Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:01,710 --> 00:00:11,170 Now if you are not very good in writing Centex and writing and memorizing this comment and you like 2 00:00:11,170 --> 00:00:19,320 me to say except you'd rather use meters play it in a graphical way meters plus it has a new interface 3 00:00:19,500 --> 00:00:26,460 called Armytage So during this lecture and maybe next lecture I'm going to show you how to use a meta 4 00:00:26,460 --> 00:00:30,610 sprite in a graphical interface to be able to do that. 5 00:00:30,630 --> 00:00:36,340 First we have the same scenario here we have a Linux machine which will be our Heckert machine. 6 00:00:36,360 --> 00:00:41,280 Another victim machine victim machine could be on this machine could be an android machine could be 7 00:00:41,280 --> 00:00:44,310 an iOS whatever platform. 8 00:00:44,700 --> 00:00:49,630 So as a victim machine here it's 1 1 4 IP. 9 00:00:49,650 --> 00:00:54,820 Now let me show you how to use Armytage if you just admitted you can find it. 10 00:00:54,840 --> 00:01:02,480 I can hear or you can type Armytage But if you just run Armytage it will the first time without initiating 11 00:01:02,480 --> 00:01:04,890 is the service needed it will not try. 12 00:01:04,980 --> 00:01:05,670 It will not stop. 13 00:01:05,670 --> 00:01:07,380 So if you run Armytage this way 14 00:01:11,010 --> 00:01:16,410 he will ask you to connect and then you're going to start to run Armytage but actually it won't not 15 00:01:16,740 --> 00:01:17,050 run. 16 00:01:17,050 --> 00:01:19,120 Let's see. 17 00:01:20,750 --> 00:01:27,980 So he's asking you this you keep the default setting and you click on Connect but then you click on 18 00:01:27,980 --> 00:01:30,380 yes you're going to notice that 19 00:01:33,810 --> 00:01:34,090 the 20 00:01:37,670 --> 00:01:40,430 he will keep trying to open but he will not. 21 00:01:40,550 --> 00:01:45,630 What you need to do first to be able to use Armytage you need to write down to to command. 22 00:01:45,680 --> 00:01:50,820 This will start a service needed for Armytage called the post sequence. 23 00:01:51,200 --> 00:01:58,820 And then you need to start a MSF database so you need to store the database service that is needed for 24 00:01:58,820 --> 00:01:59,810 this application. 25 00:01:59,810 --> 00:02:02,800 So as you can see Google keep trying but it will not be running. 26 00:02:03,020 --> 00:02:08,960 So what we need to do is we need to open first term. 27 00:02:10,100 --> 00:02:12,660 Actually what happened is they already started before. 28 00:02:12,920 --> 00:02:19,790 But let me close it and tried to comment one more time because before starting this lecture I already 29 00:02:22,550 --> 00:02:23,950 initiated the service. 30 00:02:24,110 --> 00:02:26,700 So you need to open a terminal here. 31 00:02:29,020 --> 00:02:34,380 And you need to write down services 32 00:02:37,030 --> 00:02:42,620 post are the sequined 33 00:02:46,050 --> 00:02:46,700 start 34 00:02:50,860 --> 00:02:55,040 this truly post 35 00:02:59,310 --> 00:03:09,410 again said services. 36 00:03:10,140 --> 00:03:10,990 Says 37 00:03:16,510 --> 00:03:22,290 you just need to check is post 38 00:03:24,610 --> 00:03:25,400 Issaquah 39 00:03:47,000 --> 00:03:57,290 excellent And then second comment is m s f d been initiated. 40 00:03:57,980 --> 00:04:07,640 So if you transept the first time actually is first time you need to use Armide you have to come in. 41 00:04:07,850 --> 00:04:14,570 But in my case when I launched it word because it was already configured before so once you write down 42 00:04:14,570 --> 00:04:22,310 those comments that you set to go so close 30 million let's open Armytage one more time Armytage is 43 00:04:22,820 --> 00:04:24,220 Zemaitis ploy. 44 00:04:24,350 --> 00:04:25,790 Graphical interface. 45 00:04:26,030 --> 00:04:28,640 So we're going to open and we're going to click on Connect 46 00:04:31,130 --> 00:04:37,110 and we'll click on is good default you don't have to change anything. 47 00:04:38,140 --> 00:04:42,240 And once it's done let's see how we can utilize it. 48 00:04:48,940 --> 00:04:53,670 It's a very handy tool and very advanced tool. 49 00:04:54,190 --> 00:04:57,440 So it open a graphical interface. 