Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:01,140 --> 00:00:08,920
Now let's repeat the same step and same attacks that we explain on the previous lectures.
2
00:00:09,090 --> 00:00:15,760
But using meta sprite but before showing you how to do it let me just briefly about meters plot meters.
3
00:00:16,020 --> 00:00:22,920
It's an exploitation framework and in a simple way the same process that we did on the previous lectures
4
00:00:23,460 --> 00:00:31,110
getting's exploit searching for it online getting's exploit searching if any modification is needed
5
00:00:31,140 --> 00:00:32,630
and so on.
6
00:00:33,090 --> 00:00:35,570
We don't have to do that in me brought me at this point.
7
00:00:35,610 --> 00:00:40,950
It's a programs that import all those vulnerability and exploit from the same sources from the same
8
00:00:40,950 --> 00:00:44,620
web sites exploit D.B and security focus and so on.
9
00:00:44,910 --> 00:00:52,560
And he reads them and he combines them and he just so it just ask you for input.
10
00:00:52,830 --> 00:01:00,390
So if we are talking about our PC DICOM that would tried on Microsoft Windows before and instead of
11
00:01:00,760 --> 00:01:07,890
open getting's exploit and compile it and then using as ex-pro to open a port and then using NC to connect
12
00:01:08,370 --> 00:01:11,270
and all this complicated and this was a very easy one.
13
00:01:11,280 --> 00:01:17,490
Some of the other exploit like Android Strae stage fright.
14
00:01:17,490 --> 00:01:20,160
It was kind of complicated to do.
15
00:01:20,170 --> 00:01:21,120
It was not that easy.
16
00:01:21,120 --> 00:01:26,010
You have to go into the code and change and edit the video in a description showing you how hard is
17
00:01:26,010 --> 00:01:28,470
it to get advantage of such exploits.
18
00:01:28,950 --> 00:01:30,830
But what meter's plate can do for us.
19
00:01:30,870 --> 00:01:38,220
It can import zorse exploit and we can read them and that he would ask for IDS exploit and accordingly
20
00:01:38,220 --> 00:01:40,210
I need to have the victim IP.
21
00:01:40,230 --> 00:01:47,130
So you're right it might be I need to have a victim port to write downs of the port so it will definitely
22
00:01:47,130 --> 00:01:49,080
simplifies the process.
23
00:01:49,080 --> 00:01:50,760
Now let's see how to do that.
24
00:01:50,820 --> 00:01:52,180
And we can repeat the attack.
25
00:01:52,190 --> 00:01:53,220
And while we are doing that.
26
00:01:53,220 --> 00:01:59,160
I want you to compare what we are doing in this lecture with what we did on the first lecture on the
27
00:01:59,160 --> 00:02:06,900
section boss our same topic which is using a vulnerability an exploit to compromised system System B
28
00:02:07,290 --> 00:02:12,450
could be a Windows machine could be an Android device it could be a Linux machine concept applied.
29
00:02:12,780 --> 00:02:16,850
So the knowledge that you are getting here how to get familiar with Meet the spring.
30
00:02:17,010 --> 00:02:22,070
So I have a calendar next year and I have my victim machine in this exact same victim.
31
00:02:22,170 --> 00:02:24,280
You can transmit exploit in different way.
32
00:02:24,570 --> 00:02:33,890
You can write from application go to exploitation and you'll find the meter spreader as you can see.
33
00:02:33,900 --> 00:02:42,900
Meters Brodies is here or you can open a terminal and type a message config or because the tool is very
34
00:02:42,900 --> 00:02:45,040
important for penetration tester.
35
00:02:45,060 --> 00:02:48,390
They put a shortcut here on this tool on the desktop.
36
00:02:48,450 --> 00:02:49,780
So let's open it from here.
37
00:02:51,760 --> 00:02:53,450
So we open the tool.
38
00:02:53,470 --> 00:02:57,550
Sometimes it takes a few seconds until it load all the exploit.
39
00:02:57,550 --> 00:03:09,390
So you just need to give it some time until you finish loading everything.
