All language subtitles for 021 Metasploit-subtitle-en

af Afrikaans
ak Akan
sq Albanian
am Amharic
ar Arabic
hy Armenian
az Azerbaijani
eu Basque
be Belarusian
bem Bemba
bn Bengali
bh Bihari
bs Bosnian
br Breton
bg Bulgarian
km Cambodian
ca Catalan
chr Cherokee
ny Chichewa
zh-CN Chinese (Simplified)
zh-TW Chinese (Traditional)
co Corsican
hr Croatian
cs Czech
da Danish
nl Dutch
en English
eo Esperanto
et Estonian
ee Ewe
fo Faroese
tl Filipino
fi Finnish
fr French Download
fy Frisian
gaa Ga
gl Galician
ka Georgian
de German
el Greek
gn Guarani
gu Gujarati
ht Haitian Creole
ha Hausa
haw Hawaiian
iw Hebrew
hi Hindi
hu Hungarian
is Icelandic
ig Igbo
id Indonesian
ia Interlingua
ga Irish
it Italian
ja Japanese
jw Javanese
kn Kannada
kk Kazakh
rw Kinyarwanda
rn Kirundi
kg Kongo
ko Korean
kri Krio (Sierra Leone)
ku Kurdish
ckb Kurdish (Soranî)
ky Kyrgyz
lo Laothian
la Latin
lv Latvian
ln Lingala
lt Lithuanian
loz Lozi
lg Luganda
ach Luo
mk Macedonian
mg Malagasy
ms Malay
ml Malayalam
mt Maltese
mi Maori
mr Marathi
mfe Mauritian Creole
mo Moldavian
mn Mongolian
sr-ME Montenegrin
ne Nepali
pcm Nigerian Pidgin
nso Northern Sotho
no Norwegian
nn Norwegian (Nynorsk)
oc Occitan
or Oriya
om Oromo
ps Pashto
fa Persian
pl Polish
pt-BR Portuguese (Brazil)
pt-PT Portuguese (Portugal)
pa Punjabi
qu Quechua
ro Romanian
rm Romansh
nyn Runyakitara
ru Russian
gd Scots Gaelic
sr Serbian
sh Serbo-Croatian
st Sesotho
tn Setswana
crs Seychellois Creole
sn Shona
sd Sindhi
si Sinhalese
sk Slovak
sl Slovenian
so Somali
es Spanish
es-419 Spanish (Latin American)
su Sundanese
sw Swahili
sv Swedish
tg Tajik
ta Tamil
tt Tatar
te Telugu
th Thai
ti Tigrinya
to Tonga
lua Tshiluba
tum Tumbuka
tr Turkish
tk Turkmen
tw Twi
ug Uighur
uk Ukrainian
ur Urdu
uz Uzbek
vi Vietnamese
cy Welsh
wo Wolof
xh Xhosa
yi Yiddish
yo Yoruba
zu Zulu
Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:01,140 --> 00:00:08,920 Now let's repeat the same step and same attacks that we explain on the previous lectures. 2 00:00:09,090 --> 00:00:15,760 But using meta sprite but before showing you how to do it let me just briefly about meters plot meters. 3 00:00:16,020 --> 00:00:22,920 It's an exploitation framework and in a simple way the same process that we did on the previous lectures 4 00:00:23,460 --> 00:00:31,110 getting's exploit searching for it online getting's exploit searching if any modification is needed 5 00:00:31,140 --> 00:00:32,630 and so on. 6 00:00:33,090 --> 00:00:35,570 We don't have to do that in me brought me at this point. 7 00:00:35,610 --> 00:00:40,950 It's a programs that import all those vulnerability and exploit from the same sources from the same 8 00:00:40,950 --> 00:00:44,620 web sites exploit D.B and security focus and so on. 9 00:00:44,910 --> 00:00:52,560 And he reads them and he combines them and he just so it just ask you for input. 10 00:00:52,830 --> 00:01:00,390 So if we are talking about our PC DICOM that would tried on Microsoft Windows before and instead of 11 00:01:00,760 --> 00:01:07,890 open getting's exploit and compile it and then using as ex-pro to open a port and then using NC to connect 12 00:01:08,370 --> 00:01:11,270 and all this complicated and this was a very easy one. 13 00:01:11,280 --> 00:01:17,490 Some of the other exploit like Android Strae stage fright. 14 00:01:17,490 --> 00:01:20,160 It was kind of complicated to do. 15 00:01:20,170 --> 00:01:21,120 It was not that easy. 16 00:01:21,120 --> 00:01:26,010 You have to go into the code and change and edit the video in a description showing you how hard is 17 00:01:26,010 --> 00:01:28,470 it to get advantage of such exploits. 18 00:01:28,950 --> 00:01:30,830 But what meter's plate can do for us. 19 00:01:30,870 --> 00:01:38,220 It can import zorse exploit and we can read them and that he would ask for IDS exploit and accordingly 20 00:01:38,220 --> 00:01:40,210 I need to have the victim IP. 21 00:01:40,230 --> 00:01:47,130 So you're right it might be I need to have a victim port to write downs of the port so it will definitely 22 00:01:47,130 --> 00:01:49,080 simplifies the process. 23 00:01:49,080 --> 00:01:50,760 Now let's see how to do that. 24 00:01:50,820 --> 00:01:52,180 And we can repeat the attack. 