Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,100 --> 00:00:03,600 Hello everybody and welcome to this tutorial. 2 00:00:03,600 --> 00:00:07,000 Today I will be talking about some of the basic terms 3 00:00:07,000 --> 00:00:10,570 which you will need order to follow this course through. 4 00:00:10,570 --> 00:00:15,200 So first off, you have three main categories of people. 5 00:00:15,200 --> 00:00:19,700 There are White Hat Hackers, Grey Hat Hackers and Black Hat Hackers. 6 00:00:19,700 --> 00:00:24,300 Everything that we will be doing falls into this category here 7 00:00:24,300 --> 00:00:26,100 So, White Hats -- 8 00:00:26,100 --> 00:00:30,900 Those are people whose activities are within the confines of the law. 9 00:00:30,900 --> 00:00:35,809 There are people such pen testers, ethical hackers, people like you and me 10 00:00:35,809 --> 00:00:37,300 and so on. 11 00:00:37,300 --> 00:00:39,400 Then you have Grey Hat Hackers 12 00:00:39,400 --> 00:00:43,280 whose activities are bordering between legal and illegal. 13 00:00:43,280 --> 00:00:46,300 It's a bit of a shady area there. 14 00:00:46,300 --> 00:00:49,500 In addition to that, you have the most known category 15 00:00:49,500 --> 00:00:51,329 which is Black Hat Hackers. 16 00:00:51,329 --> 00:00:58,100 and usually, and unfortunately, every time someone hears the term hacking 17 00:00:58,100 --> 00:01:01,900 it is associated with people from Black Hat world. 18 00:01:01,900 --> 00:01:07,500 There are people who conduct all sorts of illegal activities 19 00:01:07,500 --> 00:01:10,900 or conduct activities without any regard for the law 20 00:01:10,900 --> 00:01:15,700 and, I don't know, extract new information from certain servers 21 00:01:15,700 --> 00:01:19,800 credentials, your card information, take services down 22 00:01:19,800 --> 00:01:24,800 usually to extract some sort of financial gain. 23 00:01:24,800 --> 00:01:28,900 In any case, down below you have footprinting. 24 00:01:28,900 --> 00:01:33,700 Now the act of footprinting is basically information gathering. 25 00:01:33,700 --> 00:01:39,600 You are conducting some sort of reconnaissance work 26 00:01:39,600 --> 00:01:43,000 You are figuring out the IP of the server 27 00:01:43,000 --> 00:01:45,100 Figuring out which ports are open 28 00:01:45,100 --> 00:01:49,000 and with that, you can conclude which services are running there 29 00:01:49,000 --> 00:01:52,720 but it doesn't necessarily need to be confined to the digital world. 30 00:01:52,720 --> 00:01:57,800 The act of footprinting can also be when you go to the company itself. 31 00:01:57,800 --> 00:01:59,000 You just walk in. 32 00:01:59,000 --> 00:02:00,700 It doesn't necessarily need to be a company. 33 00:02:00,700 --> 00:02:04,100 It can be pretty much any building with servers in it 34 00:02:04,100 --> 00:02:07,100 and you have a look around. 35 00:02:07,100 --> 00:02:09,929 You try to gather some information there on-site 36 00:02:09,929 --> 00:02:12,400 where you go and you through their trash cans. 37 00:02:12,400 --> 00:02:16,640 You go behind the building, jump into those trash containers 38 00:02:16,640 --> 00:02:19,000 and get some information from there. 39 00:02:19,000 --> 00:02:22,200 Also, people have been known to go into parking lots 40 00:02:22,200 --> 00:02:24,239 to see who the employees are 41 00:02:24,239 --> 00:02:26,400 and who works there. 42 00:02:26,400 --> 00:02:27,510 All sorts of things. 43 00:02:27,510 --> 00:02:33,700 So this is just general information gathering, in regards to your chosen target. 44 00:02:33,700 --> 00:02:37,100 It doesn't need to be confined to the digital world. 45 00:02:37,100 --> 00:02:39,400 Anyway, down below 46 00:02:39,400 --> 00:02:42,100 you certain types of attacks -- 47 00:02:42,100 --> 00:02:45,100 You have DoS and DDoS. 48 00:02:45,100 --> 00:02:50,100 Very simple. Basically the same thing implemented in a different way. 49 00:02:50,100 --> 00:02:53,800 DoS stands for "Denial of Service" 50 00:02:53,800 --> 00:02:58,500 Usually called "Childish Attacks" because they're relatively easy to implement 51 00:02:58,500 --> 00:03:02,690 and they still are, provided of course if you have enough machines 52 00:03:02,690 --> 00:03:05,300 but that's the domain of DDoS. 53 00:03:05,300 --> 00:03:11,400 In general, what happens here is that you perform a certain amount of requests 54 00:03:11,400 --> 00:03:13,430 more requests than a server can handle 55 00:03:13,430 --> 00:03:16,709 and then the server begins dropping connections. 