Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,290 --> 00:00:03,000 Hello everybody and welcome to this tutorial. 2 00:00:03,000 --> 00:00:06,900 Here, I'm just gonna continue from where I left off in the previous one. 3 00:00:06,900 --> 00:00:10,540 If you have not seen the previous tutorial, I strongly urge you to do so 4 00:00:10,540 --> 00:00:16,400 as the two are closely interrelated, so to say. 5 00:00:16,400 --> 00:00:19,600 Anyway, previously we discussed some of these things 6 00:00:19,600 --> 00:00:23,200 such as DoS, RAT, fishing and so on and so forth. 7 00:00:23,200 --> 00:00:27,320 But here, I wanna go a step further 8 00:00:27,320 --> 00:00:35,000 and tell you about SQL injections, VPNs, proxies, Tor, VPS, key loggers 9 00:00:35,000 --> 00:00:36,000 and so on and so forth. 10 00:00:36,000 --> 00:00:40,400 You will see how all these things will play a role later on 11 00:00:40,400 --> 00:00:41,700 throughout the course. 12 00:00:41,700 --> 00:00:42,739 But for the time being 13 00:00:42,739 --> 00:00:49,300 you have SQL injections, which are simply passing SQL queries to HTTP requests. 14 00:00:49,300 --> 00:00:54,800 If they are not properly formatted by the PHP code on the server side 15 00:00:54,800 --> 00:00:57,700 this can present a serious problem 16 00:00:57,700 --> 00:01:00,850 and this is always one of the primary considerations 17 00:01:00,850 --> 00:01:03,300 of all the web developers out there. 18 00:01:03,300 --> 00:01:05,449 Later on I will demonstrate how you can use these 19 00:01:05,449 --> 00:01:06,640 formulate them 20 00:01:06,640 --> 00:01:11,700 and there is a large amount of websites that are vulnerable out there 21 00:01:11,700 --> 00:01:14,000 primarily because the frameworks on which they're based 22 00:01:14,000 --> 00:01:16,500 are vulnerable as well. 23 00:01:16,500 --> 00:01:19,100 Next up, you have Virtual Private Networks 24 00:01:19,100 --> 00:01:21,300 so VPNs 25 00:01:21,300 --> 00:01:25,300 These are ways of anonymizing yourselves. 26 00:01:25,300 --> 00:01:29,409 Basically, if you have a VPN provider somewhere 27 00:01:29,409 --> 00:01:32,200 and if you want you anonymize yourself 28 00:01:32,200 --> 00:01:35,619 you will route all their traffic through this VPN provider 29 00:01:35,619 --> 00:01:41,100 and all the traffic between you and the VPN provider will be heavily encrypted. 30 00:01:41,100 --> 00:01:42,800 So any other server out there 31 00:01:42,800 --> 00:01:44,759 if it is receiving requests from you 32 00:01:44,759 --> 00:01:48,170 it is actually receiving them from VPN. 33 00:01:48,170 --> 00:01:55,900 There is no real way of detecting you or fighting your physical location 34 00:01:55,900 --> 00:02:00,500 unless the VPN provider actually gives it up. 35 00:02:00,500 --> 00:02:03,300 which doesn't really happen if you pick the right one. 36 00:02:03,300 --> 00:02:06,100 Down below you have proxies. 37 00:02:06,100 --> 00:02:09,900 Now proxies are a less reliable way of staying anonymous 38 00:02:09,900 --> 00:02:15,900 but you should always make it your common practice to use Socks5 proxies. 39 00:02:15,900 --> 00:02:17,000 I will explain what these are 40 00:02:17,000 --> 00:02:19,600 I will introduce them when we do proxy chains 41 00:02:19,600 --> 00:02:22,900 and when I explain to you how you can actually stay anonymous 42 00:02:22,900 --> 00:02:26,600 while conducting these sort of activities. 43 00:02:26,600 --> 00:02:30,300 You will realize that you can route your connection through several proxies 44 00:02:30,300 --> 00:02:34,970 but very soon you will see as well, that doesn't always work. 45 00:02:34,970 --> 00:02:39,100 In the movies or something like that you see people going through 10 46 00:02:39,100 --> 00:02:40,700 or 20 different proxies. 