo apt-get install backbox-default-settings backbox-desktop backbox-menu backbox-tools --reinstall
sudo apt-get install beef-project metasploit-framework whatweb wpscan setoolkit --reinstall
sudo apt-get autoremove --purge
sudo apt-get install openvas sqlite3
sudo openvas-launch sync
sudo openvas-launch start
sudo update-rc.d apache2 disable
sudo update-rc.d polipo disable
sudo update-rc.d openvas-gsa disable
sudo update-rc.d openvas-manager disable
sudo update-rc.d openvas-scanner disable
sudo apt-get autoremove --purge