56 00:03:16,709 --> 00:03:20,160 For example, Apache web server -- I believe by default 57 00:03:20,160 --> 00:03:24,200 it can handle up to 10,000 connections or so 58 00:03:24,200 --> 00:03:27,450 and if you can make more than 10,000 requests 59 00:03:27,450 --> 00:03:32,010 basically everybody else making any sort of requests 60 00:03:32,010 --> 00:03:34,600 will not be able to access the website 61 00:03:34,600 --> 00:03:36,300 because their connections will be dropped 62 00:03:36,300 --> 00:03:38,300 simply because Apache will say 63 00:03:38,300 --> 00:03:42,400 "Okay, I have too many users. I have more users than I can handle" 64 00:03:42,400 --> 00:03:46,300 all the other collections will be dropped by default. 65 00:03:46,300 --> 00:03:52,700 Thereby making the site inaccessible, even though you haven't really broken any codes. 66 00:03:52,700 --> 00:03:57,800 You haven't really broken through any firewalls or stole any passwords 67 00:03:57,800 --> 00:04:01,000 or anything of a kind 68 00:04:01,000 --> 00:04:04,500 but when you're DoS in something, it's just you. 69 00:04:04,500 --> 00:04:07,200 All the connections, all the requests 70 00:04:07,200 --> 00:04:11,100 everything is coming just from your own computer 71 00:04:11,100 --> 00:04:14,300 and that it is not always the most efficient way 72 00:04:14,300 --> 00:04:19,500 In fact, it generally it can only work if there is a flaw 73 00:04:19,500 --> 00:04:21,989 in the way which requests are processed. 74 00:04:21,989 --> 00:04:26,760 However, that is why you have DDoS attacks 75 00:04:26,760 --> 00:04:31,700 when you have multiple computers, multiple connections 76 00:04:31,700 --> 00:04:36,900 and they are all making simultaneous requests to a certain server 77 00:04:36,900 --> 00:04:39,100 and this is really difficult fight off 78 00:04:39,100 --> 00:04:44,300 I mean, you really need to have a clever configuration of your firewall 79 00:04:44,300 --> 00:04:46,800 and need to have quite a good firewall as well. 80 00:04:46,800 --> 00:04:50,820 Usually you would need a physical one to prevent these sort of DDoS attacks 81 00:04:50,820 --> 00:04:54,590 and by physical, I mean a router firewall or something a kind. 82 00:04:54,590 --> 00:04:58,020 This is quite difficult to 83 00:04:58,020 --> 00:05:02,940 it's not difficult to actually do the attack itself 84 00:05:02,940 --> 00:05:05,700 as it is difficult to make the necessary preparations. 85 00:05:05,700 --> 00:05:10,919 First of all, you need to go about infecting other devices, which you will use 86 00:05:10,919 --> 00:05:16,300 which you will enslave and use in order to perform this sort of attack 87 00:05:16,300 --> 00:05:17,540 This is the hard part. 88 00:05:17,540 --> 00:05:22,000 The DDoS part is quite easy compared to that. 89 00:05:22,000 --> 00:05:26,220 For that, in order for you infect other computers, you need two things -- 90 00:05:26,220 --> 00:05:29,710 You need RATS (Remote administration tools) 91 00:05:29,710 --> 00:05:33,200 and you need to make them FUD. 92 00:05:33,200 --> 00:05:35,700 You need to make them fully undetectable. 93 00:05:35,700 --> 00:05:38,600 That is what the term FUD stands for. 94 00:05:38,600 --> 00:05:42,200 So it just means that they cannot be detected by antiviruses 95 00:05:42,200 --> 00:05:44,600 or they are, more precise term would be 96 00:05:44,600 --> 00:05:50,300 that they are not labeled as something malicious by antivirus programs. 97 00:05:50,300 --> 00:05:55,700 By the way, sometimes actually most the times 98 00:05:55,700 --> 00:05:59,040 you don't actually need to make your own applications fully undetectable. 