40
00:03:09,550 --> 00:03:13,840
And we are waiting to get the MSF prompt.
41
00:03:13,950 --> 00:03:21,990
So I'm looking for the MSF prompt command line where I can write different commands that we can use
42
00:03:22,440 --> 00:03:30,100
now we're going to use some common that you going need to memorize but actually it's not about memorizing
43
00:03:30,110 --> 00:03:30,560
the comment.
44
00:03:30,580 --> 00:03:32,000
It's about the technique.
45
00:03:32,470 --> 00:03:39,850
So let's see as you can see this is a prompt from where we are typing the comment and let's search for
46
00:03:39,870 --> 00:03:40,740
ever an ability.
47
00:03:40,900 --> 00:03:49,240
So if you need to use this tool I'm assuming that you already spent some time checking about your victim
48
00:03:49,450 --> 00:03:50,640
so he knows the victim has.
49
00:03:50,650 --> 00:03:52,460
Which operating system is it Windows.
50
00:03:52,450 --> 00:03:53,230
Is it Android.
51
00:03:53,230 --> 00:03:54,620
Is it Linux.
52
00:03:54,640 --> 00:03:57,710
What port have what applications.
53
00:03:57,760 --> 00:04:04,030
And we spoke about that in unmap So there is a different way for knowing the platform of the victim
54
00:04:04,060 --> 00:04:07,620
and some gathering some information about the victim.
55
00:04:08,080 --> 00:04:13,420
And then you start searching in public web like security focus or exploit D-B.
56
00:04:13,600 --> 00:04:18,190
But my point is before using that tool you should have some information because what exactly will be
57
00:04:18,190 --> 00:04:25,480
searching for in my case I already knows that the victim has Windows XP and I know that one of the exploits
58
00:04:25,480 --> 00:04:30,280
that can be used for XP is the RBC Diccon.
59
00:04:30,700 --> 00:04:32,710
So I have a piece of information.
60
00:04:32,740 --> 00:04:39,200
My problem was I'm not very good working with public vulnerability and writing code and so on.
61
00:04:39,250 --> 00:04:47,330
So this is the case so he will get you all the vulnerability related to that and even a search for this
62
00:04:47,330 --> 00:04:51,490
specific one.
63
00:04:51,490 --> 00:04:58,170
I think this is one which is the exploit windows are PC Diccon.
64
00:04:58,180 --> 00:05:00,210
This is the ones that we are looking for.
65
00:05:00,490 --> 00:05:08,940
OK let's just increase the screen so we will be using it then you can just select this one
66
00:05:12,480 --> 00:05:14,810
and copy it.
67
00:05:15,300 --> 00:05:23,870
So I'm searching for my exploit and I type besides a prompt to use this exploit.
68
00:05:24,420 --> 00:05:31,380
So the first thing is research and types use this exploit and then you see that the prompt will change.
69
00:05:31,410 --> 00:05:35,880
Xon now any exploit may need an input.
70
00:05:35,880 --> 00:05:41,310
I mean I know that this is an effective explodes that can be used to hack system but he will not be
71
00:05:41,400 --> 00:05:47,280
smart enough to know which system I need to to set the IP I need to set the port some input will be
72
00:05:47,280 --> 00:05:48,540
needed from my site.
73
00:05:48,570 --> 00:05:51,060
How can I know what input is needed.
74
00:05:51,360 --> 00:05:58,410
Sometimes I only sometimes some other information like port or operating system but how can I know what
75
00:05:58,410 --> 00:06:05,200
information is needed to be able to use this exploit to hack our victim.
76
00:06:05,340 --> 00:06:11,570
You just type show options and show options.
77
00:06:12,170 --> 00:06:13,470
We'll show you.
78
00:06:13,940 --> 00:06:14,430
I'm sorry.
79
00:06:14,450 --> 00:06:14,990
Show
80
00:06:17,440 --> 00:06:20,310
options.
