Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,150 --> 00:00:04,260
Now let's talk about stage versus non stage payloads.
2
00:00:04,260 --> 00:00:12,690
And before we do that we must talk about a payload so a payload is what we're going to run as an exploit.
3
00:00:12,690 --> 00:00:16,860
And when we run that exploit it's called a payload.
4
00:00:16,860 --> 00:00:19,650
We use different types of payloads depending on what it is.
5
00:00:19,680 --> 00:00:27,750
So you might see a Windows type payload or a Linux type payload or easy see on the screen maternal critter
6
00:00:27,750 --> 00:00:28,620
type payload.
7
00:00:28,620 --> 00:00:33,740
There's Python there's all different types there's like five hundred and something that we saw in meadows
8
00:00:33,750 --> 00:00:35,080
boy alone.
9
00:00:35,310 --> 00:00:43,110
And these payloads are what we use to send to a victim and attempt to get a shell on the machine.
10
00:00:43,140 --> 00:00:45,410
Now it's going to make more sense as we go.
11
00:00:45,410 --> 00:00:48,730
It's OK if you're still a little bit confused on all of this.
12
00:00:48,750 --> 00:00:52,500
There are two main types of payloads that we need to pay attention to.
13
00:00:52,530 --> 00:00:59,890
There is what we call non stage and what we call stage now a non stage payload sends that explained
14
00:00:59,960 --> 00:01:08,370
shell code all at once where a stage payload sends it in stages the non stage payload is larger in size
15
00:01:08,490 --> 00:01:13,960
and it doesn't always work where the stage payload can actually be less stable.
16
00:01:13,980 --> 00:01:23,140
So each has its con and we have an example of it and this is really what I want to point out is we have
17
00:01:23,140 --> 00:01:28,800
this non stage payload and we have a stage payload and you see the one difference between the two.
18
00:01:28,930 --> 00:01:30,600
All it is is a forward slash.
19
00:01:30,910 --> 00:01:36,690
So when we see these in we're using something like Meadows spoilt and we have to pick out a payload
20
00:01:37,150 --> 00:01:42,500
if we see something like maternal fritter underscore reverse underscore TCB.
21
00:01:42,640 --> 00:01:45,900
This identifies that this is a non stage payload.
22
00:01:46,000 --> 00:01:53,420
We can ignore the windows here but here we receive return critter forward slash reverse underscore TCB.
23
00:01:53,440 --> 00:01:55,990
This means we have a stage payload.
24
00:01:56,110 --> 00:02:01,280
What's happening it's saying hey Stage 1 Stage 2 what's happening here.
25
00:02:01,300 --> 00:02:04,260
It's saying hey let's end this all at once.
26
00:02:04,390 --> 00:02:12,070
So this is going to become very important very quick as we will attempt to exploit here very soon.
27
00:02:12,070 --> 00:02:14,410
And it's not going to work.
28
00:02:14,560 --> 00:02:17,700
And then we're going to change the payload and it's going to work beautifully.
29
00:02:17,710 --> 00:02:26,230
So understand that with the really the takeaway is if you have a payload that does not work maybe try
30
00:02:26,230 --> 00:02:32,140
the other other type of that payload if you see something like reverse TTP which is a reverse shell
31
00:02:32,140 --> 00:02:34,870
by the way over a TTP connection.
32
00:02:34,870 --> 00:02:39,730
If you say hey I'm going to send this stage reverse TTP it's not working.
33
00:02:39,730 --> 00:02:44,270
All right let me try to send a non staged reverse TCB OK.
34
00:02:44,290 --> 00:02:46,630
That's not working but I'm sure my exploits.
35
00:02:46,630 --> 00:02:46,920
Right.
36
00:02:46,930 --> 00:02:53,650
So maybe I send a bind shall instead of reverse shell here and I'll send a binds shell stage in the
37
00:02:53,650 --> 00:02:59,380
non stage and we just keep trying until we find a payload that works not every payload is the right
38
00:02:59,380 --> 00:03:02,140
payload and we have to find the one that works for us.
39
00:03:02,200 --> 00:03:09,970
So the takeaways remember the forward slash remember the slight differences between non stage and stage.
40
00:03:10,030 --> 00:03:14,650
And remember if your payload fails but you think it's the right exploit maybe change your payload.
41
00:03:15,040 --> 00:03:20,350
So we'll see that here very shortly as we start to get into exploitation in the next few videos.
4514
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.