How To Fix BeEf Framework on Backtrack 5 R3

If you use Backtrack 5 r3, maybe you will find some trouble in Beef Framework when you run it. It won't work by default because it requires some works. The ruby gems need to be properly installed before before you can install and run this framework.

To install the ruby gems required, try this statements on the command line:
First, you must go to the beef directory
- cd /pentest/web/beef
- gem install --user-install bundler
- bundle install

When it's finished,
Just Open the beef installer that located in menu Backtrack -> Exploitation Tools -> Social Engineering Tools -> Beef XSS Framework -> Beef Installer
Then Just wait the process.
If the process has finished, try to open Beef again and it should be run normally.

Source: http://redmine.backtrack-linux.org:8080/issues/796
Note : So sorry if my English not good ^^

BC ( Basic Calculator)

BC is an arbitrary precision calculator language" with syntax similar to the C programming language. bc is typically used as either a mathematical scripting language or as an interactive mathematical shell. A typical interactive usage is typing the command bc on a Unix command prompt and entering a mathematical expression, such as (1 + 3) * 2, whereupon 8 will be output. While bc can work with arbitrary precision, it actually defaults to zero digits after the decimal point - so the expression 2/3 yields 0. This can surprise new bc users unaware of this fact. The "-l" option to bc sets the default scale (digits after the decimal point) to 20, and adds several additional mathematical functions to the language.

Computer Forensics (Practical)

In this article, i will try to do some recovery file. 

Ok, i have one file for practice this forensics. 

Next, i try to clone that file by using a command dd if=practical.floppy.dd of=/dev/fd0

i try to clone the practical.floppy.dd to the /dev directory. And the output filename is tesforensic.  If succesfull, let's see the output file on the dev directory.

Well it's success. Next i make a directory penyidik inside the root directory and directory analisa inside the /mnt directory

Next, i try to determining the structure of the disk of sda.

From the picture above, i can see the information of the sda disk. 

Next i try to redirect the information above to a file. i put that file in penyidik directory. I give that file with name fdisk.disk1.

Slack Space

Slack space is a part of hard of hard drive that are not fully used with the current allocated file and which may contain data from the previously deleted file of for simple word, slack space is thw wasted space from hard drive.

From the picture above, saving a 768 byte file (named User_File.txt) requires only sector 1 and 1/2 of sector 2 in the cluster.  Depending on the operating system, the remaining 256 bytes in sector 2 might be filled with 1′s or 0′s or might simply remain intact.  Both sectors 3 and 4 would not be overwritten and are thus considered slack space.

Structure File HTML

The structured of HTML file that contains html codes are : doctype tag, html tag, head tag, and body tag. The html file usually started with command <html> and ends with </html>. And between <head> and </head> that was inserted tag description, keyword and title. Then the commands of html inserted between <body> and </body>.

The basic structure of Tag HTML was like this :

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
      <head>
            <title>Structure of HTML</title>
            <meta name="description" content="Basic Tutorial  tag HTML">
            <meta name="keywords" content="code html, tag html, sintax html">
      </head>
      <body>
            ... tag html (html codes)
            ...
     </body>
</html>

1. Doctype 

 Tag Doctype is used to explain the version of HTML on the script that we have made. The location on the top part of file.

 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

2. HTML

This tag used to open and close the document of HTML

 <html> ......... </html> 

3. Head

This tag used to write the caption of HTML document. The contents between this tag will not be visible on the page.

<head>..........</head>  

The tags that located in head tags, there are:

• Title, this tag used to write the page title. This title will show when you open the web page on your browser, not in your web page. 

<title>Pariwisata di Lombok </title> 

• Meta Command for Description, the function is to give the caption about your web page. 

<meta name="description" content="Basic tutorial of HTML">

• Meta Command for Keywords, the function is to be the keywords for the page file HTML. This keywords usually types by the visitor in the search engine to find the web pages. 

<meta name="keywords" content="html code, tag html, sintax html">

4. Body
  This tag is used to write the tags that will be the contains of the blog.

<body>
    ... tag html (html codes)
    ...
    ...
</body>

Unallocated Space

Unallocated space is logical space on a hard drive that the operating system, which can write to. On the other word, it is the opposite of “allocated” space, which is where the operating system has already written files to.

If the operating system writes a file to a certain space on the hard drive that part of the drive is now “allocated”, as the file is using it the space, and no other files can be written to that section. If that file is deleted then that part of the hard drive is no longer required to be “allocated” it becomes unallocated. This means that  new files can now be re-written to that location.

Magic Number

Magic Number is a constant numerical or text value used to identify a file format or protocol. Detecting constants in files is a simple way of distinguishing between file formats, basically every file has an header and a footer in order to get correctly recognized, for example a pdf file starts with “%PDF” and ends with “%EOF” while a jpeg image file begins with “0xFFD8” and ends with “0xFFD9”. These constants are called magic numbers.