Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:12,070 --> 00:00:14,860 Hey, guys, welcome back to another episode on How to Hack. 2 00:00:15,250 --> 00:00:18,460 So my name is Young and I'll be your trainer and facilitator today. 3 00:00:19,180 --> 00:00:24,670 So over here on the screen, as you can see on the left side, we have an mobile device running. 4 00:00:24,700 --> 00:00:26,660 And on the right side, we have colonics running. 5 00:00:26,680 --> 00:00:33,490 So colonics will be our hacker's box and the mobile device will be the targeted computer at a target, 6 00:00:33,490 --> 00:00:37,840 a device that will be going after to pull out all of those text messages. 7 00:00:38,530 --> 00:00:42,970 So what we are going to do now is on the right side, we have to create the payload. 8 00:00:42,970 --> 00:00:45,270 We have to create the app CAFO. 9 00:00:45,610 --> 00:00:49,800 So what you can see over here is that I have already created a command for you. 10 00:00:49,810 --> 00:00:53,880 So we just got to zoom in a little and I'll explain to you what all this means. 11 00:00:54,250 --> 00:00:55,390 So we're using MSF. 12 00:00:55,390 --> 00:01:00,760 Varnum So this is part of the battle supply framework and of course Desh stands for a platform. 13 00:01:00,760 --> 00:01:04,470 So we're using Android Media Preeta Reverse on a scale TCP. 14 00:01:04,810 --> 00:01:10,510 So a reverse made a British shell for us to get a reverse connection into the mobile device. 15 00:01:10,940 --> 00:01:12,190 And of course we have low. 16 00:01:12,190 --> 00:01:16,550 So Elmos is actually the IP address of the listener. 17 00:01:16,570 --> 00:01:23,200 So in this case, if I enter IP space ADR and I hit enter on that, I will be presented with the IP 18 00:01:23,200 --> 00:01:25,090 address of the colonics machine. 19 00:01:25,240 --> 00:01:29,830 So in this case we have one two one six eight zero one zero six. 20 00:01:30,370 --> 00:01:37,060 And of course for our case, we are going to create the APK file based on Delaporte all four four four 21 00:01:37,060 --> 00:01:37,380 four. 22 00:01:37,870 --> 00:01:42,170 So of course we will output the fall into dot hacker apk. 23 00:01:42,460 --> 00:01:48,430 So once you have this instruction ready, paste it onto your code, Linux box and the command problem 24 00:01:48,670 --> 00:01:51,420 or in the terminal and go ahead and hit enter on that. 25 00:01:51,430 --> 00:01:52,990 So I'll go ahead and enter on that. 26 00:01:53,560 --> 00:01:58,510 And of course I'll be prompted with the password because I'm using Sudo for super user so he'd enter 27 00:01:58,510 --> 00:02:01,670 on that and this would create epic payload. 28 00:02:01,840 --> 00:02:07,960 So what we are going to do is that we need to have this install into the device one installation onto 29 00:02:07,960 --> 00:02:13,720 the device, either as a corporate issue or a company issued device or two. 30 00:02:13,960 --> 00:02:21,040 It is true social engineering attacks or you could embed it as part of a different APK file, like your 31 00:02:21,700 --> 00:02:26,980 different kind of applications that you can then present it to the user in a user could download it, 32 00:02:26,980 --> 00:02:32,800 and from there on you will be able to get it running and you can have the reverse connection back to 33 00:02:32,800 --> 00:02:33,400 the device. 34 00:02:34,150 --> 00:02:38,830 So over here, as we can see, we have the payload size of ten thousand one hundred and eighty five 35 00:02:38,830 --> 00:02:39,280 bytes. 