Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:01,260 --> 00:00:07,230
After creating a malicious app the next step is to copy this app to the victim.
2
00:00:07,300 --> 00:00:10,180
By now this can be done in a different way.
3
00:00:10,500 --> 00:00:16,830
You can share folders between Windows and Linux and copy them or you can copy uploads this app to any
4
00:00:17,220 --> 00:00:20,670
free hosting or there is a different way for doing that.
5
00:00:20,670 --> 00:00:24,390
And we're going to explain later on some sophisticated way.
6
00:00:24,990 --> 00:00:31,310
But in my case I take a copy from the app and I copy it on the desktop.
7
00:00:31,920 --> 00:00:37,530
And this is a fake because usually when you created by default it would be created inside your home
8
00:00:37,530 --> 00:00:38,260
folder.
9
00:00:38,580 --> 00:00:42,850
Then using Google Drive I will upload this app.
10
00:00:43,260 --> 00:00:49,310
And the reason I copy it on the desktop because I notice that it will not be detected.
11
00:00:49,350 --> 00:00:51,680
If you keep it on your home folder.
12
00:00:52,050 --> 00:00:55,140
So here he usually point to his desktop.
13
00:00:55,140 --> 00:01:05,330
This is my app and I'm going to create an open and he's going to start uploading the app.
14
00:01:05,340 --> 00:01:11,880
It's a very small one so it has been uploaded successfully.
15
00:01:12,330 --> 00:01:26,470
And then let's go to my computer here and let me download this app and copy it to my memory of this
16
00:01:26,470 --> 00:01:35,030
is a copy and I'm going to add it to my memory card.
17
00:01:35,240 --> 00:01:38,590
It can have even added to the and is not a problem.
18
00:01:38,760 --> 00:01:40,170
I will create a folder
19
00:01:43,640 --> 00:01:50,450
it's better to do it this way do not keep it anywhere just create a folder.
20
00:01:52,270 --> 00:01:52,760
When you.
21
00:01:52,760 --> 00:02:00,640
But here I can use this one folder based and now is a malicious app it's on my mobile.
22
00:02:00,970 --> 00:02:07,570
Now before installing the malicious app I need to do something from the Linux machine which is installing
23
00:02:07,680 --> 00:02:08,700
a handler.
24
00:02:09,010 --> 00:02:12,790
And what is exactly the handler handler.
25
00:02:13,390 --> 00:02:19,860
What happens when you run a malicious app from the victim machine.
26
00:02:19,870 --> 00:02:24,230
He will try to connect to your Linux machine.
27
00:02:24,250 --> 00:02:29,550
Now the stations that would be coming from them will by twos.
28
00:02:29,730 --> 00:02:34,810
Can the Linux machine will try to reach the machine on full force.
29
00:02:35,140 --> 00:02:41,960
So I have to open this port and run a listener that wouldn't wait for the app.
30
00:02:41,980 --> 00:02:46,390
So we're going to do that test to be done for me at this point.
31
00:02:46,630 --> 00:02:55,060
So all the steps are written in this fight to run the handler which would be used for
32
00:03:00,340 --> 00:03:02,590
receiving the connection from the victim.
33
00:03:02,590 --> 00:03:08,110
Once he runs this app so we're going to run MSF console as
34
00:03:11,860 --> 00:03:19,780
soon and once it's up and running we can use their meters plate.
35
00:03:19,840 --> 00:03:25,810
So he's a multi handler to expect a connection from the computer.
36
00:03:25,810 --> 00:03:34,510
I'm going to specifies the name of the payload and there's a port and IP.
37
00:03:34,630 --> 00:03:37,320
So let's wait.
38
00:03:37,720 --> 00:03:39,970
It will take a few seconds until it run
39
00:03:57,030 --> 00:03:57,570
ok.
40
00:03:57,600 --> 00:04:01,980
Meanwhile let me activate the program
41
00:04:04,950 --> 00:04:10,080
that will be used Moby's ins that allow me to connect with a computer
42
00:04:19,030 --> 00:04:21,300
I have to run it from my mobile it is one
43
00:04:27,510 --> 00:04:31,380
he's saying here you go.
44
00:04:31,760 --> 00:04:33,320
This is just a safe time
45
00:04:36,590 --> 00:04:42,800
because once we runs a hundred on the candy machine I'm going to install the app here and we're going
46
00:04:42,800 --> 00:04:48,330
to see if that could be successful or not.
47
00:04:48,460 --> 00:04:49,430
Kee
48
00:04:57,550 --> 00:05:10,140
usually showing the identifications that I have to write in a machine 6 2 7 6 2 7 1 7 5 7 5.
49
00:05:10,900 --> 00:05:16,470
It's a very easy application and I already made a lecture on how to use it.
50
00:05:16,720 --> 00:05:20,780
So I shouldn't be a problem.
51
00:05:20,810 --> 00:05:22,030
I think we are done.
52
00:05:22,030 --> 00:05:22,750
Let's see
53
00:05:31,430 --> 00:05:32,650
OK.
54
00:05:33,060 --> 00:05:35,000
Now getting back to here.
55
00:05:35,130 --> 00:05:36,970
Excellent.
56
00:05:37,020 --> 00:05:39,190
Meet us ploy it has run.
57
00:05:39,260 --> 00:05:46,210
Now we're going to need to use the exploit Monte handler.
58
00:05:46,400 --> 00:05:54,330
If you go to copy and paste it here.
59
00:05:55,010 --> 00:05:55,990
Excellent.
60
00:05:56,060 --> 00:06:01,610
And then we need to specify it should be the same payload said payload.
