Многие знают о таком дистрибутиве для проведения пентестов как Back Track. Однако не многие знаю, что на основе Arch так же есть дистрибутив, который позволяет проверить вашу корпоративную среду на уязвимости под названием BlackArch Linux. Так что же такое BlackArch и чем он может быть нам полезен?
BlackArch поддерживает архитектуру i686 и x86_64. По обещаниям разработчиков в будущем к ним добавится и поддержка ARM. В комплект при установке включено порядка 630 утилит для проведения пентеста и это число будет только увеличиваться. При этом хочется отметить одни из этих утилит под названием sploitctl. Она позволяет получать обновления самых свежих уязвимостей.
BlackArch можно загрузить в виде готового ISO-шника с выбором оконных менеджеров (dwm, Fluxbox, Openbox, wmii, i3, Awesome и Spectrwm).
Официальным спонсором разработки данного проекта является хакерская группа NullSecurity. В будущем они планируют расширять список утилит, а так же выпустить для всех этих программ документацию.
Честно говоря я еще не пользовался этой сборкой, но жутко интересно поставить и сравнить с более известным конкурентом BackTrack. Если вы когда либо пользовались BlackArch, то предлагаю оставлять свои комментарии.
Joomla! Debug Console
session.client.browser ⇒ Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
password_clear ⇒
groups ⇒
session.token ⇒ 5a8797fb6fe03f05460c35001c65495f
6.15 MB (6,450,960 Bytes)
73 Queries Logged
SELECT m.id, m.menutype, m.title, m.alias, m.note, m.path AS route, m.link, m.type, m.level, m.language,m.browserNav, m.access, m.params, m.home, m.img, m.template_style_id, m.component_id, m.parent_id,e.element as component
FROM j25_menu AS m
LEFT JOIN j25_extensions AS e
ON m.component_id = e.extension_id
WHERE m.published = 1
AND m.parent_id > 0
AND m.client_id = 0
ORDER BY m.lftSHOW FULL COLUMNS
FROM `j25_easyblog_configs`SELECT *
FROM j25_easyblog_configs
WHERE `name` = 'config'SHOW FULL COLUMNS
FROM `j25_easyblog_post`SELECT a.`id`
FROM j25_easyblog_post as a
WHERE a.`permalink` = 'blackarch:konkurent-backtrack-na-baze-arch'SELECT a.`id`
FROM j25_easyblog_post as a
WHERE a.`permalink` = 'blackarch-konkurent-backtrack-na-baze-arch'SELECT *
FROM j25_easyblog_post
WHERE `id` = '436'DELETE
FROM `j25_easyblog_mailq`
WHERE `status`='1'
AND DATEDIFF(NOW(), `created`) >= 7SELECT `id`
FROM `j25_easyblog_mailq`
WHERE `status` = 0
ORDER BY `created` ASC
LIMIT 5SELECT *
FROM `j25_easyblog_post`
WHERE `publish_up` <= '2025-05-15 14:03:04'
AND `published` = '2'
AND `ispending` = '0'
ORDER BY `id`
LIMIT 5UPDATE `j25_easyblog_post`
SET `published` = '0'
WHERE `publish_down` > `publish_up`
AND `publish_down` <= '2025-05-15 14:03:04'
AND `publish_down` != '0000-00-00 00:00:00'
AND `published` != '0'
AND `published` != '3'
AND `ispending` = '0'SELECT b.id
FROM j25_usergroups AS a
LEFT JOIN j25_usergroups AS b
ON b.lft <= a.lft
AND b.rgt >= a.rgt
WHERE a.id = 1SELECT a.rules
FROM j25_assets AS a
WHERE (a.id = 1)
GROUP BY a.id, a.rules, a.lftSHOW FULL COLUMNS
FROM `j25_assets`SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT b.rules
FROM j25_assets AS a
LEFT JOIN j25_assets AS b
ON b.lft <= a.lft
AND b.rgt >= a.rgt
WHERE (a.id = 1)
GROUP BY b.id, b.rules, b.lft
ORDER BY b.lftSHOW FULL COLUMNS
FROM `j25_easyblog_users`SELECT COUNT(*)
FROM `j25_easyblog_configs`
WHERE `name` = 'default'SELECT *
FROM j25_easyblog_configs
WHERE `name` = 'default'SELECT *
FROM `j25_easyblog_acl`
WHERE `published`=1
ORDER BY `id` ASCSELECT *
FROM `j25_easyblog_acl_group`
WHERE `content_id`='1'
AND `type`='
group'SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT id, keywords, description, indexing