36 00:02:39,640 --> 00:02:44,830 So all you got to do is transfer to file so you can actually do a pseudo move, for example, and we 37 00:02:44,830 --> 00:02:49,650 can move the DOT hacker ABQ file Devar doped up HTML. 38 00:02:50,230 --> 00:02:55,600 So what we are doing this and why we're doing this is because we need a location to service to file 39 00:02:55,600 --> 00:03:00,730 so that people can access it so that a target computers can access it, they can download it and they 40 00:03:00,730 --> 00:03:02,110 can install it from there on. 41 00:03:02,920 --> 00:03:07,120 So in this case, we can go ahead and run the Apache Web server. 42 00:03:07,150 --> 00:03:09,200 So all you got to do is enter System CTL. 43 00:03:09,340 --> 00:03:12,190 So this is part of Linux system administration. 44 00:03:12,200 --> 00:03:18,460 So this is a good command, a good item to learn so that you can understand how you can control different 45 00:03:18,460 --> 00:03:22,480 kind of services, insight your different Linux boxes. 46 00:03:22,510 --> 00:03:25,900 So this is a highly sought after scale Linux administration. 47 00:03:26,320 --> 00:03:33,790 So we enter a system CTL followed by space and we can actually enter the status of Apache so we can 48 00:03:33,790 --> 00:03:35,110 go ahead and hit enter on debt. 49 00:03:35,140 --> 00:03:37,140 So it says that it is already running. 50 00:03:37,150 --> 00:03:42,130 So we have our Web application server running and on the left side we have the mobile device. 51 00:03:42,550 --> 00:03:46,030 So of course the app can be downloaded for many places. 52 00:03:46,210 --> 00:03:50,200 And I just created a YouTube post about the importance of social engineering. 53 00:03:50,200 --> 00:03:54,600 So social engineering is a domain that is usually overlooked. 54 00:03:54,610 --> 00:04:00,310 So there are a lot of importance for it because I've seen a lot of demonstration as well as real life 55 00:04:00,310 --> 00:04:08,320 cases where the hackers provide a macro Excel file like an Excel sheet or a wood document, and a user 56 00:04:08,320 --> 00:04:15,540 enable the macro scripts and continue running and debt took over the entire device very, very quickly. 57 00:04:15,850 --> 00:04:22,230 So those were the kind of attacks that we're seeing regularly do penetrate into very large companies. 58 00:04:22,240 --> 00:04:31,390 So this are the kind of tricks coupled with technological advancement in cyber attacks to actually launch 59 00:04:31,390 --> 00:04:33,280 those attacks against certain entities. 60 00:04:33,490 --> 00:04:33,880 All right. 61 00:04:34,480 --> 00:04:37,140 So now all we got to do is enter the IP address. 62 00:04:37,150 --> 00:04:43,870 So in this case, we have one two one six eight zero one zero six, followed by Hacker. 63 00:04:44,530 --> 00:04:50,650 And of course, we name our device over here from the output, as Hacker told APK so we can enter Heckel 64 00:04:51,070 --> 00:04:52,540 not a hit enter on debt. 65 00:04:53,080 --> 00:04:55,420 So it would say that we can download a false will be. 66 00:04:55,420 --> 00:04:56,920 Go ahead and download a file click. 67 00:04:56,920 --> 00:05:01,600 OK, so once the phone has been downloaded you can open it up and you can install it. 68 00:05:01,870 --> 00:05:06,180 So what I'm going to do now on the right side is I'm going to start up Matus white console. 69 00:05:06,550 --> 00:05:10,060 So again, if you think about some of the use cases for us to install. 70 00:05:10,180 --> 00:05:17,050 A software into the device, what a hackers are doing is that they're installing a lot of such software 71 00:05:17,230 --> 00:05:25,090 onto the mobile device before they actually ship it to the consumers, before they actually sell it 72 00:05:25,480 --> 00:05:29,730 to a different kind of platforms in order for users to use that phone. 73 00:05:29,740 --> 00:05:32,230 And when the users use the phone, they're clueless. 74 00:05:32,240 --> 00:05:38,200 You have no idea to this phone already has a virus or a backdoor install into the device. 