61
00:06:01,620 --> 00:06:08,460
Android Mr. Preter reverse TCAP so you should use the exact same payload AP
62
00:06:11,110 --> 00:06:11,660
these
63
00:06:16,090 --> 00:06:19,340
spelling mistakes are something it will show.
64
00:06:19,360 --> 00:06:20,620
So its Android.
65
00:06:20,770 --> 00:06:23,490
Mr Prater Yes.
66
00:06:24,180 --> 00:06:34,330
And once Right now we need to specify the option in this period.
67
00:06:34,330 --> 00:06:42,880
If you are not able to memorize you can type show options and it will show you in this specific payload
68
00:06:43,990 --> 00:06:46,380
what option you need to add.
69
00:06:46,870 --> 00:06:55,500
So as you can see we need to host says empty we need to put a port by the pool is 4 4 4 4.
70
00:06:55,510 --> 00:07:00,260
But in our case we change it to 4 for SRI's we need to change that.
71
00:07:00,310 --> 00:07:01,330
So lets do that.
72
00:07:01,330 --> 00:07:02,670
So set
73
00:07:06,100 --> 00:07:12,600
and host and we can ride our local IP.
74
00:07:12,620 --> 00:07:17,320
Let me just make sure that we still have the same IP.
75
00:07:17,710 --> 00:07:18,680
Sorry about that.
76
00:07:18,680 --> 00:07:21,660
So let me trigs the IP of the machine.
77
00:07:22,070 --> 00:07:26,750
If you see the same or change I can fake
78
00:07:31,070 --> 00:07:33,240
it's the same thing.
79
00:07:33,470 --> 00:07:36,690
So sit and host a can
80
00:07:39,530 --> 00:07:40,160
equal
81
00:07:42,950 --> 00:07:55,100
online to 1 6 8 8 1 8 1 0 3 and we need to change and think is should be taken
82
00:08:00,360 --> 00:08:14,230
up and we need to change and porters well to keep it the same way we created in the payload report which
83
00:08:14,230 --> 00:08:18,600
is for 4:43.
84
00:08:18,920 --> 00:08:23,870
Now I believe nothing else is needed.
85
00:08:24,050 --> 00:08:27,280
So let's explore it.
86
00:08:27,300 --> 00:08:36,100
Let's go on the 100 handler by typing exploit and the handler will run.
87
00:08:36,170 --> 00:08:40,370
So now as you can see he's listening and waiting for the connection.
88
00:08:40,410 --> 00:08:45,160
What I'm going to do next we will go to zoom in.
89
00:08:45,620 --> 00:08:47,700
And I'll try to run this app.
90
00:08:47,900 --> 00:08:50,720
So I'll go to the file
91
00:08:53,510 --> 00:08:57,230
should be in the file and manager.
92
00:08:57,390 --> 00:09:11,360
Is it OK to sign manager and as the car it moves inside and you find a folder by the name of new folder
93
00:09:12,050 --> 00:09:13,090
where is it.
94
00:09:15,510 --> 00:09:16,110
Yep.
95
00:09:16,140 --> 00:09:19,520
So that's just one new folder.
96
00:09:19,650 --> 00:09:23,170
It should be easy to go.
97
00:09:23,580 --> 00:09:27,090
And this is that and
98
00:09:31,450 --> 00:09:40,350
of course you need to allow this options that unknown source.
99
00:09:41,010 --> 00:09:42,690
Otherwise it will not be installed.
100
00:09:42,700 --> 00:09:51,310
But later on you're going to see that we can merge this one with another app that when you
101
00:09:55,810 --> 00:10:01,960
manipulate this option and cannot be detected that it's something malicious and install.
102
00:10:02,680 --> 00:10:07,850
And once that happens it is installed.
103
00:10:07,900 --> 00:10:10,380
Let's see what happened to our Linux machine.
104
00:10:10,750 --> 00:10:24,220
So the app has been installed and in our machine we just need to give it a few seconds and let's see
105
00:10:24,220 --> 00:10:26,920
what will happen.
106
00:10:26,920 --> 00:10:31,570
I'm going to pause until the talk and see how it will be connected.
107
00:10:37,260 --> 00:10:45,030
So once I open the application as you can see emitter Prater station has been opened between my machine
108
00:10:45,570 --> 00:10:47,290
and the vector machine.
109
00:10:47,460 --> 00:10:50,250
And here are Zimet operators.
110
00:10:50,790 --> 00:10:54,510
And now I have full access on the image on a mobile device.
111
00:10:54,510 --> 00:11:03,150
And if you need to know what can be done you just need to type help and you will see all the comments
112
00:11:03,150 --> 00:11:04,260
that you can do.
113
00:11:04,260 --> 00:11:09,510
You can see all the activity you can see if this device is rooted or not if it's rooted actually can
114
00:11:09,520 --> 00:11:10,850
have more option.
115
00:11:10,890 --> 00:11:16,420
You can see the call logs you can see a contact You can see it's a mess.
116
00:11:16,440 --> 00:11:19,140
It's an unbelievable application.
117
00:11:19,140 --> 00:11:24,750
Now next I'm going to show you some of those commands that can be used but actually nothing need to
118
00:11:24,750 --> 00:11:30,660
be explained you just need to copy and paste the comment and you can see how to use them.
119
00:11:30,660 --> 00:11:34,500
So as you can see you can open the webcam you can open the mike.
120
00:11:34,500 --> 00:11:39,690
Everything can be done on that device once the app has been installed.
121
00:11:39,690 --> 00:11:41,700
It's quite interesting.
122
00:11:41,700 --> 00:11:48,210
And as we agree later on going to see how to tune this attack so it would be very hard to detect right
123
00:11:48,210 --> 00:11:50,490
now just the basic upset.
124
00:11:50,820 --> 00:11:53,060
So let's see the post attack.
10963
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.