1
00:00:00,450 --> 00:00:02,400
‫Instructor: Hi, within this lecture,

2
00:00:02,400 --> 00:00:06,000
‫we're going to discuss tunnel link services,

3
00:00:06,000 --> 00:00:09,330
‫in order to overcome the problems that we have seen

4
00:00:09,330 --> 00:00:11,430
‫in the previous lecture.

5
00:00:11,430 --> 00:00:12,810
‫So in order to do that,

6
00:00:12,810 --> 00:00:17,760
‫we're going to use something called ngrok.com, okay.

7
00:00:17,760 --> 00:00:21,180
‫So this is a tunnel link service,

8
00:00:21,180 --> 00:00:23,430
‫but what is a tunnel link service,

9
00:00:23,430 --> 00:00:26,940
‫and why do we want to use one?

10
00:00:26,940 --> 00:00:30,510
‫Of course, we are going to use it for our backdoor,

11
00:00:30,510 --> 00:00:33,030
‫but there are other various uses

12
00:00:33,030 --> 00:00:37,290
‫in order to leverage this kind of tunnel link services

13
00:00:37,290 --> 00:00:38,910
‫in real life.

14
00:00:38,910 --> 00:00:43,910
‫For example, in our Kali Linux, we have actually

15
00:00:44,460 --> 00:00:46,590
‫a web server, okay.

16
00:00:46,590 --> 00:00:51,150
‫You can actually host a web service in your Kali Linux.

17
00:00:51,150 --> 00:00:53,730
‫So let me clear this tab right now,

18
00:00:53,730 --> 00:00:57,390
‫we are going to write it later on, anyway.

19
00:00:57,390 --> 00:01:02,280
‫So I'm going to write service apache2 start.

20
00:01:02,280 --> 00:01:04,590
‫So when you do that,

21
00:01:04,590 --> 00:01:08,820
‫it will run a web service in your Kali Linux.

22
00:01:08,820 --> 00:01:12,150
‫So actually there is a web server going on

23
00:01:12,150 --> 00:01:15,540
‫in your Kali Linux right now and you can change the content

24
00:01:15,540 --> 00:01:18,450
‫of it in order to host a web server

25
00:01:18,450 --> 00:01:23,130
‫or I don't know, website in your Kali Linux.

26
00:01:23,130 --> 00:01:26,970
‫For example, if you go to your file system, okay,

27
00:01:26,970 --> 00:01:31,680
‫to your folders, I will show you where your website is

28
00:01:31,680 --> 00:01:35,850
‫right now, so that you can edit it and use it

29
00:01:35,850 --> 00:01:37,140
‫if you need it.

30
00:01:37,140 --> 00:01:38,850
‫We're not going to need it, anyway,

31
00:01:38,850 --> 00:01:41,460
‫but I'm going to show it to you

32
00:01:41,460 --> 00:01:44,220
‫so that you know how to use it.

33
00:01:44,220 --> 00:01:48,270
‫So if you open your file system, I'm going to

34
00:01:48,270 --> 00:01:53,270
‫wander into file system and a directory called V-A-R var.

35
00:01:53,610 --> 00:01:54,443
‫Okay.

36
00:01:54,443 --> 00:01:56,580
‫So if you go over to this var,

37
00:01:56,580 --> 00:02:01,580
‫you will see a folder called www, which is your website,

38
00:02:01,860 --> 00:02:04,797
‫and gonna have to double click on this html

39
00:02:04,797 --> 00:02:08,400
‫and you will see this index.html.

40
00:02:08,400 --> 00:02:12,750
‫So index.html is the file that you see

41
00:02:12,750 --> 00:02:15,300
‫when you brows into a website.

42
00:02:15,300 --> 00:02:18,000
‫So whatever is written over here

43
00:02:18,000 --> 00:02:22,590
‫will be displayed if someone browsers to your website.

44
00:02:22,590 --> 00:02:25,740
‫Right now, I'm running this web server,

45
00:02:25,740 --> 00:02:30,390
‫but since my Kali Linux is on the net network,

46
00:02:30,390 --> 00:02:35,100
‫only the files or only the computers on the net network

47
00:02:35,100 --> 00:02:37,650
‫can actually see those files,

48
00:02:37,650 --> 00:02:40,740
‫see the website that we are running.