75 00:05:38,320 --> 00:05:41,380 So this is the kind of tricks that hackers are really using. 76 00:05:41,560 --> 00:05:47,590 So like I mentioned earlier, coupling social engineering, as well as all this technical know house 77 00:05:47,740 --> 00:05:50,950 for these hackers to gain access to your credentials. 78 00:05:51,250 --> 00:05:51,670 All right. 79 00:05:52,600 --> 00:05:58,840 So moving forward, all I got to do is enter, use, exploit, multi handler and we can actually set 80 00:05:58,840 --> 00:06:03,250 the payload as Android meter reader reverse on a score. 81 00:06:04,210 --> 00:06:04,690 All right. 82 00:06:04,690 --> 00:06:10,070 And we can enter show options so we can SBL Hoess one two one six eight zero one zero six. 83 00:06:10,120 --> 00:06:12,600 So this is the IP address of the listener. 84 00:06:12,640 --> 00:06:14,770 This is the IP address of colonics in this case. 85 00:06:15,010 --> 00:06:16,030 So hit enter on that. 86 00:06:16,180 --> 00:06:18,630 And we have the airport as four four four four. 87 00:06:18,640 --> 00:06:20,200 So everything is set properly. 88 00:06:20,560 --> 00:06:24,220 So all we got to do right now is enter exploit to run the listener. 89 00:06:24,220 --> 00:06:28,720 So we're listening right now and we actually already have the software installed. 90 00:06:28,720 --> 00:06:35,440 So if I click onto the hacker apk and you can see that this is an installation update to the desisting 91 00:06:35,440 --> 00:06:36,220 application. 92 00:06:36,230 --> 00:06:39,060 So we have already installed the application. 93 00:06:39,310 --> 00:06:46,630 So all I got to do is go back into the mobile device and if I go into the application page, all I got 94 00:06:46,630 --> 00:06:48,170 to do is search for a main activity. 95 00:06:48,550 --> 00:06:53,860 So again, to naming the logos, the way the look and feel of the application can be modified. 96 00:06:53,860 --> 00:07:00,670 And we will discuss about how we can innovate such payloads into different kind of ABQ or different 97 00:07:00,670 --> 00:07:01,570 kind of applications. 98 00:07:01,600 --> 00:07:01,930 All right. 99 00:07:02,500 --> 00:07:08,740 So here I'm just going to go ahead and click on main activity and immediately we would have access into 100 00:07:08,740 --> 00:07:09,370 recession. 101 00:07:09,370 --> 00:07:15,790 And what you're seeing right now is that you would not be able to visually see any kind of differences 102 00:07:15,790 --> 00:07:16,350 on the phone. 103 00:07:16,540 --> 00:07:21,010 So the phone is still able to run normal and you can do stuff. 104 00:07:21,010 --> 00:07:22,840 The Internet you can do go to Google Maps. 105 00:07:23,080 --> 00:07:28,150 You can use many different of the features and functions as though your phone is as it is. 106 00:07:28,300 --> 00:07:32,500 But it has really been hacked by the hackers and hackers on the right side. 107 00:07:32,500 --> 00:07:36,070 Clinics have full control and access to the device. 108 00:07:36,110 --> 00:07:37,060 And why is that a case? 109 00:07:37,480 --> 00:07:40,870 So let us explain a little more about why this is the case. 110 00:07:41,020 --> 00:07:49,330 So if I actually go on to settings and I click onto the applications, so let us go into the application 111 00:07:49,330 --> 00:07:55,860 that has been installed in the device so we can review the mobile application permissions. 112 00:07:55,870 --> 00:08:00,350 So if I click on apps and over here we can see all the applications. 113 00:08:00,350 --> 00:08:03,540 So let us go into the application that we just installed. 114 00:08:04,570 --> 00:08:09,820 So it is called main activity and lets it enter and debt and we can look under permissions. 