Photo by Benjamin Sow on Unsplash

Photo by Benjamin Sow on Unsplash

Guarding against social engineering attacks


Article from ADMIN 52/2019
BackBox Linux includes the Social-Engineer Toolkit, which prepares you to keep social engineering attacks at bay, and now you can run it from an Amazon Web Services machine image.

A piece of news piqued my interest the other day. The security suite BackBox Linux had become available on Amazon Web Services (AWS) as a Amazon machine image (AMI). One link led to another, and on my expedition, I became entangled with one of its many excellent security tools. Specifically, one that focuses on "human hacking," otherwise known as social engineering. Some claim [1] that social engineering is the biggest threat to business, so staff training is of paramount importance.

Before delving into social engineering, however, I'll look a little more closely at BackBox Linux [2]. As you'd expect from the name, it's open source and describes itself as being "more than an operating system, it is a Free Open Source Community Project with the aim of promoting the culture of security."

Bundled with lots of penetration testing and security assessment tools and built on an Ubuntu core, BackBox Linux offers the ability to investigate a wide range of cybersecurity issues, ranging "from web application analysis to network analysis, stress tests, sniffing, vulnerability assessment, computer forensic analysis, automotive and exploitation."

In this article, I look at BackBox Linux and what is necessary to run it as an AMI on AWS Marketplace. After a quick look over some of its tools, I'll dig deeper into the Social-Engineer Toolkit that BackBox carries in its arsenal.

Get Back

As you might guess, BackBox Linux simply contains too many tools to examine at any great level of detail. Certainly, it's a mature security toolkit that first appeared as a September 2010 release candidate. At the time of writing, the current version was 5.3, so you might see options or menus different from those I discuss here if you work on a different version.

BackBox Linux includes the familiar and slick Xfce desktop manager [3], which makes accessing all of your preferred tools easy. BackBox also promises a number of performance tweaks to boost its boot time and a sprinkling of configurations that help maintain its minimal footprint. If you're interested in contributing, the developers will accept custom packages in the form of a Personal Package Archive (PPA) [4] to be offered on Launchpad. To get started, download BackBox Linux [5] (i386 or amd64) and install it locally.

To access the AWS version of BackBox Linux, the team asks you to pre-register as a member for a very reasonable membership fee or submit a request for the service [6]. The idea is that professional penetration testers are the most likely people to want AWS access to a cloud installation. At the time of writing, a one-year membership was EUR10 and EUR5 per year thereafter.

Alongside many options (e.g., news feeds and the latest exploits), you'll find a comprehensive website [7] with a forum, blog, and Telegram group. You should check out the BackBox website to increase your knowledge of the penetration testing space.

Getting Your Hands Dirty

I decided to try BackBox Linux on VirtualBox, so on the download page, I selected ISO and chose a mirror (Figure 1). Although it's important to donate to projects like BackBox Linux, if you can't then entering a 0 in the donation field will still allow you to download the ISO. Once downloaded, your disk space will be 2.2GB lighter.

Figure 1: The download options with the SHA256 checksum to make sure it matches the reported checksum on the site.

Be sure to check the hash reported by your SHA256 checksum tool with the listed checksum to verify that you have indeed downloaded the correct file and it has not been tampered with en route:

$ sha256sum backbox-5.3-amd64.iso

The checksum in Figure 1 matches my download, so all is well.

UEFI Secure Boot

Because I chose to use VirtualBox on a laptop (Linux Mint Ubuntu 16.04 derivative) with UEFI, I had to install a new Machine Owner Key (MOK) after a reboot. To do this, I set a password for the VirtualBox package at installation and then choose the install a key from disk or similar option at boot.

If you're unfamiliar with this process in VirtualBox, or something does go horribly wrong (your machine will still boot happily if this bit messes up), a blog post by ÿyvind Stegard should help you get on track [8]. Thankfully I hadn't forgotten the UEFI password, and the software behaved perfectly. It installed the MOK without any issues and booted up fine.

If, like me, you're installing VirtualBox on a Debian derivative, I installed the following packages:

  • libgsoap-2.8.60
  • libvncserver1
  • virtualbox
  • virtualbox-dkms
  • libqt5opengl5
  • libqt5printsupport5
  • virtualbox-qt

To prevent system bloat, I generally keep note of any packages I install, so I can clean up after myself when I'm finished with a project.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=