49
00:02:40,740 --> 00:02:45,000
‫But we can use ngrok to open this website

50
00:02:45,000 --> 00:02:47,160
‫to the world as well.

51
00:02:47,160 --> 00:02:52,050
‫So if you open your browser, okay in your Kali Linux,

52
00:02:52,050 --> 00:02:55,920
‫like yeah, your Firefox, and if you're on ifgonfig

53
00:02:55,920 --> 00:02:57,930
‫to see your IP address,

54
00:02:57,930 --> 00:03:02,930
‫you will see mine is 10.0.2.15, I'm going to write 10.0.2.15

55
00:03:02,970 --> 00:03:07,740
‫in my browser and you will write your own IP address.

56
00:03:07,740 --> 00:03:12,720
‫And what I will see is the content of my index.html.

57
00:03:12,720 --> 00:03:16,860
‫As you can see, this is a default page that is created

58
00:03:16,860 --> 00:03:20,670
‫as a test or as a default website,

59
00:03:20,670 --> 00:03:22,410
‫and I'm now seeing it.

60
00:03:22,410 --> 00:03:25,650
‫If I had another machine on my virtual box,

61
00:03:25,650 --> 00:03:29,700
‫I could have written 10.0.2.15 to any browser

62
00:03:29,700 --> 00:03:34,140
‫from that machine and I can reach this website as well.

63
00:03:34,140 --> 00:03:39,140
‫And if I use ngrok, I will be able to open this website

64
00:03:40,440 --> 00:03:42,090
‫to the public.

65
00:03:42,090 --> 00:03:43,980
‫That's not what we are looking for,

66
00:03:43,980 --> 00:03:48,980
‫but tunneling service lets us connect our local IP addresses

67
00:03:49,860 --> 00:03:54,860
‫or local machines to the internet using their own services

68
00:03:55,410 --> 00:03:59,040
‫so that we can actually gather the information

69
00:03:59,040 --> 00:04:04,020
‫to the ngrok IPs from the back door, from the Android phone,

70
00:04:04,020 --> 00:04:06,330
‫and forward that information

71
00:04:06,330 --> 00:04:10,920
‫to the Kali Linux using the same system, okay?

72
00:04:10,920 --> 00:04:13,560
‫We're going to use it for this reason,

73
00:04:13,560 --> 00:04:17,160
‫but remember, the tunneling services

74
00:04:17,160 --> 00:04:21,600
‫may provide much more broader or greater

75
00:04:21,600 --> 00:04:24,633
‫advantages in given time.

76
00:04:25,470 --> 00:04:30,150
‫So what we want to do is to set the ngrok up

77
00:04:30,150 --> 00:04:35,040
‫in our computer so that we can reach their services

78
00:04:35,040 --> 00:04:38,460
‫so that we can actually forward that information

79
00:04:38,460 --> 00:04:42,180
‫when it comes to the ngrok , to the Kali Linux,

80
00:04:42,180 --> 00:04:44,910
‫so that we can create our session,

81
00:04:44,910 --> 00:04:48,540
‫so that we can hack into the Android phone

82
00:04:48,540 --> 00:04:52,590
‫and get access to their privileges,

83
00:04:52,590 --> 00:04:55,863
‫browser files and folders and everything.

84
00:04:56,940 --> 00:04:59,490
‫So that's what we are gonna do.

85
00:04:59,490 --> 00:05:03,210
‫So first of all, I want to go to ngrok again

86
00:05:03,210 --> 00:05:06,060
‫and download some files and folders

87
00:05:06,060 --> 00:05:11,060
‫and set up some account information with ngrok,

88
00:05:11,130 --> 00:05:14,940
‫because we will need those information.

89
00:05:14,940 --> 00:05:18,330
‫You won't be able to use the ngrok

90
00:05:18,330 --> 00:05:21,600
‫without creating any account, okay?

91
00:05:21,600 --> 00:05:24,900
‫So what I would suggest is to close this down

92
00:05:24,900 --> 00:05:29,100
‫because we are done with it and minimize this tab

93
00:05:29,100 --> 00:05:31,323
‫and open the Firefox.