FROM `j25_easyblog_meta`
WHERE content_id = '436'
and type = 'post'SELECT *
FROM j25_easyblog_post
WHERE `id` = '436'SHOW FULL COLUMNS
FROM `j25_easyblog_category`SELECT *
FROM j25_easyblog_category
WHERE `id` = '2'SELECT COUNT(1)
FROM `j25_easyblog_category`
WHERE `alias`='news'
AND `id`!='2'SELECT *
FROM j25_easyblog_post
WHERE `id` = '436'SELECT *
FROM j25_easyblog_category
WHERE `id` = '2'SELECT COUNT(1)
FROM `j25_easyblog_category`
WHERE `alias`='news'
AND `id`!='2'SHOW FULL COLUMNS
FROM `j25_discuss_users_history`INSERT INTO `j25_discuss_users_history` (`user_id`,`title`,`command`,`created`,`content_id`)
VALUES ('0','Viewed blog post, BlackArch: конкурент BackTrack на базе Arch.','easyblog.view.blog','2025-05-15 14:03:04','0')UPDATE j25_easyblog_post
SET `hits` = (`hits` + 1)
WHERE id = '436'SHOW FULL COLUMNS
FROM `j25_komento_configs`SELECT *
FROM j25_komento_configs
WHERE `component` = 'com_komento'SELECT COUNT(1)
FROM `j25_easyblog_featured`
WHERE `content_id` = '436'
AND `type` = 'post'SELECT a.`id`, a.`title`, a.`alias`
FROM `j25_easyblog_tag` AS a
LEFT JOIN `j25_easyblog_post_tag` AS b
ON a.`id` = b.`tag_id`
WHERE b.`post_id` = '436'
AND a.`published` = '1'
ORDER BY a.`title` ASCSELECT *
FROM j25_easyblog_users
WHERE `id` = '81'SHOW FULL COLUMNS
FROM `j25_users`SELECT *
FROM `j25_users`
WHERE `id` = 81SELECT `g`.`id`,`g`.`title`
FROM `j25_usergroups` AS g
INNER JOIN `j25_user_usergroup_map` AS m
ON m.group_id = g.id
WHERE `m`.`user_id` = 81SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT *
FROM j25_easyblog_category
WHERE `id` = '2'SELECT COUNT(1)
FROM `j25_easyblog_category`
WHERE `alias`='news'
AND `id`!='2'SELECT `title`
FROM `j25_easyblog_category`
WHERE `id` = '2'SHOW FULL COLUMNS
FROM `j25_easyblog_tag`SELECT *
FROM j25_easyblog_tag
WHERE `id` = '20'SELECT COUNT(1)
FROM `j25_easyblog_tag`
WHERE `alias`='linux'
AND `id`!='20'SELECT *
FROM j25_easyblog_tag
WHERE `id` = '6'SELECT COUNT(1)
FROM `j25_easyblog_tag`
WHERE `alias`='bezopasnost'
AND `id`!='6'SELECT id
FROM j25_assets
WHERE parent_id = 0SELECT *
FROM j25_tagmeta_rules
WHERE ( ( ('/easyblog/entry/blackarch-konkurent-backtrack-na-baze-arch?print=1&tmpl=component' REGEXP BINARY url)>0
AND (case_sensitive<>0)
AND (decode_url<>0)
AND (request_only<>0) ) OR ( ('/easyblog/entry/blackarch-konkurent-backtrack-na-baze-arch?print=1&tmpl=component' REGEXP BINARY url)>0
AND (case_sensitive<>0)
AND (decode_url=0)
AND (request_only<>0) ) OR ( ('https://networkdoc.ru/easyblog/entry/blackarch-konkurent-backtrack-na-baze-arch?print=1&tmpl=component' REGEXP BINARY url)>0
AND (case_sensitive<>0)
AND (decode_url<>0)
AND (request_only=0) ) OR ( ('https://networkdoc.ru/easyblog/entry/blackarch-konkurent-backtrack-na-baze-arch?print=1&tmpl=component' REGEXP BINARY url)>0
AND (case_sensitive<>0)
AND (decode_url=0)
AND (request_only=0) ) OR ( ('/easyblog/entry/blackarch-konkurent-backtrack-na-baze-arch?print=1&tmpl=component' REGEXP url)>0
AND (case_sensitive=0)
AND (decode_url<>0)
AND (request_only<>0) ) OR ( ('/easyblog/entry/blackarch-konkurent-backtrack-na-baze-arch?print=1&tmpl=component' REGEXP url)>0
AND (case_sensitive=0)
AND (decode_url=0)
AND (request_only<>0) ) OR ( ('https://networkdoc.ru/easyblog/entry/blackarch-konkurent-backtrack-na-baze-arch?print=1&tmpl=component' REGEXP url)>0
AND (case_sensitive=0)
AND (decode_url<>0)
AND (request_only=0) ) OR ( ('https://networkdoc.ru/easyblog/entry/blackarch-konkurent-backtrack-na-baze-arch?print=1&tmpl=component' REGEXP url)>0
AND (case_sensitive=0)
AND (decode_url=0)
AND (request_only=0) ) )