81
00:06:20,780 --> 00:06:27,390
It will show you all the inputs that you need to add to be able to disagree and see how easy it is certainly
82
00:06:27,450 --> 00:06:30,010
OK to be able to use this specific exploit.
83
00:06:30,020 --> 00:06:37,200
This is the information needed and some information are mandatory and some information are optional.
84
00:06:37,250 --> 00:06:39,590
So those two information are mandatory.
85
00:06:39,780 --> 00:06:45,100
So our host and our board both of them has to be at but our board already have a venue.
86
00:06:45,140 --> 00:06:47,300
So you may keep it or you may change it.
87
00:06:47,300 --> 00:06:49,350
I would suggest to keep on the fly.
88
00:06:49,590 --> 00:06:53,270
Well airport it's empty and it's quiet.
89
00:06:53,270 --> 00:06:57,200
Now what is Airport is the target address the target IP address.
90
00:06:57,200 --> 00:06:59,280
So I need to put here as a target IP address.
91
00:06:59,280 --> 00:07:00,850
Fine.
92
00:07:01,040 --> 00:07:03,300
So we can type.
93
00:07:03,500 --> 00:07:10,780
How can we add the value you just typeset and you put the value that you want to our horse.
94
00:07:10,790 --> 00:07:14,500
And don't forget that Linux are case sensitive.
95
00:07:14,510 --> 00:07:22,150
Our host and then you put the IP IP of my victim let me double check one more time.
96
00:07:22,320 --> 00:07:31,140
It's 1 9 2 1 6 8 8 1 2 2 1 1 4 so 1 9 2.
97
00:07:31,760 --> 00:07:32,460
Sorry.
98
00:07:34,410 --> 00:07:40,120
1 9 2 2 1 6 8 2 1 1 1 4.
99
00:07:40,710 --> 00:07:43,280
And how can I use that phrase that has been assigned.
100
00:07:43,440 --> 00:07:50,400
Sure option again and I can see now that my vulnerability has the required information my exploit has
101
00:07:50,400 --> 00:07:52,060
required information all of them.
102
00:07:52,060 --> 00:07:55,530
Or if you need to change your questions sit our hosen to replace.
103
00:07:55,560 --> 00:08:02,110
And he's telling you that this was effective to Windows XP Windows 2000 Windows 2003 and so on.
104
00:08:02,220 --> 00:08:03,450
Now how can I launch it.
105
00:08:03,450 --> 00:08:04,880
I mean yeah it's fine now.
106
00:08:04,890 --> 00:08:07,200
So ready to launch an attack effect.
107
00:08:07,500 --> 00:08:15,590
You just need to type exploit exploit we'll launch static and let's see what would happen.
108
00:08:15,600 --> 00:08:17,040
So I'm typing exploit
109
00:08:25,630 --> 00:08:32,580
and Hildago and we got Zimet of politicization Mr. Pratt decision mean I have had this system.
110
00:08:32,620 --> 00:08:34,390
I'm now on the system machine.
111
00:08:34,710 --> 00:08:35,380
OK.
112
00:08:35,380 --> 00:08:37,590
I have a full session.
113
00:08:37,750 --> 00:08:43,620
So a full lecture about Metropolit decision and how it can be useful in the Android hacking section.
114
00:08:43,630 --> 00:08:48,490
But right now once you get this method Patersons that's mean you are already connected to the victim.
115
00:08:48,490 --> 00:08:51,380
How can it knows that or how can I use that.
116
00:08:51,440 --> 00:08:57,430
OK I had to the system and one more time maybe I'm using Windows as a proof of concept but same concept
117
00:08:57,460 --> 00:09:02,830
apply on Android to know how to use the comment or what comment can you type to gain information or
118
00:09:02,830 --> 00:09:04,280
don't know fine just type.
119
00:09:04,450 --> 00:09:06,000
You don't need to do anything.
120
00:09:06,300 --> 00:09:11,800
And you will find all the commanders that you have some commands that will dump all the password on
121
00:09:11,800 --> 00:09:14,130
your computer has done.
122
00:09:14,410 --> 00:09:21,170
So if you just dump you'd get all the accounts and password on your computer.