94
00:05:32,460 --> 00:05:36,780
‫And then next thing we are gonna do, we are going to write

95
00:05:36,780 --> 00:05:41,780
‫N-G, like thism N-G-R-O-K dot com over here.

96
00:05:45,720 --> 00:05:48,690
‫And once we do that, we are going to register

97
00:05:48,690 --> 00:05:49,863
‫for an account.

98
00:05:50,820 --> 00:05:54,060
‫So you'll see login and sign up buttons over here.

99
00:05:54,060 --> 00:05:58,410
‫Of course, this team or some kind of user interface

100
00:05:58,410 --> 00:06:00,570
‫may change in over time,

101
00:06:00,570 --> 00:06:03,780
‫but they will always provide some kind of login

102
00:06:03,780 --> 00:06:06,390
‫or sign up register options.

103
00:06:06,390 --> 00:06:08,760
‫So you want to register for an account,

104
00:06:08,760 --> 00:06:10,830
‫don't worry, it's free by the way,

105
00:06:10,830 --> 00:06:14,160
‫but you're going to have to provide some kind of email

106
00:06:14,160 --> 00:06:17,673
‫then other stuff in order to create an account.

107
00:06:18,510 --> 00:06:22,830
‫So I already have an account so I can go to log in,

108
00:06:22,830 --> 00:06:25,830
‫but I'm going to show you how to sign up as well.

109
00:06:25,830 --> 00:06:29,520
‫So let me click on sign up, and as you can see,

110
00:06:29,520 --> 00:06:33,990
‫you will only provide your name, your email, and email again

111
00:06:33,990 --> 00:06:37,230
‫and a password, and it will create your account for you.

112
00:06:37,230 --> 00:06:39,330
‫So it's fairly easy.

113
00:06:39,330 --> 00:06:41,370
‫So rather I'm going to log in

114
00:06:41,370 --> 00:06:44,460
‫with the previously created account of mine

115
00:06:44,460 --> 00:06:48,780
‫and it will direct me to the same page

116
00:06:48,780 --> 00:06:51,840
‫that you are going to see when you sign up.

117
00:06:51,840 --> 00:06:56,070
‫So I made up an email for this like

118
00:06:56,070 --> 00:07:01,070
‫jackkirocs@gmail.com and password, something like this.

119
00:07:01,380 --> 00:07:04,410
‫Let me save this.

120
00:07:04,410 --> 00:07:07,110
‫Yeah, let me update this,

121
00:07:07,110 --> 00:07:10,650
‫and it will ask me to complete an installation

122
00:07:10,650 --> 00:07:12,720
‫or set up process.

123
00:07:12,720 --> 00:07:15,210
‫So this is what we are looking for.

124
00:07:15,210 --> 00:07:19,920
‫As you can see, ngrok can be used in macOS, in Windows,

125
00:07:19,920 --> 00:07:21,270
‫and in Linux as well.

126
00:07:21,270 --> 00:07:24,630
‫Since we are in Linux, we are seeing the button for Linux,

127
00:07:24,630 --> 00:07:29,100
‫but if you want to use this in Windows or in Mac

128
00:07:29,100 --> 00:07:33,060
‫for some reason, of course you are allowed to use it.

129
00:07:33,060 --> 00:07:35,370
‫But I'm going to download for Linux.

130
00:07:35,370 --> 00:07:37,320
‫So I'm going to click on this button

131
00:07:37,320 --> 00:07:40,290
‫and I'm going to say save file, okay?

132
00:07:40,290 --> 00:07:42,570
‫It will download the file for me

133
00:07:42,570 --> 00:07:46,440
‫and then, of course, I'm going to have to unzip it

134
00:07:46,440 --> 00:07:49,080
‫because it will be kind of zipped.

135
00:07:49,080 --> 00:07:52,890
‫You can use unzip command in order to unzip it

136
00:07:52,890 --> 00:07:56,910
‫or you can just right click on it and unzip it yourself.

137
00:07:56,910 --> 00:08:01,380
‫So let me open the download file and show you what I mean.

138
00:08:01,380 --> 00:08:05,880
‫So open your download file from your file system, okay.