25 00:01:52,190 --> 00:01:53,220 And while we are doing that. 26 00:01:53,220 --> 00:01:59,160 I want you to compare what we are doing in this lecture with what we did on the first lecture on the 27 00:01:59,160 --> 00:02:06,900 section boss our same topic which is using a vulnerability an exploit to compromised system System B 28 00:02:07,290 --> 00:02:12,450 could be a Windows machine could be an Android device it could be a Linux machine concept applied. 29 00:02:12,780 --> 00:02:16,850 So the knowledge that you are getting here how to get familiar with Meet the spring. 30 00:02:17,010 --> 00:02:22,070 So I have a calendar next year and I have my victim machine in this exact same victim. 31 00:02:22,170 --> 00:02:24,280 You can transmit exploit in different way. 32 00:02:24,570 --> 00:02:33,890 You can write from application go to exploitation and you'll find the meter spreader as you can see. 33 00:02:33,900 --> 00:02:42,900 Meters Brodies is here or you can open a terminal and type a message config or because the tool is very 34 00:02:42,900 --> 00:02:45,040 important for penetration tester. 35 00:02:45,060 --> 00:02:48,390 They put a shortcut here on this tool on the desktop. 36 00:02:48,450 --> 00:02:49,780 So let's open it from here. 37 00:02:51,760 --> 00:02:53,450 So we open the tool. 38 00:02:53,470 --> 00:02:57,550 Sometimes it takes a few seconds until it load all the exploit. 39 00:02:57,550 --> 00:03:09,390 So you just need to give it some time until you finish loading everything. 40 00:03:09,550 --> 00:03:13,840 And we are waiting to get the MSF prompt. 41 00:03:13,950 --> 00:03:21,990 So I'm looking for the MSF prompt command line where I can write different commands that we can use 42 00:03:22,440 --> 00:03:30,100 now we're going to use some common that you going need to memorize but actually it's not about memorizing 43 00:03:30,110 --> 00:03:30,560 the comment. 44 00:03:30,580 --> 00:03:32,000 It's about the technique. 45 00:03:32,470 --> 00:03:39,850 So let's see as you can see this is a prompt from where we are typing the comment and let's search for 46 00:03:39,870 --> 00:03:40,740 ever an ability. 47 00:03:40,900 --> 00:03:49,240 So if you need to use this tool I'm assuming that you already spent some time checking about your victim 48 00:03:49,450 --> 00:03:50,640 so he knows the victim has. 49 00:03:50,650 --> 00:03:52,460 Which operating system is it Windows. 50 00:03:52,450 --> 00:03:53,230 Is it Android. 51 00:03:53,230 --> 00:03:54,620 Is it Linux. 52 00:03:54,640 --> 00:03:57,710 What port have what applications. 53 00:03:57,760 --> 00:04:04,030 And we spoke about that in unmap So there is a different way for knowing the platform of the victim 54 00:04:04,060 --> 00:04:07,620 and some gathering some information about the victim. 55 00:04:08,080 --> 00:04:13,420 And then you start searching in public web like security focus or exploit D-B. 56 00:04:13,600 --> 00:04:18,190 But my point is before using that tool you should have some information because what exactly will be 57 00:04:18,190 --> 00:04:25,480 searching for in my case I already knows that the victim has Windows XP and I know that one of the exploits 58 00:04:25,480 --> 00:04:30,280 that can be used for XP is the RBC Diccon. 59 00:04:30,700 --> 00:04:32,710 So I have a piece of information. 60 00:04:32,740 --> 00:04:39,200 My problem was I'm not very good working with public vulnerability and writing code and so on. 61 00:04:39,250 --> 00:04:47,330 So this is the case so he will get you all the vulnerability related to that and even a search for this 62 00:04:47,330 --> 00:04:51,490 specific one. 63 00:04:51,490 --> 00:04:58,170 I think this is one which is the exploit windows are PC Diccon. 64 00:04:58,180 --> 00:05:00,210 This is the ones that we are looking for. 65 00:05:00,490 --> 00:05:08,940 OK let's just increase the screen so we will be using it then you can just select this one 66 00:05:12,480 --> 00:05:14,810 and copy it. 67 00:05:15,300 --> 00:05:23,870 So I'm searching for my exploit and I type besides a prompt to use this exploit. 68 00:05:24,420 --> 00:05:31,380 So the first thing is research and types use this exploit and then you see that the prompt will change. 