115 00:08:09,820 --> 00:08:12,120 So permissions is on a roll. 116 00:08:12,130 --> 00:08:18,610 So go ahead and click on that and we can see that this application has all these different accesses 117 00:08:18,880 --> 00:08:19,810 into the phone. 118 00:08:20,080 --> 00:08:27,130 So it has the camera access, it has the context access, location, microphone, phone, SMS and storage. 119 00:08:27,490 --> 00:08:34,810 So immense that even for mobile applications to install into your phone right now, the user, all the 120 00:08:34,810 --> 00:08:40,720 owner of the application, if they have all this app permissions, they will be able to see all of your 121 00:08:40,720 --> 00:08:41,140 data. 122 00:08:41,380 --> 00:08:46,400 They'll be able to pull out your contacts or SMS and all this important information. 123 00:08:47,050 --> 00:08:53,200 So going back into the hackers box, we can enter help and this will list out all the commands available 124 00:08:53,200 --> 00:08:57,780 for us to control or to execute into the mobile device. 125 00:08:58,060 --> 00:09:01,600 So in my case, for example, I can enter at on a score list. 126 00:09:01,810 --> 00:09:07,300 So this will show us all the applications that are already installed inside the device. 127 00:09:07,570 --> 00:09:14,800 And we can see, for example, if you manage to break into one of the Kopra devices owned by a an enterprise, 128 00:09:15,100 --> 00:09:20,980 then you realize that such application could be mirrored across all those different devices. 129 00:09:20,980 --> 00:09:25,300 And many large enterprises run thousands, tens of thousands of devices. 130 00:09:25,600 --> 00:09:30,820 So not just in terms of security controls and policies for your mobile devices, but what about your 131 00:09:30,820 --> 00:09:31,450 laptops? 132 00:09:31,450 --> 00:09:34,900 What your servers, what about your network devices and so on. 133 00:09:35,170 --> 00:09:41,970 So all these different kind of security policies have to have a strong effect across and across all 134 00:09:41,980 --> 00:09:46,660 these different devices that you run in order to secure them against many of these potential hack. 135 00:09:46,990 --> 00:09:50,640 So, of course, the main topic for today is dump on the score SMS. 136 00:09:50,650 --> 00:09:54,010 So with a very simple command, all you got to do is hit enter on that. 137 00:09:54,700 --> 00:10:01,030 And immediately you see that we have a file created onto our desktop over here on the left site and 138 00:10:01,030 --> 00:10:05,500 immediately we can just open it up and we can see all of the text messages. 139 00:10:05,500 --> 00:10:07,300 So go ahead and open it up. 140 00:10:08,290 --> 00:10:09,910 And over here we can see. 141 00:10:10,510 --> 00:10:17,290 Can transfer five hundred thousand US dollars for a cybersecurity project and let's go back into the 142 00:10:17,290 --> 00:10:23,860 mobile device and we can click under these messages and immediately you can see that there was a text 143 00:10:23,860 --> 00:10:30,130 message and outgoing text message can transfer five hundred thousand US dollars here for our cybersecurity 144 00:10:30,130 --> 00:10:30,590 project. 145 00:10:31,060 --> 00:10:32,770 So there are a lot more instructions. 146 00:10:32,770 --> 00:10:37,540 There's a lot more commands that we can do as part of this Android hacking series. 147 00:10:37,930 --> 00:10:39,280 So I'll do what I'll do. 148 00:10:39,310 --> 00:10:41,380 Stay tuned for more tutorials for you. 149 00:10:41,650 --> 00:10:45,190 So if you have learned something valuable in today's tutorial, we're going to like sharing. 150 00:10:45,190 --> 00:10:48,630 Subscribe to a channel so that you can be kept abreast of the latest cybersecurity. 151 00:10:49,090 --> 00:10:50,650 Thank you so much once again for watching. 16538