47 00:02:40,700 --> 00:02:44,400 In reality that would be very VERY difficult to implement 48 00:02:44,400 --> 00:02:47,400 primarily because of internet speeds 49 00:02:47,400 --> 00:02:49,100 because of the available bandwidth. 50 00:02:49,100 --> 00:02:54,000 Most of the free proxies out there are not very fast 51 00:02:54,000 --> 00:02:58,100 and routing your connection through several of them 52 00:02:58,100 --> 00:03:05,800 will make it very difficult for you to do anything in a reasonable amount of time. 53 00:03:05,800 --> 00:03:07,400 There are, of course, paid proxies 54 00:03:07,400 --> 00:03:11,000 but when you pay a proxy, you leave digital footprints somewhere 55 00:03:11,000 --> 00:03:12,290 so you can be traced. 56 00:03:12,290 --> 00:03:15,900 Down below, you have Tor. 57 00:03:15,900 --> 00:03:19,079 Now Tor is absolutely free open source 58 00:03:19,079 --> 00:03:22,799 and it's much faster than proxies. 59 00:03:22,799 --> 00:03:25,840 It's not faster than VPNs, but it is faster than proxies. 60 00:03:25,840 --> 00:03:29,980 It gives you the ability to torify your applications 61 00:03:29,980 --> 00:03:37,200 which in essence, means simply routing traffic through certain routes 62 00:03:37,209 --> 00:03:41,430 and using certain routers on the Internet to actually 63 00:03:41,430 --> 00:03:46,000 not just routers, but using certain devices on the Internet for your packets 64 00:03:46,000 --> 00:03:48,500 for your connection to go through. 65 00:03:48,500 --> 00:03:50,600 It can be slow from time to time. 66 00:03:50,600 --> 00:03:53,000 It is not a 100% guarantee 67 00:03:53,000 --> 00:03:57,200 but you will be anonymous to a very large extent 68 00:03:57,200 --> 00:03:59,300 if you are using Tor. 69 00:03:59,300 --> 00:04:01,000 There are ways of detecting you 70 00:04:01,000 --> 00:04:04,800 but they are HIGHLY unlikely to happen Nike night 71 00:04:04,800 --> 00:04:10,800 Like 99.99% of time, you will be almost 100% anonymous 72 00:04:10,800 --> 00:04:14,400 which is a very good way of functioning. 73 00:04:14,400 --> 00:04:16,289 Also, you have the Tor browser 74 00:04:16,289 --> 00:04:20,300 which allows you to access dark web, or hidden web 75 00:04:20,300 --> 00:04:22,000 however you wish to call it. 76 00:04:22,000 --> 00:04:25,600 Basically, those are ".onion" websites 77 00:04:25,600 --> 00:04:28,840 and they are not indexed by any other search engines out there 78 00:04:28,840 --> 00:04:34,000 and they cannot be accessed by a regular internet route... 79 00:04:34,000 --> 00:04:37,800 from the regular internet browsing perspective. 80 00:04:37,800 --> 00:04:40,490 You cannot...I mean if you open up Firefox 81 00:04:40,490 --> 00:04:43,600 and if you had your internet connection 82 00:04:43,600 --> 00:04:46,800 and if you don't have your internet connection configured in a proper way 83 00:04:46,800 --> 00:04:49,300 to connect it to a network, or something of a kind 84 00:04:49,300 --> 00:04:56,800 you will not be able to access any of the hidden webs, dark webs, website services 85 00:04:56,800 --> 00:04:58,200 and so on and so forth. 86 00:04:58,200 --> 00:05:01,300 Now I will also show you how to access dark web and how to use it 87 00:05:01,300 --> 00:05:06,000 as it has a vast amount of resources that are at your disposal 88 00:05:06,000 --> 00:05:06,900 most of them free 89 00:05:06,900 --> 00:05:10,400 some of them paid, and so on and so forth. 90 00:05:10,400 --> 00:05:12,600 Down below, you have VPS. 91 00:05:12,600 --> 00:05:14,180 These are Virtual Private Servers. 92 00:05:14,180 --> 00:05:16,100 It is a method of... 93 00:05:16,100 --> 00:05:17,400 it is a security... 94 00:05:17,400 --> 00:05:19,150 it can viewed as a security layer. 95 00:05:19,150 --> 00:05:22,950 For example, if you have an Apache server running on your physical machine 96 00:05:22,950 --> 00:05:26,300 you can have a virtual machine within that physical machine 97 00:05:26,300 --> 00:05:30,300 which will serve as an SQL Server for that Apache server. 