Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,880 --> 00:00:07,390
Now before we dive into the course content I'd like to give you a teaser or a taste of what you'll be
2
00:00:07,390 --> 00:00:10,910
able to do by the end of the course.
3
00:00:11,080 --> 00:00:18,160
Now usually in my teens or lectures I'll give one example to show students what they'll be able to do
4
00:00:18,250 --> 00:00:19,870
once done with the course.
5
00:00:20,110 --> 00:00:26,760
But in this course you're going to learn so many cool things and we're going to build more than 20 hacking
6
00:00:26,770 --> 00:00:27,610
tools.
7
00:00:27,730 --> 00:00:32,690
So it's unfair and it's really hard for me to pick only one example.
8
00:00:33,710 --> 00:00:41,480
Therefore instead I'm going to show you three examples taken from the three main sections of the course.
9
00:00:41,510 --> 00:00:47,340
Now keep in mind each one of these sections is divided into a number of subsections.
10
00:00:47,510 --> 00:00:53,730
So these examples are only a small fraction of what you'll be able to do once done with the course.
11
00:00:53,900 --> 00:01:01,610
But I think they work really well to give you a taste of what you'll be able to achieve once done.
12
00:01:01,610 --> 00:01:03,950
Now since this is just a teaser.
13
00:01:03,950 --> 00:01:06,570
Don't worry about how these programs work.
14
00:01:06,620 --> 00:01:10,800
We will cover how to write these programs in details.
15
00:01:10,820 --> 00:01:15,030
So for now just sit back watch the lecture and enjoy it.
16
00:01:15,170 --> 00:01:19,670
And then once you start the course you will learn how to write all of these programs.
17
00:01:19,880 --> 00:01:22,610
And much much more.
18
00:01:22,840 --> 00:01:31,060
And the first example I'm going to use two programs the first one will allow us to intercept data sent
19
00:01:31,120 --> 00:01:35,340
or received by any computer on the same network.
20
00:01:36,400 --> 00:01:43,540
The second one will read this data and filter it to show us user names passwords visited you are elves
21
00:01:43,880 --> 00:01:44,930
and so on.
22
00:01:45,040 --> 00:01:50,580
We're going to write these programs ourselves from scratch later on in the course.
23
00:01:51,700 --> 00:01:55,050
Now these programs are running on my Hocker machine.
24
00:01:55,060 --> 00:02:01,890
So let's go to the target machine and try to generate some traffic and maybe log in to a service.
25
00:02:02,080 --> 00:02:06,340
I'm going to go to hotmail dot com and let's try to sign in.
26
00:02:06,370 --> 00:02:11,230
So I'm going to click on seinen and I'm just going to put some sample information.
27
00:02:11,290 --> 00:02:17,940
So I'm going to put a user name and the sample password and I'm going to hit enter.
28
00:02:18,030 --> 00:02:24,600
And now if we go back to the hacker machine you can see that first of all I can see all the requests
29
00:02:24,690 --> 00:02:31,440
I can see on the Web sites they're visiting and I can also see the user name and the password that they
30
00:02:31,440 --> 00:02:32,590
logged in with.
31
00:02:32,820 --> 00:02:35,210
So I can see the username was 822.
32
00:02:35,220 --> 00:02:42,920
I taught mail dot com and I can see the password was 1 2 3 4 5 6.
33
00:02:42,940 --> 00:02:49,960
The second example that I'm going to show you is a back door a back door is a program that was executed
34
00:02:50,020 --> 00:02:51,160
on a system.
35
00:02:51,160 --> 00:02:54,460
It allows us to remotely control that system.
36
00:02:54,460 --> 00:02:58,480
So basically hack it and gain full control over it.
37
00:02:58,540 --> 00:03:03,850
Now just like all the other tools would go we're going to program this from scratch and I'm going to
38
00:03:03,850 --> 00:03:09,820
show you how to write this in a generic way so that you can use the information you learn here in many
39
00:03:09,820 --> 00:03:10,720
scenarios.
40
00:03:10,720 --> 00:03:18,480
For example you'll be able to write a web server a chat program and so one now right here I'm already
41
00:03:18,480 --> 00:03:24,780
at the hype machine and as you can see it's already listening and waiting for incoming connections.
42
00:03:25,350 --> 00:03:30,500
Once the backdoor gets executed on a computer we will get a connection.
43
00:03:30,540 --> 00:03:38,010
As you can see here once we have that connection we'll be able to use all the features implemented in
44
00:03:38,010 --> 00:03:42,150
this backdoor which we're going to implement ourselves.
