Friday, April 8, 2011

#7 - Installing FOCA in Wine On BackTrack or Ubuntu

Previously, we have discussed using FOCA to perform reconnaissance on a target company. FOCA is a windows-based tool. Some people would find this unfortunate. But, since BackTrack (our penetration testing linux distribution of choice) is Ubuntu-based, we smart hackers can install a Windows emulation environment called 'wine' to install Windows-based software. Here's how:
INSTALLING WINE IN UBUNTU / BACKTRACK
Wine is one of the easiest packages to get installed in Ubuntu. Simply open up a terminal and enter the following text to install wine:
sudo apt-get install wine
And, because we'll need 'rar' installed later on to handle an archive we download, enter the following text in the terminal to download and install 'rar'
sudo apt-get install unrar
That's it. You are ready to install some Windows applications.

Once you've confirmed Wine is installed, it's time to move onto downloading FOCA.

DOWNLOADING FOCA
You're going to need t trade your email address for a copy of FOCA. Now, now. Don't be frightened. The developers of FOCA simply want to ensure they know who's downloading it. Go this address http://www.informatica64.com/DownloadFOCA/
and enter your email address in the proper text box. You will receive an email detailing how to download FOCA.

DOWNLOADING DLLs THAT MAKE FOCA RUN IN WINE
Unfortunately, FOCA does not run “natively” in Wine, for lack of a better term. FOCA needs some extraneous dll's that are not part of the Wine environment, in order to run.
Lucky for you, the smart hacker, they are freely available on the web. Click on the following link and download the rar archive containing the dlls. RAR is the rough equivalent of ZIP files. Ubuntu should be able to handle them if you install the proper software. Download the DLLs in a rar archive:
https://sites.google.com/site/h4ckpl4y3s/DllsFOCA.rar
We'll use this rar archive later, but not until AFTER we install FOCA.
TEACHING OLD WINE NEW TRICKS
There is a script, called "winetricks" that will allow us to install a few extra Windows-based software that will let our Windows programs installed through Wine work better.
You can install "winetricks" by running the following command from the command line:
wget http://winetricks.org/winetricks

After you've downloaded "winetricks", you need to make the script executable by running the following command on the command line:
chmod 755 ./winetricks
Once you've made winetricks executable, then you'll need to run it and pass it a handful of packages that we need to install in order for FOCA to run in Wine. Those packages are dotnet20, fontfix and gdiplus. So, what we're going to do is run winetricks and pass it the packages we want to install.

./winetricks dotnet20 fontfix gdiplus


Once it's complete, you'll be returned to the command line.



INSTALLING FOCA IN WINE
Extract the FOCA_Free_2.6.1.zip file to a temporary folder. And then navigate to that folder in terminal, using the 'cd' command to get there.

Then, use the 'msiexec' command to run the Setup.msi file that was extracted.
msiexec /i ./Setup.msi
You will be walked through the installation wizard as seen below.

INSTALLING DLLs TO MAKE FOCA RUN IN WINE
Use Ubuntu's Nautilus file explorer, if you're using Ubuntu (or Konqueror, if you're running BackTrack or the Linux command line), and copy the rar archive containing the dll's we need to make FOCA run in Wine and paste it into the directory where FOCA was installed. 
Once you've pasted the DllsFOCA.rar file into the folder, simply right-click and choose the 'Extract Here' menu option. This will create a new folder called XXXX and dump the necessary DLLs into it. Now, just go into that folder, highlight all those DLL files, cut them from that folder and paste them into the “FOCA free” folder. Now, your FOCA install has all the necessary files for FOCA to run.

RUNNING FOCA IN WINE
Browse to: Wine ->  Program Files -> Informatica64 -> FOCA free
You should then you should be presented with FOCA's main page. Congratulations!
You're now running FOCA on your Ubuntu / BackTrack box!

13 comments:

  1. Excellent Tutorial! Worked from start to finish on BackTrack5

    Just wanted to note, when you go to copy the DLL's, you can do so from the command line like so:

    cp *.dll "/root/.wine/dosdevices/c:/Program Files/Informatica64/FOCA Free"

    ReplyDelete
  2. I am new to backtrack, can anyone post the command line for "Extract the FOCA_Free_2.6.1.zip file to a temporary folder. And then navigate to that folder in terminal, using the 'cd' command to get there"

    ReplyDelete
    Replies
    1. No, if you don't know how to do that, you shouldn't be using Backtrack...


      www.ubuntu.com -- go learn some more first.

      Delete
  3. Thanks for this informative tutorial.

    My only problem is that Foca gets stuck - the window greys out and I have to close it down. This happens when I am downloading or extrapolating the meta-data.

    I am using Foca 2.6 under Ubuntu 10.04.

    Any ideas? Many thanks.

    ReplyDelete
    Replies
    1. My first gut reaction is you might have an issue with wine libraries. There are ways to throw Wine into debug mode.

      My suggestion: put wine into full debug mode, fire up FOCA and capture the output from the debugging. Then google the last thing you see. Wine is usually very informative and can point you in the right direction where it's barfing.

      Delete
  4. Awesome post! I just followed your instructions and installed the latest version of Foca v3.1 on BackTrack 5R2 and it worked. Thanks and keep posting. You got a great blog here :)

    ReplyDelete
    Replies
    1. Thanks, Kelvin! Appreciate the enthusiasm!

      Delete
  5. Very nice.. saved me a lot of manual labor trying to figure out what was missing!!! :) Thanks!!

    ReplyDelete
  6. Legend .. absolute works in my BACKTRACK5R2 64 bits..
    thanks

    ReplyDelete
  7. Hello,
    Thanks for the tutorials.
    When tutorial #8 will be ready ? i could not find.

    Thanks

    ReplyDelete
  8. wineserver not found :(

    ReplyDelete
  9. INSTEAD OF GETTING A LOAN, CHECK OUT THE BLANK ATM CARD IN LESS THAN 24hours {blankatmhaker@gmail.com}

    Am Mark Oscar,I want to testify about Jack Robert blank ATM cards which can withdraw money from any ATM machines around the world. I was very poor before and have no hope then I saw so many testimony about how Jack Robert send them the ATM blank card and use it to collect money in any ATM machine and become rich. I also email him and he sent me the blank card. I have use it to get 70,000 dollars. withdraw the maximum of $5,000 daily. Jack Robert is giving out the card just to help the poor. Hack and take money directly from any ATM Machine Vault with the use of ATM Programmed Card which runs in automatic mode. email Him on how to get it now via: blankatmhaker@gmail.com or call/Text on +1(406) 350-4986

    ReplyDelete