69 00:05:31,410 --> 00:05:35,880 Xon now any exploit may need an input. 70 00:05:35,880 --> 00:05:41,310 I mean I know that this is an effective explodes that can be used to hack system but he will not be 71 00:05:41,400 --> 00:05:47,280 smart enough to know which system I need to to set the IP I need to set the port some input will be 72 00:05:47,280 --> 00:05:48,540 needed from my site. 73 00:05:48,570 --> 00:05:51,060 How can I know what input is needed. 74 00:05:51,360 --> 00:05:58,410 Sometimes I only sometimes some other information like port or operating system but how can I know what 75 00:05:58,410 --> 00:06:05,200 information is needed to be able to use this exploit to hack our victim. 76 00:06:05,340 --> 00:06:11,570 You just type show options and show options. 77 00:06:12,170 --> 00:06:13,470 We'll show you. 78 00:06:13,940 --> 00:06:14,430 I'm sorry. 79 00:06:14,450 --> 00:06:14,990 Show 80 00:06:17,440 --> 00:06:20,310 options. 81 00:06:20,780 --> 00:06:27,390 It will show you all the inputs that you need to add to be able to disagree and see how easy it is certainly 82 00:06:27,450 --> 00:06:30,010 OK to be able to use this specific exploit. 83 00:06:30,020 --> 00:06:37,200 This is the information needed and some information are mandatory and some information are optional. 84 00:06:37,250 --> 00:06:39,590 So those two information are mandatory. 85 00:06:39,780 --> 00:06:45,100 So our host and our board both of them has to be at but our board already have a venue. 86 00:06:45,140 --> 00:06:47,300 So you may keep it or you may change it. 87 00:06:47,300 --> 00:06:49,350 I would suggest to keep on the fly. 88 00:06:49,590 --> 00:06:53,270 Well airport it's empty and it's quiet. 89 00:06:53,270 --> 00:06:57,200 Now what is Airport is the target address the target IP address. 90 00:06:57,200 --> 00:06:59,280 So I need to put here as a target IP address. 91 00:06:59,280 --> 00:07:00,850 Fine. 92 00:07:01,040 --> 00:07:03,300 So we can type. 93 00:07:03,500 --> 00:07:10,780 How can we add the value you just typeset and you put the value that you want to our horse. 94 00:07:10,790 --> 00:07:14,500 And don't forget that Linux are case sensitive. 95 00:07:14,510 --> 00:07:22,150 Our host and then you put the IP IP of my victim let me double check one more time. 96 00:07:22,320 --> 00:07:31,140 It's 1 9 2 1 6 8 8 1 2 2 1 1 4 so 1 9 2. 97 00:07:31,760 --> 00:07:32,460 Sorry. 98 00:07:34,410 --> 00:07:40,120 1 9 2 2 1 6 8 2 1 1 1 4. 99 00:07:40,710 --> 00:07:43,280 And how can I use that phrase that has been assigned. 100 00:07:43,440 --> 00:07:50,400 Sure option again and I can see now that my vulnerability has the required information my exploit has 101 00:07:50,400 --> 00:07:52,060 required information all of them. 102 00:07:52,060 --> 00:07:55,530 Or if you need to change your questions sit our hosen to replace. 103 00:07:55,560 --> 00:08:02,110 And he's telling you that this was effective to Windows XP Windows 2000 Windows 2003 and so on. 104 00:08:02,220 --> 00:08:03,450 Now how can I launch it. 105 00:08:03,450 --> 00:08:04,880 I mean yeah it's fine now. 106 00:08:04,890 --> 00:08:07,200 So ready to launch an attack effect. 107 00:08:07,500 --> 00:08:15,590 You just need to type exploit exploit we'll launch static and let's see what would happen. 108 00:08:15,600 --> 00:08:17,040 So I'm typing exploit 109 00:08:25,630 --> 00:08:32,580 and Hildago and we got Zimet of politicization Mr. Pratt decision mean I have had this system. 110 00:08:32,620 --> 00:08:34,390 I'm now on the system machine. 111 00:08:34,710 --> 00:08:35,380 OK. 112 00:08:35,380 --> 00:08:37,590 I have a full session. 113 00:08:37,750 --> 00:08:43,620 So a full lecture about Metropolit decision and how it can be useful in the Android hacking section. 114 00:08:43,630 --> 00:08:48,490 But right now once you get this method Patersons that's mean you are already connected to the victim. 115 00:08:48,490 --> 00:08:51,380 How can it knows that or how can I use that. 116 00:08:51,440 --> 00:08:57,430 OK I had to the system and one more time maybe I'm using Windows as a proof of concept but same concept 117 00:08:57,460 --> 00:09:02,830 apply on Android to know how to use the comment or what comment can you type to gain information or 118 00:09:02,830 --> 00:09:04,280 don't know fine just type. 119 00:09:04,450 --> 00:09:06,000 You don't need to do anything. 