139
00:08:05,880 --> 00:08:08,100
‫It should be under root.

140
00:08:08,100 --> 00:08:10,710
‫So root, downloads.

141
00:08:10,710 --> 00:08:12,840
‫Once you double click on the downloads,

142
00:08:12,840 --> 00:08:17,840
‫you will see the ngrok downloaded file over here.

143
00:08:17,970 --> 00:08:19,830
‫So this is a zip file,

144
00:08:19,830 --> 00:08:23,430
‫and Kali Linux also have its own archiver.

145
00:08:23,430 --> 00:08:26,970
‫So if you double click on that, you can see the ngrok,

146
00:08:26,970 --> 00:08:31,970
‫you can just drag and drop it to your own folder

147
00:08:32,130 --> 00:08:34,020
‫like this, okay?

148
00:08:34,020 --> 00:08:36,330
‫So it will be unzipped,

149
00:08:36,330 --> 00:08:39,810
‫of course, you can use the unzip command as well

150
00:08:39,810 --> 00:08:42,180
‫in order to get familiarized

151
00:08:42,180 --> 00:08:44,313
‫with Kali Linux a little bit more.

152
00:08:45,330 --> 00:08:49,710
‫So after that, let me come over here.

153
00:08:49,710 --> 00:08:53,040
‫You are gonna have to connect your account.

154
00:08:53,040 --> 00:08:55,560
‫So since you have created this account,

155
00:08:55,560 --> 00:09:00,560
‫it will give you this kind of an authentication token.

156
00:09:00,960 --> 00:09:03,930
‫So yours will be different from mine,

157
00:09:03,930 --> 00:09:08,670
‫so you are gonna have to copy it from your own account.

158
00:09:08,670 --> 00:09:10,380
‫I'm going to close down my account

159
00:09:10,380 --> 00:09:15,000
‫so don't try to write my own token over here,

160
00:09:15,000 --> 00:09:17,130
‫create your own accounts

161
00:09:17,130 --> 00:09:20,880
‫and just copy this command from here.

162
00:09:20,880 --> 00:09:24,960
‫So I'm going to copy everything and I'm going to paste it

163
00:09:24,960 --> 00:09:28,590
‫on my terminal so that it will be authenticated

164
00:09:28,590 --> 00:09:31,920
‫so that it will be ready to use.

165
00:09:31,920 --> 00:09:33,630
‫And don't skip anything,

166
00:09:33,630 --> 00:09:37,320
‫just make sure you get the whole line over here, okay?

167
00:09:37,320 --> 00:09:40,020
‫Because otherwise it won't be authenticated

168
00:09:40,020 --> 00:09:41,820
‫and it won't work.

169
00:09:41,820 --> 00:09:43,590
‫So once you are ready,

170
00:09:43,590 --> 00:09:46,380
‫you have to open your terminal one more time

171
00:09:46,380 --> 00:09:50,400
‫and change your directory into the downloads folder

172
00:09:50,400 --> 00:09:55,080
‫or any other folder that you have downloaded your tool into.

173
00:09:55,080 --> 00:09:59,250
‫So mine is in downloads, so I'm going to say cd downloads

174
00:09:59,250 --> 00:10:01,860
‫and now I'm inside of downloads.

175
00:10:01,860 --> 00:10:06,860
‫If I just paste this selection or clipboard over here,

176
00:10:07,320 --> 00:10:10,980
‫it will run the ngrok and it will authenticate me

177
00:10:10,980 --> 00:10:13,290
‫using the token, okay?

178
00:10:13,290 --> 00:10:15,810
‫Now my token is saved.

179
00:10:15,810 --> 00:10:19,590
‫I am free to use ngrok services.

180
00:10:19,590 --> 00:10:22,890
‫So that's how you install and that's how you set up

181
00:10:22,890 --> 00:10:26,250
‫your environment for tunneling services.

182
00:10:26,250 --> 00:10:29,430
‫Next, we are going to provide some information

183
00:10:29,430 --> 00:10:32,820
‫to the back door that we have been trying to create

184
00:10:32,820 --> 00:10:34,050
‫and use it.

185
00:10:34,050 --> 00:10:35,733
‫See you in the next lecture.