1
00:00:00,270 --> 00:00:02,850
Hello everybody and welcome back.

2
00:00:02,850 --> 00:00:07,410
And I figured out what the problem was it was rather a simple problem.

3
00:00:07,410 --> 00:00:11,380
All we had to do is actually install the PI input library.

4
00:00:11,400 --> 00:00:14,270
We are in our Wayne Python folder now.

5
00:00:14,400 --> 00:00:15,560
We got to do that.

6
00:00:15,560 --> 00:00:21,510
So our program didn't work on our target b c since our compiler didn't know what Pi input library was

7
00:00:21,540 --> 00:00:24,780
and it couldn't execute any of those key logger comments.

8
00:00:24,780 --> 00:00:27,020
That's why the program always crashed.

9
00:00:27,040 --> 00:00:37,080
Now in order for make our program usable you need to type your wine root wine drive C by 10 27 and then

10
00:00:37,080 --> 00:00:43,710
Python turned to exceed and then minus M pip install by input.

11
00:00:43,710 --> 00:00:49,750
Now I already did this while this will actually install the pineapple library for our wine python.

12
00:00:49,830 --> 00:00:54,080
And now you will be able to compile the program and you will this function in our key logger.

13
00:00:54,420 --> 00:00:57,560
So let us double check all of our settings.

14
00:00:57,560 --> 00:01:09,760
So let me first remove everything on this remote remote shall be more test spec remote test not be white.

15
00:01:10,230 --> 00:01:18,050
And right now if I nano our commercial right here we have everything the same as before.

16
00:01:18,070 --> 00:01:22,330
Basically the OS right here is removing the key logger.

17
00:01:22,390 --> 00:01:28,720
Right here we have the key logger start and key logger dump which is key logger stop or start our key

18
00:01:28,720 --> 00:01:35,680
logger Kilgour down for printout or basically send the contents of our key logger that the file which

19
00:01:35,680 --> 00:01:42,520
is the keystrokes on our target machine then in our server we will receive this and we will print out

20
00:01:42,550 --> 00:01:43,230
in the screen.

21
00:01:43,360 --> 00:01:50,110
So let us see how that would work if I just find these previous comment on the compiling.

22
00:01:50,170 --> 00:01:51,190
Here it is.

23
00:01:51,190 --> 00:01:57,480
So we want to compile it find route drive see Python 27 scripts by installer that the exterior shell

24
00:01:57,480 --> 00:01:59,060
on file on our console.

25
00:01:59,260 --> 00:02:03,610
So we copy this and we import our USP drive right here

26
00:02:08,970 --> 00:02:15,090
we wait for this to compile then we will transfer our reversal of key logger and then we will try to

27
00:02:15,150 --> 00:02:22,590
run it and see if our key logger actually sends back the keystrokes on target b c so we move the reverse

28
00:02:22,590 --> 00:02:23,230
shell.

29
00:02:23,280 --> 00:02:30,630
That is why was not the reverse shall we need to go to this directory then we move the reverse shell

30
00:02:30,630 --> 00:02:38,310
right here to the media route and then Kelly live so move it there once it copies the file you can delete

31
00:02:38,310 --> 00:02:46,590
this these directories right here which are unnecessary so they don't make a problem and all they have

32
00:02:46,590 --> 00:02:53,130
to do is run our server which will listen for incoming connections now we unplug our USP drive and then

33
00:02:53,130 --> 00:03:02,090
we can run our program so we run the reverse shell we double click it we wait for twenty seconds for

34
00:03:02,090 --> 00:03:12,260
it to connect back to us and while we do that we can see what's we can see no command prompt.

35
00:03:13,700 --> 00:03:23,020
If we go to the BP data folder and then roaming folder and just type here they're oops there we can

36
00:03:23,020 --> 00:03:28,690
see right here we have the back door out the AKC which is a copy of our backdoor for our persistence.

37
00:03:28,690 --> 00:03:33,480
We do not have the key logger that the AKC pardon me that the extreme right here since we didn't find

38
00:03:33,480 --> 00:03:34,980
the key logger yet.

39
00:03:35,110 --> 00:03:37,770
So since our shell has opened right here.

40
00:03:38,140 --> 00:03:40,110
Let's see if we can execute regular command.

41
00:03:40,120 --> 00:03:42,690
So who are my works.

