Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,980 --> 00:00:03,020
Okay, now that we have Veil loaded,
2
00:00:03,440 --> 00:00:07,600
you can see it show us the main commands that you can use with Veil.
3
00:00:08,560 --> 00:00:11,500
So the first command is you can do 'exit' to exit.
4
00:00:12,080 --> 00:00:15,740
You can do 'info' to get information about specific tool.
5
00:00:16,020 --> 00:00:18,920
You can do 'List' to list the available tools.
6
00:00:19,120 --> 00:00:23,040
You can do 'update' to update Veil and this is very, very important
7
00:00:23,380 --> 00:00:28,680
because you always want to be up to date
when it comes to by passing antivirus programs
8
00:00:29,320 --> 00:00:32,780
and then you can do 'use' to use a tool.
9
00:00:33,860 --> 00:00:36,180
Now, let's start to using Veil-Evasion
10
00:00:36,280 --> 00:00:41,880
and as we do it, it's goinna become so easy and you'll be able to understand it more.
11
00:00:42,800 --> 00:00:48,260
Now Veil has two main tools and if we do a 'list', you'll be able to see them.
12
00:00:49,280 --> 00:00:54,200
So we have the first one, which is the one that we're interested in, which is called 'Evasion'
13
00:00:54,440 --> 00:00:58,900
and that's the one that generates undetectable backdoors for us.
14
00:00:59,480 --> 00:01:02,760
And then there is the second one, which is called 'Ordinance'
15
00:01:03,000 --> 00:01:07,540
and this tool generates the payloads that's used by 'Evasion',
16
00:01:07,540 --> 00:01:10,980
so you can look at this as a helper or a secondary tool.
17
00:01:11,600 --> 00:01:16,660
Now, what I mean by a payload is, a payload is the part of the code,
18
00:01:16,660 --> 00:01:19,507
of the backdoor that does the stuff that we want.
19
00:01:19,507 --> 00:01:21,720
That does the evil stuff, if you wanna say.
20
00:01:22,460 --> 00:01:25,120
So it's the part of the code that give us a reverse connection.
21
00:01:25,320 --> 00:01:29,580
It's the part of the code that download and execute something on the target computer.
22
00:01:29,860 --> 00:01:37,200
It's the part of the code that allow us to achieve what we want by executing that file
23
00:01:38,340 --> 00:01:41,180
and this is going to become more clear
as we start using Veil.
24
00:01:41,820 --> 00:01:45,100
Now, for now, we're interested into using 'Evasion'.
25
00:01:45,420 --> 00:01:51,900
So we're gonna do 'use 1' because that's the first tool, that's number one
26
00:01:52,660 --> 00:01:56,360
and as you can see, we have 'Veil-Evasion' loaded now.
27
00:01:56,540 --> 00:02:01,900
And as I said before, this used to be a standalone tool that you just downloaded on its own
28
00:02:01,900 --> 00:02:04,160
but now they have it all combined together.
29
00:02:04,780 --> 00:02:08,620
Now as you can see, the first thing that we get when we load 'Veil-Evasion'
30
00:02:08,620 --> 00:02:11,260
is the commands that you can run on this tool.
31
00:02:12,080 --> 00:02:17,340
So the first thing that we want to do is we
want to 'list' to see all the available payloads
32
00:02:18,460 --> 00:02:21,160
and as you can see, we have 41 different payloads
33
00:02:21,880 --> 00:02:25,680
and all of these payloads follow a certain naming pattern
34
00:02:26,120 --> 00:02:29,960
and you can see for example, let's take this example right here
35
00:02:29,960 --> 00:02:32,280
because that's the payload that I'm going to be using.
36
00:02:32,400 --> 00:02:35,600
You can see the payload is divided into three parts.
37
00:02:36,920 --> 00:02:43,320
The first part right here refers to the programming language that's the payload is going to be wrapped in.
38
00:02:43,660 --> 00:02:49,540
So we have the evil code and then the evil code is going to be wrapped into a certain programming language
39
00:02:49,540 --> 00:02:51,580
that the target computer understands.
40
00:02:52,100 --> 00:02:56,340
And right here you can see that this payload uses 'Go' programming language.
41
00:02:56,340 --> 00:02:58,180
We can see this one uses C.
42
00:02:58,400 --> 00:03:00,400
We can see these ones you see CS.
43
00:03:00,400 --> 00:03:01,460
We have Python.
44
00:03:01,460 --> 00:03:04,380
We have PowerShell and we have Ruby, if we scroll down.
45
00:03:06,440 --> 00:03:09,340
The second part of the payload is really
important.
46
00:03:10,500 --> 00:03:17,560
This is the type of the payload, the type of the code that's going to be executed on the target computer.
47
00:03:19,240 --> 00:03:24,780
In this example, we're using 'Meterpreter', which is a payload designed by 'Metasploit'.
48
00:03:25,200 --> 00:03:29,760
'Metasploit' is a huge framework for hacking and it allows you to do a lot of things
49
00:03:29,760 --> 00:03:34,240
but in this lecture were focusing on creating a payload called 'Meterpreter'
50
00:03:34,240 --> 00:03:38,740
and what's really cool about 'Meterpreter' is it runs in the memory
51
00:03:38,740 --> 00:03:41,800
and it allow us to migrate between system processes,
52
00:03:41,800 --> 00:03:48,980
so we can have the payload or the backdoor running from a normal process like Explorer for example
53
00:03:49,360 --> 00:03:53,555
and this payload will allow us to gain full control over the target computer.