98 00:05:30,300 --> 00:05:34,830 This is done so that the SQL server cannot be accessed from outside 99 00:05:34,830 --> 00:05:39,150 and that you don't have an SQL port open on your physical machine. 100 00:05:39,150 --> 00:05:40,800 So only devices 101 00:05:40,800 --> 00:05:42,310 only programs 102 00:05:42,310 --> 00:05:45,650 and users from that particular machine 103 00:05:45,650 --> 00:05:50,200 will be able to access to virtual machine where the SQL Server is. 104 00:05:50,200 --> 00:05:52,550 A bit of back and forth action here. 105 00:05:52,550 --> 00:05:55,100 It might sound unclear or something like that 106 00:05:55,100 --> 00:05:57,210 but I don't want you to worry about it now. 107 00:05:57,210 --> 00:06:00,700 When I show the examples when you get into it 108 00:06:00,700 --> 00:06:02,400 you will understand it. 109 00:06:02,400 --> 00:06:04,200 I guarantee it to you. 110 00:06:04,200 --> 00:06:05,300 So no problems there. 111 00:06:05,300 --> 00:06:08,100 Here I'm just introducing you to the terminology 112 00:06:08,100 --> 00:06:12,100 and giving you an idea of what's to come. 113 00:06:12,100 --> 00:06:12,800 Excellent 114 00:06:12,800 --> 00:06:16,200 So we also have "Key Loggers" 115 00:06:16,200 --> 00:06:20,180 which are tools that are used to steal credentials 116 00:06:20,180 --> 00:06:21,600 and not only credentials 117 00:06:21,600 --> 00:06:26,500 but also used to extract information. 118 00:06:26,500 --> 00:06:30,060 If you manage to deploy a key logger on a machine 119 00:06:30,060 --> 00:06:32,300 you can configure it to send 120 00:06:32,300 --> 00:06:35,900 to record all keystrokes and send them to a mail address 121 00:06:35,900 --> 00:06:37,240 to an FTP server. 122 00:06:37,240 --> 00:06:40,200 Today, key loggers are advanced to the extent 123 00:06:40,200 --> 00:06:43,130 that they have 124 00:06:43,130 --> 00:06:47,200 they have like a hundred options or so 125 00:06:47,200 --> 00:06:50,900 configurable to the fullest of extents 126 00:06:50,900 --> 00:06:52,900 and you can do pretty much whatever you want with them 127 00:06:52,900 --> 00:06:56,300 I mean, they have their basic functionalities 128 00:06:56,300 --> 00:06:58,800 the basic functionalities are still there 129 00:06:58,800 --> 00:07:00,389 to record the keystrokes 130 00:07:00,389 --> 00:07:02,800 but not only do they record keystrokes 131 00:07:02,800 --> 00:07:04,000 for example 132 00:07:04,000 --> 00:07:07,600 they can extract existing information as well. 133 00:07:07,600 --> 00:07:11,410 You can configure their behavior 134 00:07:11,410 --> 00:07:14,500 how is the stealth level of the key logger? 135 00:07:14,500 --> 00:07:15,000 How will it hide? 136 00:07:15,000 --> 00:07:16,400 Where will it go? 137 00:07:16,400 --> 00:07:17,600 Where will it be installed? 138 00:07:17,600 --> 00:07:20,900 What sort of information do you want to extract? 139 00:07:20,900 --> 00:07:24,200 Do you want monitor particular folders for activity 140 00:07:24,200 --> 00:07:25,840 and you want to record it? 141 00:07:25,840 --> 00:07:28,300 You can configure them take screenshots. 142 00:07:28,300 --> 00:07:33,280 You can configure them to use the camera on the device 143 00:07:33,280 --> 00:07:38,000 on which you had deployed a key logger to take a picture every five minutes 144 00:07:38,009 --> 00:07:39,030 or something like that 145 00:07:39,030 --> 00:07:41,600 That wouldn't be the of brightest ideas 146 00:07:41,600 --> 00:07:46,100 because obviously somebody would that you are taking a picture 147 00:07:46,100 --> 00:07:50,599 but those are just examples of what you can do with them 148 00:07:50,599 --> 00:07:55,300 and later on we will actually download the genuine keylogger 149 00:07:55,300 --> 00:07:55,800 Install it 150 00:07:55,800 --> 00:07:56,600 Deploy it 151 00:07:56,600 --> 00:08:01,110 and show methods of deployment and how you can configure it as well 152 00:08:01,110 --> 00:08:04,990 although you should be very careful from where you download your tools 153 00:08:04,990 --> 00:08:09,800 such as key loggers, remote demonstration tools, rootkits 154 00:08:09,800 --> 00:08:11,300 and so on and so forth. 