99 00:05:59,040 --> 00:06:01,500 There are plenty of pen testing companies out there 100 00:06:01,500 --> 00:06:04,180 and not just pen testing companies, but other companies as well 101 00:06:04,180 --> 00:06:07,600 will pay very good sums of money 102 00:06:07,600 --> 00:06:14,300 if you can make their programs fully undetectable by antivirus programs 103 00:06:14,300 --> 00:06:19,700 Down below, the RATS (Remote Administration Tools) 104 00:06:19,700 --> 00:06:24,700 Now, they themselves are not some sort of hacks or anything of a kind. 105 00:06:24,700 --> 00:06:30,100 They just basically put them on a USB stick or something of a kind. 106 00:06:30,100 --> 00:06:31,600 Send them in the mail 107 00:06:31,600 --> 00:06:35,000 Shared them in a zip file 108 00:06:35,000 --> 00:06:36,700 and in such a way 109 00:06:36,700 --> 00:06:41,540 that's just one of the ways to infect other computers 110 00:06:41,540 --> 00:06:42,300 other devices 111 00:06:42,300 --> 00:06:44,300 enslave them 112 00:06:44,300 --> 00:06:48,100 convert them into your sleeves 113 00:06:48,100 --> 00:06:49,620 into the slaves of the main server 114 00:06:49,620 --> 00:06:53,200 where every death might be wherever you might set it up 115 00:06:53,200 --> 00:06:55,700 and then you can use all of those computers 116 00:06:55,700 --> 00:06:58,100 to conduct all sorts of activities. 117 00:06:58,100 --> 00:07:02,600 This is very good because it anonymizes you to a very large extent. 118 00:07:02,600 --> 00:07:07,100 It's very difficult to track somebody down, whoever is doing this 119 00:07:07,100 --> 00:07:09,800 primarily because the users, who are infected 120 00:07:09,800 --> 00:07:15,300 they have no idea that somebody else is controlling their devices 121 00:07:15,300 --> 00:07:19,400 because nothing is really happening on your desktop you can't really see. 122 00:07:19,400 --> 00:07:23,050 All the processes running are being run in the background 123 00:07:23,050 --> 00:07:26,300 and your processor is executing them 124 00:07:26,300 --> 00:07:27,920 using up 125 00:07:27,920 --> 00:07:31,540 the only way to see it would be basically to start up a task manager 126 00:07:31,540 --> 00:07:33,800 or something of a kind. 127 00:07:33,800 --> 00:07:36,100 and then see the running processes 128 00:07:36,100 --> 00:07:37,500 and perhaps you could spot it there 129 00:07:37,500 --> 00:07:43,200 but not even there if somebody has implemented a rootkit. 130 00:07:43,200 --> 00:07:47,620 So a rootkit is a tool basically 131 00:07:47,620 --> 00:07:50,620 which you install onto an operating system 132 00:07:50,620 --> 00:07:57,200 and it is able to hide running processes from the system itself 133 00:07:57,200 --> 00:08:00,900 So when you, for example, start a task manager in windows 134 00:08:00,900 --> 00:08:01,880 or something of a kind 135 00:08:01,880 --> 00:08:07,500 the purpose of a rootkit would be hide the processes from the task manager. 136 00:08:07,500 --> 00:08:12,500 Basically how it works is the task manager from the system 137 00:08:12,500 --> 00:08:13,420 from the kernel 138 00:08:13,420 --> 00:08:16,400 and then the kernel of the system responds 139 00:08:16,400 --> 00:08:17,500 which is the core of the system 140 00:08:17,500 --> 00:08:21,000 where all the drivers and the key functionalities are. 141 00:08:21,000 --> 00:08:22,700 The kernel of the system then responds 142 00:08:22,700 --> 00:08:26,700 "Hey, I have this this this and this process running. Here you go" 143 00:08:26,700 --> 00:08:33,500 What rootkit would do is redirect those requests from task manager to itself 144 00:08:33,500 --> 00:08:36,900 and would basically say "I don't have such processes running" 145 00:08:36,900 --> 00:08:41,100 So very very dangerous and potent combinations here 146 00:08:41,100 --> 00:08:44,900 that we will use later on as we progress through this tutorial 147 00:08:44,900 --> 00:08:48,500 but for the time being I just wanted to give a bit of an introduction to it 148 00:08:48,500 --> 00:08:51,550 and give you an idea of what we shall be doing 149 00:08:51,550 --> 00:08:54,589 through some these basic terms and concepts. 150 00:08:54,589 --> 00:08:58,560 Next up, we have phishing attacks. 151 00:08:58,560 --> 00:09:07,400 Now phishing attacks are basically when you apply some sort of bait 152 00:09:07,400 --> 00:09:09,829 somebody bites it, then you pull on it. 153 00:09:09,829 --> 00:09:12,100 Simple as that, right? 154 00:09:12,100 --> 00:09:13,670 The same way you would do fishing. 