1
00:00:01,080 --> 00:00:08,280
‫User interface commands and web cam commands are grouped under two different headers, capturing keystrokes,

2
00:00:08,340 --> 00:00:14,520
‫grabbing screenshots, taking a snapshot from the webcam are only some of the functions of the commands

3
00:00:14,520 --> 00:00:15,000
‫of this group.

4
00:00:17,150 --> 00:00:20,690
‫Idle time returns the idle time of the vector machine.

5
00:00:21,320 --> 00:00:27,020
‫If you want to connect remotely and do something on the machine, for example, disable the host based

6
00:00:27,020 --> 00:00:27,800
‫antivirus.

7
00:00:29,430 --> 00:00:31,300
‫It would be best to do it in the idle time.

8
00:00:32,910 --> 00:00:39,390
‫So screenshot guess what that does grabs a screenshot of the current desktop interface.

9
00:00:40,750 --> 00:00:47,050
‫Key scan, start, key scan, stop, key scan, dump used to capture keystrokes.

10
00:00:48,030 --> 00:00:51,720
‫Record might records audio from the MC of the victim.

11
00:00:52,690 --> 00:01:00,640
‫Webcam list lists the webcams of the victim machine webcam snap takes a snapshot from the specified

12
00:01:00,640 --> 00:01:01,240
‫webcam.

13
00:01:02,210 --> 00:01:04,550
‫So let's see some of these system commands in action.

14
00:01:05,900 --> 00:01:12,860
‫As you can tell, I now have an interpreter session in my idle time shows the idle duration of the victim

15
00:01:12,860 --> 00:01:13,520
‫in seconds.

16
00:01:14,730 --> 00:01:21,390
‫Screenshot takes a screenshot and saves it to our host, Carly, so here it's saved in the folder.

17
00:01:21,430 --> 00:01:23,790
‫Rude with a strange name.

18
00:01:24,300 --> 00:01:26,790
‫So let's look at the folder with the File Explorer.

19
00:01:28,130 --> 00:01:32,160
‫We're already in the home folder of the current user, which is the folder route.

20
00:01:32,720 --> 00:01:36,230
‫And here is the screenshot in JPEG format.

21
00:01:36,950 --> 00:01:40,640
‫It's exactly the same with the current look of the vector machine.

22
00:01:42,170 --> 00:01:43,640
‫So now let's start a key scan.

23
00:01:45,380 --> 00:01:47,570
‫Now I am in the victim machine.

24
00:01:48,140 --> 00:01:51,260
‫Open a notepad and write something down.

25
00:01:57,810 --> 00:02:02,400
‫He scan dump to look at what has done absolutely nothing.

26
00:02:03,360 --> 00:02:05,070
‫I think I know the reason.

27
00:02:05,340 --> 00:02:07,520
‫So I'll stop the key scan for now.

28
00:02:08,200 --> 00:02:16,260
‫Now get you to see who we are at the moment and we are the system user at the vector machine.

29
00:02:16,620 --> 00:02:20,070
‫But the user who open the notepad and wrote Something is.

30
00:02:20,980 --> 00:02:25,900
‫The administrator user, so do you remember how we can change the user?

31
00:02:26,020 --> 00:02:30,910
‫We're going to migrate a process which is run by the administrator user.

32
00:02:31,360 --> 00:02:33,010
‫For example, three to four.

33
00:02:37,410 --> 00:02:45,630
‫How lucky are we migrated to the very first attempt to get you ID again, and yes, we are the administrator

34
00:02:45,630 --> 00:02:45,930
‫now.

35
00:02:46,530 --> 00:02:48,060
‫So start the key scan again.

36
00:02:49,470 --> 00:02:52,680
‫And go to the Vigdor machine and write something down.

37
00:02:54,370 --> 00:02:56,590
‫Back in economy and look at the key dump.

38
00:02:58,150 --> 00:03:02,710
‫And here it is, all the keystrokes, including backspace and enter.

39
00:03:03,070 --> 00:03:06,310
‫Also known as carriage return are all logged.

40
00:03:07,790 --> 00:03:09,380
‫So we can stop the key scare now.

41
00:03:12,030 --> 00:03:12,660
‫So what else?

42
00:03:14,220 --> 00:03:21,420
‫Let's list the STD API extensions command using Help STD API.

43
00:03:23,000 --> 00:03:25,130
‫The webcam commands are here.

44
00:03:25,790 --> 00:03:28,340
‫And let's list the webcams of the victim.

45
00:03:29,430 --> 00:03:30,810
‫No webcams were found.

46
00:03:31,560 --> 00:03:35,580
‫Now, normally we can share the webcam of the host machine with a VM.

47
00:03:36,010 --> 00:03:42,030
‫So go to VM settings, click Add Device, Select Camera and click Add.

48
00:03:43,070 --> 00:03:50,480
‫So we are supposed to have a webcam in the venue, but it is a known issue that VMware cannot share,

49
00:03:50,690 --> 00:03:53,900
‫the MacBooks face time HD camera with VMS.

50
00:03:54,500 --> 00:03:57,020
‫This is why nothing happens when we try to add a camera.

51
00:03:57,620 --> 00:04:04,940
‫I cannot show the webcam commands now, but I'll try to find an external webcam, capture a new lecture

52
00:04:04,940 --> 00:04:07,910
‫with it and add that lecture to the course.