155 00:08:11,300 --> 00:08:15,720 Primarily because you never ever want to download 156 00:08:15,720 --> 00:08:21,300 an uncompiled binary file that is not open source 157 00:08:21,300 --> 00:08:24,100 because you have no way of knowing what's in it 158 00:08:24,100 --> 00:08:30,300 and you absolutely NEVER want to run it on your computer 159 00:08:30,300 --> 00:08:32,400 You might get what you want 160 00:08:32,400 --> 00:08:35,000 you know, a key logger or something of a kind 161 00:08:35,000 --> 00:08:38,800 but your computer might get infected with exactly the same key logger 162 00:08:38,800 --> 00:08:40,500 that you planned to deploy somewhere 163 00:08:40,500 --> 00:08:45,000 or with exactly the same wrath that you intended to deploy somewhere. 164 00:08:45,000 --> 00:08:46,770 So that's a very bright idea. 165 00:08:46,770 --> 00:08:51,860 You should use verified sources of such tools. 166 00:08:51,860 --> 00:08:54,750 I will show a few of them later on 167 00:08:54,750 --> 00:08:58,800 as I go over to the internet and download them 168 00:08:58,800 --> 00:09:02,100 but I'm just making it very clear here 169 00:09:02,100 --> 00:09:04,380 that you should be very careful with these things 170 00:09:04,380 --> 00:09:06,900 and one of the full proof methods of doing this 171 00:09:06,900 --> 00:09:08,900 is actually configuring a virtual machine 172 00:09:08,900 --> 00:09:11,800 and doing this sort of activity on that virtual machine. 173 00:09:11,800 --> 00:09:14,100 So even if you get infected or something of a kind 174 00:09:14,100 --> 00:09:14,800 it doesn't matter. 175 00:09:14,800 --> 00:09:16,100 It's a virtual machine. 176 00:09:16,100 --> 00:09:18,300 You can reinstall it anytime you want. 177 00:09:18,300 --> 00:09:19,300 Very fast 178 00:09:19,300 --> 00:09:22,700 Pretty much no information will be lost there. 179 00:09:22,700 --> 00:09:27,620 More importantly, the primary file system on your main physical machine 180 00:09:27,620 --> 00:09:30,900 will not be accessed from the virtual machine 181 00:09:30,900 --> 00:09:36,100 Anyway, down below you have the terminal 182 00:09:36,100 --> 00:09:42,200 So terminal is basically an interface for you 183 00:09:42,200 --> 00:09:46,200 that allows you to control your operating system. 184 00:09:46,200 --> 00:09:50,000 Now, Linux terminal is VERY powerful. 185 00:09:50,000 --> 00:09:52,800 We will be using it extensively. 186 00:09:52,800 --> 00:09:55,200 You will need to familiarize yourselves with it. 187 00:09:55,200 --> 00:09:57,000 I will familiarize you with it. 188 00:09:57,000 --> 00:09:58,560 I will teach how to use it. 189 00:09:58,560 --> 00:10:04,100 To some people, it might seem a bit difficult 190 00:10:04,100 --> 00:10:06,100 or a bit tricky at first sight. 191 00:10:06,100 --> 00:10:09,100 You know, there are a lot of commands to type in -- 192 00:10:09,100 --> 00:10:11,800 How to memorize them all 193 00:10:11,800 --> 00:10:15,000 What to use where, and so on and so forth 194 00:10:15,000 --> 00:10:18,510 but believe me, there is a certain logic to it 195 00:10:18,510 --> 00:10:21,640 and once you figure it out, everything just flies. 196 00:10:21,640 --> 00:10:27,700 I know by heart about 30% of possible commands out there. 