42
00:03:42,700 --> 00:03:46,650
Help command to print our available options.

43
00:03:46,660 --> 00:03:52,720
Now here we will after I have to add also the clock started killer dump just once we actually see it

44
00:03:52,850 --> 00:04:00,370
longer works and if we just type your key logger underscore start we can see nothing really gets back

45
00:04:00,630 --> 00:04:07,570
we see if we can still execute commands we can but right here if I just type here dear we can see right

46
00:04:07,600 --> 00:04:16,010
now we have the key logger the file and if I just type here Shell a world what is going on.

47
00:04:16,030 --> 00:04:17,340
Question mark.

48
00:04:17,590 --> 00:04:21,280
We can see in a few seconds if we just type here.

49
00:04:21,280 --> 00:04:28,720
Basically in my reverse shell if I just put them on my server for just type your key log on the dump

50
00:04:30,400 --> 00:04:33,610
we can see we'd actually get back what the user has type.

51
00:04:33,640 --> 00:04:37,060
So who are my dear Hello World what.

52
00:04:37,090 --> 00:04:39,520
And that basket backspace is going gone.

53
00:04:39,520 --> 00:04:40,570
So this the what.

54
00:04:40,570 --> 00:04:45,460
And then I type your ass and then I notice that I made a mistake so I deleted the s with backspace and

55
00:04:45,460 --> 00:04:50,850
then I thought what is going on so we can see our key logger works.

56
00:04:51,250 --> 00:04:53,260
Basically it gets back to us.

57
00:04:53,290 --> 00:04:56,110
Everything that the user started to use and types here.

58
00:04:56,230 --> 00:05:08,010
Blue Yellow or green red purple white we can see in a few seconds if I just go right here and type your

59
00:05:08,010 --> 00:05:15,120
key log underscore dump here log underscore dump will get printed everything before as well as the new

60
00:05:15,180 --> 00:05:21,540
words which is green red purple white and also blue and yellow just here I type your yellow but doesn't

61
00:05:21,540 --> 00:05:22,070
really matter.

62
00:05:22,740 --> 00:05:30,600
So we could see our key logger worked successfully so right now let us actually we could see also that

63
00:05:30,660 --> 00:05:37,470
the key logger is in this directory right here which will not be found by the users also as well as

64
00:05:37,470 --> 00:05:40,290
the backdoor that the AKC for our persistence.

65
00:05:40,290 --> 00:05:42,830
So right now let's see what actually happens.

66
00:05:44,200 --> 00:05:51,780
Yeah or not what actually happens right now it does cause this and let us actually know our reverse

67
00:05:51,780 --> 00:06:00,840
shall that be why and add our key log start in kg options in our key logger so let's add it right here

68
00:06:03,760 --> 00:06:08,120
keep a log start.

69
00:06:09,170 --> 00:06:10,760
Start.

70
00:06:11,040 --> 00:06:20,680
Key logger on target b c and then the key log on the score dump.

71
00:06:22,470 --> 00:06:32,150
Print out keys strokes captured by kill order.

72
00:06:32,730 --> 00:06:39,720
So we save this and right now we should be good to go we have a fully functioning reverse shell that

73
00:06:39,720 --> 00:06:45,030
can take screenshots that can download upload files that can use a key logger that can download files

74
00:06:45,030 --> 00:06:51,660
from the Internet as well has the help option basically can change its directory so we have a bunch

75
00:06:51,660 --> 00:06:57,690
of other things can check for the administrator privileges starts key logger prints the outputs of key

76
00:06:57,690 --> 00:07:02,710
logger so this is basically all we currently need.

77
00:07:03,030 --> 00:07:09,510
So this is basically our final reverse show now in the next video we will actually try to test it out

78
00:07:12,060 --> 00:07:19,170
as a real attack so we will try to actually run it we'll also have a picture and the image file and

79
00:07:19,170 --> 00:07:24,480
everything the icon so we will see how a simple attack with this works.

80
00:07:24,480 --> 00:07:29,640
So I hope you enjoyed this and I hope I see you in the next video where we will run the real attack

81
00:07:29,700 --> 00:07:35,700
with our reverse shout in order check out all of its available options once again in the one final attack

82
00:07:36,160 --> 00:07:39,570
so hope you enjoyed this video and I hope I see you in the next one by.