45
00:03:42,180 --> 00:03:44,790
So first of all I have file system access.
46
00:03:45,000 --> 00:03:50,070
So if I do a CD it'll show me my current working directory.
47
00:03:50,250 --> 00:03:54,050
And as you can see I'm in users Zayd downloads.
48
00:03:54,420 --> 00:03:58,780
That's basically because the back door is actually stored in this location.
49
00:03:59,760 --> 00:04:08,280
So I can see the dot dot to go back one directory and if I do see now to see where I might be can't
50
00:04:08,340 --> 00:04:17,190
see I'm in zayd and we can also execute all system commands and keep in mind this Pactor works on all
51
00:04:17,190 --> 00:04:18,540
operating systems.
52
00:04:18,540 --> 00:04:25,380
It works on Linux Windows and OS X so you can use the system command of your target and they will work
53
00:04:25,380 --> 00:04:26,540
by default.
54
00:04:26,910 --> 00:04:28,800
So right now my target is Windows.
55
00:04:28,890 --> 00:04:32,560
So if I wanted to list the directories I can do it there.
56
00:04:32,940 --> 00:04:39,710
And as you can see I get a list of all the files and directories in the current working directory.
57
00:04:39,720 --> 00:04:47,540
Now I can go back in downloads by doing CD downloads and a file list again in here.
58
00:04:47,670 --> 00:04:54,360
You'll see the files that we have in the downloads which are the back door and the JTR image which I
59
00:04:54,360 --> 00:04:55,600
have right here.
60
00:04:58,000 --> 00:05:03,370
Now we also want to highlight a feature that we're going to program which is the ability to download
61
00:05:03,370 --> 00:05:11,660
files so I'm just going to do download and I'm going to follow it by the file name that I want to download.
62
00:05:11,780 --> 00:05:12,760
And it's the image.
63
00:05:12,770 --> 00:05:16,970
So it's G.T. or GBG.
64
00:05:17,170 --> 00:05:21,250
And as you can see all see it automatically being downloaded in here.
65
00:05:21,430 --> 00:05:29,100
And if we double click this we have the image intact and we're able to open it now I'm downloading the
66
00:05:29,100 --> 00:05:35,400
image just as an example but it just goes to show you that you'll be able to download any files from
67
00:05:35,400 --> 00:05:36,570
the target system.
68
00:05:37,790 --> 00:05:43,370
You can also upload files which is really really useful because you'll be able to upload evil files
69
00:05:43,370 --> 00:05:45,990
viruses kill ogres and so on.
70
00:05:46,280 --> 00:05:53,140
And as an example I'm just going to rename this image to G.T. are to the AJP you.
71
00:05:53,470 --> 00:06:02,610
I am going to upload it so I'm going to do upload G.T. or two dot JP G.
72
00:06:04,480 --> 00:06:11,930
Now tell me the upload is successful and if we go here again you can see we have the new image.
73
00:06:12,230 --> 00:06:18,020
Now if this was an evil file because you're able to execute system commands from the back door you'll
74
00:06:18,020 --> 00:06:23,780
be able to just call it from here and execute it remotely on the target computer.
75
00:06:25,260 --> 00:06:30,250
The last example that I want to show you is a vulnerability scanner.
76
00:06:30,280 --> 00:06:36,970
This is a program that can automatically discover weaknesses in Web sites and web applications.
77
00:06:36,970 --> 00:06:43,600
So all you have to do is just give this program a website and first of all it's going to discover all
78
00:06:43,600 --> 00:06:47,530
the links and all the pages in the target website.
79
00:06:47,740 --> 00:06:55,240
Then for each one of these pages it's going to extract all the parameters and all the forms.
80
00:06:55,270 --> 00:07:03,920
And finally for each one of these parameters and forms it's going to submit code to discover vulnerabilities.
81
00:07:03,970 --> 00:07:07,840
Then once it's done it's going to show me the results.
82
00:07:07,930 --> 00:07:15,310
And as you can see it was able to discover an s s s vulnerability in here just like all the other programs
83
00:07:15,470 --> 00:07:19,050
were going to write this from scratch ourselves.
84
00:07:19,210 --> 00:07:24,460
So again don't worry about how this works and don't worry if you don't understand what the vulnerability
85
00:07:24,550 --> 00:07:29,130
is and all of that we will cover all of this later on in the course.
9234
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.