197 00:10:27,700 --> 00:10:29,190 regarding Linux terminals 198 00:10:29,190 --> 00:10:35,400 and the rest I simply figure out with dash H or dash dash help. 199 00:10:35,400 --> 00:10:38,120 The system pretty much tells you everything you need to know. 200 00:10:38,120 --> 00:10:41,290 It helps you out to a great extent 201 00:10:41,290 --> 00:10:44,600 and you are able to figure out a lot of things 202 00:10:44,600 --> 00:10:48,200 from just understanding the basic logic of how it works 203 00:10:48,200 --> 00:10:50,200 and so on. 204 00:10:50,200 --> 00:10:54,590 Now, there will always of course be arguments 205 00:10:54,590 --> 00:10:58,450 I don't know, maybe people saying "Why would you use terminals?" 206 00:10:58,450 --> 00:11:01,600 "Why won't you just use GUI tools or something like that?" 207 00:11:01,600 --> 00:11:06,500 The simple answer is because they are not as nearly as powerful 208 00:11:06,500 --> 00:11:09,100 as the terminal tools are. 209 00:11:09,100 --> 00:11:13,190 Plus, terminal tools have far less dependencies 210 00:11:13,190 --> 00:11:18,300 and most the hacking tools are basically designed for the terminals. 211 00:11:18,300 --> 00:11:20,640 They're not...they don't have GUIs. 212 00:11:20,640 --> 00:11:23,100 A lot of do have them these days 213 00:11:23,100 --> 00:11:27,400 but I might go over them briefly at a certain point of time 214 00:11:27,400 --> 00:11:28,500 because it is not... 215 00:11:28,500 --> 00:11:30,400 the GUI interfaces are not that relevant 216 00:11:30,400 --> 00:11:33,000 When you figure out how to do it in the terminal 217 00:11:33,000 --> 00:11:35,790 you will automatically, by default 218 00:11:35,790 --> 00:11:38,850 know how to do it with the Graphical User Interface 219 00:11:38,850 --> 00:11:41,300 for that particular program. 220 00:11:41,300 --> 00:11:45,360 Anyway, down below you have firewalls. 221 00:11:45,360 --> 00:11:50,700 Now, firewall in Linux is configured through IP table commands 222 00:11:50,700 --> 00:11:54,000 You keep on passing arguments and configuring these firewalls 223 00:11:54,000 --> 00:11:56,210 and this is one of the main reasons 224 00:11:56,210 --> 00:12:00,700 why you should not be using any distribution of windows 225 00:12:00,700 --> 00:12:02,700 for this particular tutorial -- 226 00:12:02,700 --> 00:12:03,860 to follow this tutorial. 227 00:12:03,860 --> 00:12:06,410 You will need to install 228 00:12:06,410 --> 00:12:07,800 as I said previously 229 00:12:07,800 --> 00:12:12,400 will need to install either a Linux virtual machine or create a duel boot 230 00:12:12,400 --> 00:12:14,200 or something of a kind. 231 00:12:14,200 --> 00:12:19,100 I will, of course, show how to do this and demonstrate it in great detail what are the main 232 00:12:19,100 --> 00:12:20,900 but one of the main reasons -- 233 00:12:20,900 --> 00:12:22,700 the firewalls are one of the main reasons 234 00:12:22,700 --> 00:12:26,600 why we can't use windows for these sort of purposes. 235 00:12:26,600 --> 00:12:30,600 Linux firewall is open source 236 00:12:30,600 --> 00:12:34,700 and it has a ridiculous amount of options 237 00:12:34,700 --> 00:12:37,000 a ridiculous amount. 238 00:12:37,000 --> 00:12:37,990 Enough getting here... 239 00:12:37,990 --> 00:12:41,000 You can do with it pretty much whatever you want. 240 00:12:41,000 --> 00:12:44,100 You can configure. 241 00:12:44,100 --> 00:12:46,100 You can close and open ports. 242 00:12:46,100 --> 00:12:51,200 Forward connections via ports or via IP addresses. 243 00:12:51,200 --> 00:12:52,800 You can close... 244 00:12:52,800 --> 00:12:56,400 you can just forbid certain protocols on certain ports 245 00:12:56,400 --> 00:12:59,300 or forbid certain protocols for certain IP addresses. 246 00:12:59,300 --> 00:13:03,000 Do all manner of forwarding and redirection 247 00:13:03,000 --> 00:13:04,200 and so on and so forth. 