155 00:09:13,670 --> 00:09:16,100 Well not quite 156 00:09:16,100 --> 00:09:21,389 Phishing attacks would be when you get, I don't know, an email from someone 157 00:09:21,389 --> 00:09:23,100 and there's a link it 158 00:09:23,100 --> 00:09:24,200 you click on it 159 00:09:24,200 --> 00:09:28,720 and it throws you somewhere, I don't know, on some website 160 00:09:28,720 --> 00:09:31,600 Perhaps it looks like something legit. 161 00:09:31,600 --> 00:09:35,100 Perhaps it looks like a website that you are using or something of a kind 162 00:09:35,100 --> 00:09:37,600 but it is not and you pass on your credentials 163 00:09:37,600 --> 00:09:39,000 and that can be a problem 164 00:09:39,000 --> 00:09:40,700 but this is generally avoided today. 165 00:09:40,700 --> 00:09:43,600 This is not something that happens in such a way. 166 00:09:43,600 --> 00:09:49,000 Rather instead what happens these days is the that DNS servers gets changed 167 00:09:49,000 --> 00:09:50,000 on your routers 168 00:09:50,000 --> 00:09:52,000 and once that happens 169 00:09:52,000 --> 00:09:55,600 older requests that you made on your web browser gets redirected. 170 00:09:55,600 --> 00:09:58,800 So for example, if you type in facebook.com 171 00:09:58,800 --> 00:10:01,700 you're gonna get a domain with facebook.com 172 00:10:01,700 --> 00:10:03,800 from some private DNS server 173 00:10:03,800 --> 00:10:05,500 god knows where 174 00:10:05,500 --> 00:10:10,000 who's MX records are altered and they have been configured. 175 00:10:10,000 --> 00:10:15,100 For example, to make redirections to interpret Facebook.com 176 00:10:15,100 --> 00:10:18,269 sorry, not redirections but rather instead to interpret Facebook.com 177 00:10:18,269 --> 00:10:22,389 to certain IP address that does not belong Facebook or anything like that. 178 00:10:22,389 --> 00:10:24,500 So you open up your Facebook 179 00:10:24,500 --> 00:10:25,809 it looks exactly the same 180 00:10:25,809 --> 00:10:31,800 There is no way to tell because in the upper left corner of the screen 181 00:10:31,800 --> 00:10:34,000 you have the domain name written -- 182 00:10:34,000 --> 00:10:36,500 It's www.facebook.com 183 00:10:36,500 --> 00:10:40,610 and basically provided login credentials 184 00:10:40,610 --> 00:10:42,300 once you do that, they're gone. 185 00:10:42,300 --> 00:10:43,900 Somebody has them. 186 00:10:43,900 --> 00:10:48,240 One of the ways to detect this 187 00:10:48,240 --> 00:10:51,470 even though it's very, I mean it's not hard 188 00:10:51,470 --> 00:10:54,860 but nobody really pays any attention to it. 189 00:10:54,860 --> 00:10:59,800 In the upper left corner you might check with the protocol is HTTPS 190 00:10:59,800 --> 00:11:02,200 instead of HTTP 191 00:11:02,200 --> 00:11:05,800 because usually if these kind of attacks are conducted 192 00:11:05,800 --> 00:11:07,400 it's not gonna be HTTPS 193 00:11:07,400 --> 00:11:09,449 a status a lot harder to implement 194 00:11:09,449 --> 00:11:15,300 but if it is HTTPS, there really won't be any legit way of figuring it out 195 00:11:15,300 --> 00:11:17,300 other then actually checking the keys 196 00:11:17,300 --> 00:11:18,400 checking the certificates and 197 00:11:18,400 --> 00:11:20,800 and nobody actually does that. 198 00:11:20,800 --> 00:11:21,800 Well maybe not nobody 199 00:11:21,800 --> 00:11:25,700 but ninety-nine percent of users out there are not going to bother 200 00:11:25,700 --> 00:11:29,600 to go about conducting such checks. 201 00:11:29,600 --> 00:11:32,300 Anyway, I know it sounds a bit complex 202 00:11:32,300 --> 00:11:35,600 but believe me, I will explain this in great details. 203 00:11:35,600 --> 00:11:37,949 I will give you several demonstrations 204 00:11:37,949 --> 00:11:40,000 and by the end of this course 205 00:11:40,000 --> 00:11:44,400 you will understand and know how to do this with great ease. 206 00:11:44,400 --> 00:11:48,670 It will not present a significant obstacle in your line of work. 207 00:11:48,670 --> 00:11:53,700 Excellent. Now that we have approximately half these terms out of our way 208 00:11:53,700 --> 00:11:57,000 I will continue to deal with them in the follow up tutorial 209 00:11:57,000 --> 00:12:00,000 and I sincerely hope to see you all there 18885