120 00:09:06,300 --> 00:09:11,800 And you will find all the commanders that you have some commands that will dump all the password on 121 00:09:11,800 --> 00:09:14,130 your computer has done. 122 00:09:14,410 --> 00:09:21,170 So if you just dump you'd get all the accounts and password on your computer. 123 00:09:21,180 --> 00:09:24,520 Yes Curtis but later on we're going to see it's not a problem. 124 00:09:24,670 --> 00:09:29,020 We have a Cummins that opens a webcam or opens the mike on the victim. 125 00:09:29,170 --> 00:09:32,230 We have a command that kids can start. 126 00:09:32,230 --> 00:09:34,060 It will capture everything he's writing. 127 00:09:34,060 --> 00:09:35,990 It's like a key logger remote key logger. 128 00:09:36,250 --> 00:09:43,500 We have our get this Cappelletti or what exactly is this Commines doing. 129 00:09:43,510 --> 00:09:48,310 So what I'm saying is you just need to copy and paste that comment and see what will happen. 130 00:09:48,310 --> 00:09:50,320 So if we get this copilot see 131 00:09:56,880 --> 00:09:58,080 what is that exactly. 132 00:09:58,080 --> 00:10:02,240 But I thought it would get us a snapshot or something. 133 00:10:02,490 --> 00:10:06,500 We have we can like for instance system. 134 00:10:06,780 --> 00:10:08,900 This would give you information about the victim. 135 00:10:09,150 --> 00:10:13,870 Or you can shut down the machine. 136 00:10:14,420 --> 00:10:18,790 Kopi and you type shudder. 137 00:10:19,040 --> 00:10:25,740 So Metropolit assertion is very easy to just type the comment. 138 00:10:26,630 --> 00:10:31,200 And I believe you can see some it will start shutting down. 139 00:10:31,210 --> 00:10:37,080 Here you go start shutting down and eventually it will shut up. 140 00:10:37,090 --> 00:10:40,020 So my point is made this point. 141 00:10:40,150 --> 00:10:41,650 This is how easy it is. 142 00:10:41,740 --> 00:10:48,760 It's very very easy you just need to search for variability and then see what option is needed and put 143 00:10:48,760 --> 00:10:49,840 that option and that's it. 144 00:10:49,930 --> 00:10:54,330 You don't need to change any code you don't need to know C or Perl or patient and so on. 145 00:10:54,610 --> 00:11:01,410 So this is actually one of the best meta exploitation framework. 146 00:11:01,450 --> 00:11:02,980 Now let's see. 147 00:11:02,980 --> 00:11:11,320 Regarding the second lecture and this lecture in the section where we were talking about stagefright 148 00:11:11,740 --> 00:11:20,480 if my victim was an Android device do I need to go through the same steps. 149 00:11:21,610 --> 00:11:29,500 Do I need to get the exploitation file and start doing changes the same way we did on the previous lecture. 150 00:11:29,510 --> 00:11:41,720 Actually the same concept you click on sirf Android or maybe you type steede the page. 151 00:11:41,800 --> 00:11:43,350 Right. 152 00:11:43,600 --> 00:11:48,800 And I'm giving this specific example because it's a very very effective exploit. 153 00:11:49,360 --> 00:12:00,880 And during the Android hacking section I explained how to use this exploit but using meter's through 154 00:12:00,880 --> 00:12:01,750 me to Spryte. 155 00:12:01,780 --> 00:12:12,750 So let's see maybe I am mistyping it search for Android and you can see the amount of Android payloads 156 00:12:12,750 --> 00:12:15,640 that you can find and exploit. 157 00:12:15,640 --> 00:12:20,170 So if you search you'll be able to find stagefright you can have a separate lecture for that but the 158 00:12:20,260 --> 00:12:27,090 scope or objectives of this ritual is to show you a different way for using different ability and exploit. 159 00:12:27,220 --> 00:12:31,270 Even Iris I believe you will find some vulnerability related to iOS 160 00:12:34,030 --> 00:12:36,250 so you can select any one of those. 161 00:12:36,250 --> 00:12:37,210 You can start 162 00:12:40,990 --> 00:12:43,520 testing them if you know how it works. 163 00:12:43,720 --> 00:12:46,780 So it's not memorizing Zicam and it just knows the technique. 15882

Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.