54
00:03:53,555 --> 00:03:57,900
So we'll be able to navigate through the file system, download, upload files,
55
00:03:57,900 --> 00:04:00,300
turn on the mic, turn on the webcam,
56
00:04:00,300 --> 00:04:04,160
even use that computer to hack other computers, install a key logger.
57
00:04:04,160 --> 00:04:06,640
You can literally do anything you can think of
58
00:04:06,780 --> 00:04:11,260
and all of this will be running from the memory, from a normal process on the system.
59
00:04:11,400 --> 00:04:14,820
So it's very hard to detect and it doesn't leave a lot of footprints.
60
00:04:15,760 --> 00:04:19,440
That's why it's a really, really cool payload and we'll be using it a lot.
61
00:04:21,120 --> 00:04:25,840
The third part of the name is the method that's going to be used to establish the connection.
62
00:04:26,380 --> 00:04:30,200
So in here you can see that this is called Rev HTTPS.
63
00:04:31,060 --> 00:04:38,720
So rev stands for 'Reverse' and HTTPS is the protocol that's going to be used to establish the connection.
64
00:04:38,720 --> 00:04:44,300
So we can see that this payload will create a reverse HTTPS connection.
65
00:04:45,420 --> 00:04:50,440
You can see this one right here for example, it creates a reverse HTTP connection
66
00:04:50,920 --> 00:04:55,280
and we have this one in here that creates a reverse TCP connection.
67
00:04:56,500 --> 00:05:00,820
Now, what I mean by reverse is the connection is going to come
68
00:05:00,820 --> 00:05:04,140
from the target computer to my own computer.
69
00:05:04,480 --> 00:05:07,600
So I won't be connecting to the computer that I want to hack.
70
00:05:08,140 --> 00:05:11,720
What's gonna happen is once the person double click's the backdoor,
71
00:05:11,720 --> 00:05:15,500
the backdoor will connect back to me from the target computer.
72
00:05:17,020 --> 00:05:21,340
What's cool about this is, I'll be able to bypass antivirus programs
73
00:05:21,340 --> 00:05:26,540
because the connection is not going to the target computer, it's coming back to my computer.
74
00:05:26,760 --> 00:05:30,540
So it's literally, as if the target person is just connecting to a normal website.
75
00:05:30,920 --> 00:05:34,600
I'm going to use a port that websites use which is 80 or 8080.
76
00:05:34,600 --> 00:05:37,360
So again, if the person analyzes the connection,
77
00:05:37,360 --> 00:05:41,140
it'll look as if they're literally, just connecting to a normal website.
78
00:05:41,920 --> 00:05:48,140
Also, if the target computer is hidden behind a router or behind a network, again, this is gonna work
79
00:05:48,300 --> 00:05:52,320
because the connection is coming from the target computer to me,
80
00:05:52,320 --> 00:05:54,640
instead of me connecting to the target computer.
81
00:05:55,300 --> 00:05:58,360
So using a reverse connection is really, really handy
82
00:05:58,360 --> 00:06:03,300
and I think this is really the only practical way of gaining access to your computer
83
00:06:03,300 --> 00:06:07,820
because there is a lot of things that can stop you from connecting to a certain computer.
84
00:06:09,500 --> 00:06:11,680
Now, this is the general naming pattern.
85
00:06:12,000 --> 00:06:17,440
You'll see some payloads like this one right here, which doesn't follow that general naming pattern
86
00:06:17,760 --> 00:06:23,900
and basically what these payloads do for example, you can see this one is called 'shellcode inject'.
87
00:06:24,260 --> 00:06:29,620
So what it's going to do is, it's going to create a payload that injects your other payload.
88
00:06:30,100 --> 00:06:32,040
So it's going to create a normal payload
89
00:06:32,340 --> 00:06:35,840
and that normal payload injects a 'Meterpreter payload' for example.
90
00:06:36,380 --> 00:06:39,180
Now, it does this to try to bypass more security
91
00:06:39,400 --> 00:06:45,100
but usually, they won't bypass more things
than the normal payloads would bypass.
92
00:06:45,320 --> 00:06:49,200
So that's why I usually just used one of
the normal payloads in here.
93
00:06:50,680 --> 00:06:51,600
So this is it.
94
00:06:51,600 --> 00:06:53,980
This is all about the payloads.
95
00:06:54,380 --> 00:06:55,620
Sorry, I took a bit of time
96
00:06:55,620 --> 00:06:59,100
but I wanted to make sure that you guys
understand the naming pattern.
97
00:06:59,300 --> 00:07:01,620
I wanted you to understand what a payload is
98
00:07:01,620 --> 00:07:05,060
and the difference between a 'reverse' and a 'bind' and a 'TCP' payload.
99
00:07:05,060 --> 00:07:09,020
This way you the rest of the course will become more clear to you
100
00:07:09,020 --> 00:07:12,460
and I can just use the payload that I want without explaining what it is.
101
00:07:13,220 --> 00:07:15,700
Now, in the next lecture, we're going to be generating a payload
102
00:07:15,980 --> 00:07:18,540
and we'll be testing it against antivirus
programs.
10197
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.