50 00:04:57,500 --> 00:05:05,290 Now I know that I'm looking for an exploit called R B C D. 51 00:05:06,850 --> 00:05:12,010 And as you can see this is the exploit right now. 52 00:05:15,010 --> 00:05:19,090 You just move everything to be able to start from the beginning. 53 00:05:19,460 --> 00:05:25,610 Host removalist and he have host remove host 54 00:05:31,940 --> 00:05:32,800 OK. 55 00:05:32,890 --> 00:05:39,170 Now this is the vulnerabilities that I knows that my victim has this vulnerability and can be exploited. 56 00:05:39,220 --> 00:05:46,930 I'm going to double click on it and it will show me the information which is input and it will show 57 00:05:46,930 --> 00:05:47,860 you what is missing. 58 00:05:47,860 --> 00:05:51,000 Remember when we did that in Mr. Spryte and we type your option. 59 00:05:51,190 --> 00:05:52,330 This is like show option. 60 00:05:52,330 --> 00:05:57,940 So showing me whatever what is remaining is our host which is the remote or so I need to go here and 61 00:05:57,940 --> 00:06:11,500 I need to type the IP of my victim 1 9 2 1 6 8 2 2 1 1 4 and then click on launch and give a few seconds 62 00:06:11,520 --> 00:06:12,430 or maybe a. 63 00:06:12,440 --> 00:06:22,380 He can try to exploit it and if it has been exploited you'll see a computer whiz right frame showing. 64 00:06:22,380 --> 00:06:23,540 Exactly. 65 00:06:23,550 --> 00:06:27,760 See this means that he found a computer and he compromised computer. 66 00:06:27,760 --> 00:06:31,050 Now you have admitted intersession on it right away. 67 00:06:31,050 --> 00:06:34,170 You don't have the live show option or exploit and or metropolitan. 68 00:06:34,290 --> 00:06:35,000 That's it. 69 00:06:35,340 --> 00:06:38,050 It's exploited since it has a set frame. 70 00:06:38,100 --> 00:06:42,340 And if you right click on it you can do whatever you want so you have to make that part of history. 71 00:06:42,570 --> 00:06:44,420 You go for instance. 72 00:06:45,030 --> 00:06:48,900 Let's go to. 73 00:06:49,770 --> 00:06:54,190 When it interact Explorer. 74 00:06:54,300 --> 00:06:54,700 OK. 75 00:06:54,760 --> 00:07:00,290 And you can ask him to shows or find for instance browse fight and it will show everything down here 76 00:07:00,870 --> 00:07:06,310 so you can see where all the victims find you can rightly convincing download it or upload something 77 00:07:06,340 --> 00:07:07,420 or change the past. 78 00:07:07,600 --> 00:07:09,590 You can see that he drives the drive. 79 00:07:09,760 --> 00:07:17,860 So if you put her Princeton see you can see all the folder you can delete you can do whatever you want. 80 00:07:18,250 --> 00:07:22,540 So it's a very very nice tool and much more easier to use than. 81 00:07:22,630 --> 00:07:25,890 But I would suggest that you get familiar with both of them. 82 00:07:25,900 --> 00:07:27,570 Same concept apply for Android. 83 00:07:27,580 --> 00:07:31,360 I mean if you look for an Android device so you can type Android 84 00:07:34,540 --> 00:07:42,190 and it will show you all Android vulnerability but be aware that some of the exploit can be launched 85 00:07:42,190 --> 00:07:48,130 remotely and some of the exploit you have to send to the victim something and he have to click on it 86 00:07:48,130 --> 00:07:50,530 to be able to access like an anchor or something. 87 00:07:50,530 --> 00:07:53,080 So it depends about the type of an expert. 88 00:07:53,140 --> 00:07:58,930 But again the scope of the second is to get you familiar with the different vulnerability exploitation 89 00:07:59,110 --> 00:08:04,550 more like metal plate or Armytage or these kinds of tools. 90 00:08:04,570 --> 00:08:06,120 It's not about doing that. 91 00:08:06,190 --> 00:08:07,930 That could be done in a separate section. 92 00:08:07,930 --> 00:08:12,190 Right now you just need to be familiar with such to next lecture. 93 00:08:12,190 --> 00:08:15,400 We're going to take another Armytage attack. 94 00:08:15,610 --> 00:08:21,560 But in this case we will do an automated process. 95 00:08:21,700 --> 00:08:22,660 Let me show you how. 8793