248 00:13:04,200 --> 00:13:08,020 This all available for free with a Linux firewall 249 00:13:08,020 --> 00:13:12,080 While in Windows, you will have some of these options 250 00:13:12,080 --> 00:13:14,980 but most of them you won't unless you, for example 251 00:13:14,980 --> 00:13:17,500 buy a certain package or something like that 252 00:13:17,500 --> 00:13:21,300 which is not something that we really want to do here. 253 00:13:21,300 --> 00:13:23,040 We want to keep this budget-friendly 254 00:13:23,040 --> 00:13:26,240 and we want to have a powerful firewall 255 00:13:26,240 --> 00:13:29,200 which can do pretty much whatever we want it to do. 256 00:13:29,200 --> 00:13:33,000 Now, there will be two ways of configuring this firewall 257 00:13:33,000 --> 00:13:37,200 and if you are afraid of messing it up, don't worry about it 258 00:13:37,200 --> 00:13:43,000 because most configurations that we will do will be short-lived configurations 259 00:13:43,000 --> 00:13:43,700 so to say 260 00:13:43,700 --> 00:13:47,000 primarily because all the configurations made to the firewall 261 00:13:47,000 --> 00:13:48,500 from iptables command 262 00:13:48,500 --> 00:13:50,700 unless specified otherwise 263 00:13:50,700 --> 00:13:55,800 will be temporary, and they will hold until the next system reset. 264 00:13:55,800 --> 00:13:57,760 There is a way to circumvent this, of course 265 00:13:57,760 --> 00:14:02,500 and to configure the firewall rules in the configuration file directly 266 00:14:02,500 --> 00:14:04,590 and thereby making the changes permanent 267 00:14:04,590 --> 00:14:07,200 which is also one of the ways of doing it 268 00:14:07,200 --> 00:14:09,200 but I don't generally prefer it 269 00:14:09,200 --> 00:14:12,800 I prefer it to have a script somewhere which you can run at anytime 270 00:14:12,800 --> 00:14:16,300 and it will configure firewall by default. 271 00:14:16,300 --> 00:14:24,600 This is primarily because you want to have your tools set in a USB stick 272 00:14:24,600 --> 00:14:25,530 or somewhere in the line 273 00:14:25,530 --> 00:14:27,000 or something of a kind. 274 00:14:27,000 --> 00:14:30,800 and you have these quick scripts, which you generate 275 00:14:30,800 --> 00:14:35,000 and then they perform these tasks for you in an automated fashion. 276 00:14:35,000 --> 00:14:36,300 It's really simple. 277 00:14:36,300 --> 00:14:38,000 I will show you how to make these scripts. 278 00:14:38,000 --> 00:14:38,970 You don't need... 279 00:14:38,970 --> 00:14:42,100 You do not necessarily need some advanced programming knowledge 280 00:14:42,100 --> 00:14:43,000 or anything of a kind. 281 00:14:43,000 --> 00:14:45,000 Basically what these scripts are 282 00:14:45,000 --> 00:14:48,530 are lists of Linux terminal commands 283 00:14:48,530 --> 00:14:51,500 which we will do anyway. 284 00:14:51,500 --> 00:14:55,560 So basically, the script would consist out of a list of those commands 285 00:14:55,560 --> 00:15:01,300 then you just change the mod of the script to be an executable file 286 00:15:01,300 --> 00:15:01,900 run it 287 00:15:01,900 --> 00:15:07,100 and all those commands are past the system 288 00:15:07,100 --> 00:15:12,000 and those tasks are finished in an automated fashion, by default. 289 00:15:12,000 --> 00:15:15,900 Anyway, one of the final things that I wish to address here 290 00:15:15,900 --> 00:15:19,000 are "Reverse-shells" 291 00:15:19,000 --> 00:15:24,900 There are hundreds, if not thousands of reverse-shells out there 292 00:15:24,900 --> 00:15:26,110 that you can use. 293 00:15:26,110 --> 00:15:29,440 I will pick a few that we will use, depending on the framework 294 00:15:29,440 --> 00:15:33,700 depending on the environment, of course, that we want to infect. 295 00:15:33,700 --> 00:15:37,800 But in essence, what reverse-shells are 296 00:15:37,800 --> 00:15:39,800 as the name itself says 297 00:15:39,800 --> 00:15:45,400 you have a program, which you infect in another device 298 00:15:45,400 --> 00:15:50,300 and then that program opens up a reverse connection from that device 299 00:15:50,300 --> 00:15:51,900 back to you. 300 00:15:51,900 --> 00:15:55,300 So you can keep on passing commands. 