AND published=1
ORDER BY ordering
39 Query Types Logged, Sorted by Occurrences.
SELECT Tables:
25 × SELECT id
FROM j25_assets3 × SELECT COUNT(1)
FROM `j25_easyblog_category`3 × SELECT *
FROM j25_easyblog_post3 × SELECT *
FROM j25_easyblog_category2 × SELECT *
FROM j25_easyblog_tag2 × SELECT COUNT(1)
FROM `j25_easyblog_tag`2 × SELECT a.`id`
FROM j25_easyblog_post as a2 × SELECT *
FROM j25_easyblog_configs1 × SELECT a.`id`, a.`title`, a.`alias`
FROM `j25_easyblog_tag` AS a
LEFT JOIN `j25_easyblog_post_tag` AS b
ON a.`id` = b.`tag_id`1 × SELECT COUNT(1)
FROM `j25_easyblog_featured`1 × SELECT *
FROM j25_easyblog_users1 × SELECT `title`
FROM `j25_easyblog_category`1 × SELECT *
FROM j25_tagmeta_rules1 × SELECT *
FROM j25_komento_configs1 × SELECT `g`.`id`,`g`.`title`
FROM `j25_usergroups` AS g
INNER JOIN `j25_user_usergroup_map` AS m
ON m.group_id = g.id1 × SELECT *
FROM `j25_users`1 × SELECT *
FROM `j25_easyblog_acl_group`1 × SELECT b.id
FROM j25_usergroups AS a
LEFT JOIN j25_usergroups AS b
ON b.lft <= a.lft
AND b.rgt >= a.rgt1 × SELECT *
FROM `j25_easyblog_post`1 × SELECT `id`
FROM `j25_easyblog_mailq`1 × SELECT a.rules
FROM j25_assets AS a1 × SELECT b.rules
FROM j25_assets AS a
LEFT JOIN j25_assets AS b
ON b.lft <= a.lft
AND b.rgt >= a.rgt1 × SELECT m.id, m.menutype, m.title, m.alias, m.note, m.path AS route, m.link, m.type, m.level, m.language,m.browserNav, m.access, m.params, m.home, m.img, m.template_style_id, m.component_id, m.parent_id,e.element as component
FROM j25_menu AS m
LEFT JOIN j25_extensions AS e
ON m.component_id = e.extension_id1 × SELECT *
FROM `j25_easyblog_acl`1 × SELECT COUNT(*)
FROM `j25_easyblog_configs`1 × SELECT id, keywords, description, indexing
FROM `j25_easyblog_meta`
OTHER Tables:
1 × UPDATE j25_easyblog_post
SET `hits` = (`hits` + 1)1 × INSERT INTO `j25_discuss_users_history` (`user_id`,`title`,`command`,`created`,`content_id`)
VALUES ('0','Viewed blog post, BlackArch: конкурент BackTrack на базе Arch.','easyblog.view.blog','2025-05-15 14:03:04','0'1 × SHOW FULL COLUMNS
FROM `j25_komento_configs1 × SHOW FULL COLUMNS
FROM `j25_users1 × SHOW FULL COLUMNS
FROM `j25_easyblog_tag1 × SHOW FULL COLUMNS
FROM `j25_discuss_users_history1 × SHOW FULL COLUMNS
FROM `j25_easyblog_category1 × DELETE
FROM `j25_easyblog_mailq`1 × SHOW FULL COLUMNS
FROM `j25_easyblog_post1 × UPDATE `j25_easyblog_post`
SET `published` = '0'1 × SHOW FULL COLUMNS
FROM `j25_assets1 × SHOW FULL COLUMNS
FROM `j25_easyblog_users1 × SHOW FULL COLUMNS
FROM `j25_easyblog_configs