123
00:09:21,180 --> 00:09:24,520
Yes Curtis but later on we're going to see it's not a problem.
124
00:09:24,670 --> 00:09:29,020
We have a Cummins that opens a webcam or opens the mike on the victim.
125
00:09:29,170 --> 00:09:32,230
We have a command that kids can start.
126
00:09:32,230 --> 00:09:34,060
It will capture everything he's writing.
127
00:09:34,060 --> 00:09:35,990
It's like a key logger remote key logger.
128
00:09:36,250 --> 00:09:43,500
We have our get this Cappelletti or what exactly is this Commines doing.
129
00:09:43,510 --> 00:09:48,310
So what I'm saying is you just need to copy and paste that comment and see what will happen.
130
00:09:48,310 --> 00:09:50,320
So if we get this copilot see
131
00:09:56,880 --> 00:09:58,080
what is that exactly.
132
00:09:58,080 --> 00:10:02,240
But I thought it would get us a snapshot or something.
133
00:10:02,490 --> 00:10:06,500
We have we can like for instance system.
134
00:10:06,780 --> 00:10:08,900
This would give you information about the victim.
135
00:10:09,150 --> 00:10:13,870
Or you can shut down the machine.
136
00:10:14,420 --> 00:10:18,790
Kopi and you type shudder.
137
00:10:19,040 --> 00:10:25,740
So Metropolit assertion is very easy to just type the comment.
138
00:10:26,630 --> 00:10:31,200
And I believe you can see some it will start shutting down.
139
00:10:31,210 --> 00:10:37,080
Here you go start shutting down and eventually it will shut up.
140
00:10:37,090 --> 00:10:40,020
So my point is made this point.
141
00:10:40,150 --> 00:10:41,650
This is how easy it is.
142
00:10:41,740 --> 00:10:48,760
It's very very easy you just need to search for variability and then see what option is needed and put
143
00:10:48,760 --> 00:10:49,840
that option and that's it.
144
00:10:49,930 --> 00:10:54,330
You don't need to change any code you don't need to know C or Perl or patient and so on.
145
00:10:54,610 --> 00:11:01,410
So this is actually one of the best meta exploitation framework.
146
00:11:01,450 --> 00:11:02,980
Now let's see.
147
00:11:02,980 --> 00:11:11,320
Regarding the second lecture and this lecture in the section where we were talking about stagefright
148
00:11:11,740 --> 00:11:20,480
if my victim was an Android device do I need to go through the same steps.
149
00:11:21,610 --> 00:11:29,500
Do I need to get the exploitation file and start doing changes the same way we did on the previous lecture.
150
00:11:29,510 --> 00:11:41,720
Actually the same concept you click on sirf Android or maybe you type steede the page.
151
00:11:41,800 --> 00:11:43,350
Right.
152
00:11:43,600 --> 00:11:48,800
And I'm giving this specific example because it's a very very effective exploit.
153
00:11:49,360 --> 00:12:00,880
And during the Android hacking section I explained how to use this exploit but using meter's through
154
00:12:00,880 --> 00:12:01,750
me to Spryte.
155
00:12:01,780 --> 00:12:12,750
So let's see maybe I am mistyping it search for Android and you can see the amount of Android payloads
156
00:12:12,750 --> 00:12:15,640
that you can find and exploit.
157
00:12:15,640 --> 00:12:20,170
So if you search you'll be able to find stagefright you can have a separate lecture for that but the
158
00:12:20,260 --> 00:12:27,090
scope or objectives of this ritual is to show you a different way for using different ability and exploit.
159
00:12:27,220 --> 00:12:31,270
Even Iris I believe you will find some vulnerability related to iOS
160
00:12:34,030 --> 00:12:36,250
so you can select any one of those.
161
00:12:36,250 --> 00:12:37,210
You can start
162
00:12:40,990 --> 00:12:43,520
testing them if you know how it works.
163
00:12:43,720 --> 00:12:46,780
So it's not memorizing Zicam and it just knows the technique.
15882
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.