301 00:15:55,300 --> 00:15:57,170 You can keep on controlling the system 302 00:15:57,170 --> 00:16:02,100 even though you are nowhere near it. there are different types of course today 303 00:16:02,100 --> 00:16:05,500 There are different types, of course, today with routers 304 00:16:05,500 --> 00:16:06,900 and so on and so forth. 305 00:16:06,900 --> 00:16:11,040 With such firewalls, you need to do a lot of extra configuration 306 00:16:11,050 --> 00:16:15,700 and there are problems that need to be solved and addressed. 307 00:16:15,700 --> 00:16:19,870 You'll see how when you're trying to break into a single computer 308 00:16:19,870 --> 00:16:22,899 sometimes you need to break into the router first. 309 00:16:22,899 --> 00:16:26,000 Usually you need to break into the router first 310 00:16:26,000 --> 00:16:28,900 unless you're performing these fishing sort of attacks 311 00:16:28,900 --> 00:16:32,700 or there's a web server, or something of a kind, running in the background 312 00:16:32,700 --> 00:16:34,620 But attacking a private device -- 313 00:16:34,620 --> 00:16:37,300 private computer, which is usually what people do 314 00:16:37,300 --> 00:16:38,800 as preludes to bigger hacks 315 00:16:38,800 --> 00:16:41,700 because they want to extract some sort of information 316 00:16:41,700 --> 00:16:42,500 or something of a kind 317 00:16:42,500 --> 00:16:46,200 from let's say, a company's employee that's a network administrator 318 00:16:46,200 --> 00:16:48,200 or somebody like that. 319 00:16:48,200 --> 00:16:49,300 They will... 320 00:16:49,300 --> 00:16:52,700 One of the basic factors would be to attack a home router 321 00:16:52,700 --> 00:16:54,439 change the DNS settings there 322 00:16:54,439 --> 00:16:57,400 and try to steal credentials in such a way 323 00:16:57,400 --> 00:17:00,800 or put the computer in the DMZ of the router 324 00:17:00,800 --> 00:17:01,900 demilitarized zone 325 00:17:01,900 --> 00:17:06,200 so that the router is no longer effective for the device. 326 00:17:06,200 --> 00:17:12,600 Rather instead, it just forwards all traffic to that device regardless 327 00:17:12,600 --> 00:17:13,850 So that can be... 328 00:17:13,850 --> 00:17:17,250 Those are some of the types of attacks you can do 329 00:17:17,250 --> 00:17:23,000 but reverse-shells will depend on the choice of the environment 330 00:17:23,000 --> 00:17:26,900 that you are trying to infect 331 00:17:26,900 --> 00:17:33,000 and will depend on the choice of your attack route, as well. 332 00:17:33,000 --> 00:17:37,400 In any case, I hope that you got some basic introduction to these terms 333 00:17:37,400 --> 00:17:41,600 and I again repeat, if you didn't figure it out all immediately 334 00:17:41,600 --> 00:17:42,700 don't worry about it. 335 00:17:42,700 --> 00:17:46,500 We will do all of this in great details with a lot of examples 336 00:17:46,500 --> 00:17:47,600 and you will understand it. 337 00:17:47,600 --> 00:17:49,350 It is not complicated. 338 00:17:49,350 --> 00:17:53,700 Do not allow fear to dissuade or stop you. 339 00:17:53,700 --> 00:17:55,840 Just keep on going in spite of it 340 00:17:55,840 --> 00:17:59,890 and if you can just stick in to the end of this course 341 00:17:59,890 --> 00:18:03,980 I guarantee it to you, you will understand it 342 00:18:03,980 --> 00:18:06,800 with just a bit a focus and a bit of curiosity 343 00:18:06,800 --> 00:18:10,200 you will be able to obtain the necessary skills needed 344 00:18:10,200 --> 00:18:14,300 in order to become a pen tester or an ethical hacker. 345 00:18:14,300 --> 00:18:18,010 I bid you all farewell and I hope to see you in the next tutorial. 30150