1
00:00:00,300 --> 00:00:02,230
So welcome back to my YouTube channel.

2
00:00:02,430 --> 00:00:05,360
In this area, we'll be doing the legacy box from the box.

3
00:00:05,610 --> 00:00:09,810
So this 110 machine, you need the option to do this.

4
00:00:10,140 --> 00:00:12,120
So our mission might be resistant.

5
00:00:12,120 --> 00:00:16,250
And then for, uh, for the timesaving, I have already run in magic.

6
00:00:16,260 --> 00:00:22,080
And you can see in almost service can and only this IP address you can see here we have the ones that

7
00:00:22,080 --> 00:00:24,360
are important and for for the portable.

8
00:00:25,230 --> 00:00:31,680
And you can see these are ready to assembly boards and you can also see servicing for a router operating

9
00:00:31,680 --> 00:00:33,240
system, Windows XP.

10
00:00:33,780 --> 00:00:41,010
So here what you can do is since we have the two boards, we can use the scripting to find out whether

11
00:00:41,010 --> 00:00:44,180
these assembly versions have the vulnerabilities.

12
00:00:44,700 --> 00:00:47,070
So before that, we can say assembly line.

13
00:00:53,330 --> 00:01:01,520
So we will try to resist any shares, so if we can get any information, we can see we do not have access

14
00:01:02,060 --> 00:01:02,560
to know.

15
00:01:02,570 --> 00:01:06,930
What we can do is we can say, locate or dot a.e.

16
00:01:08,690 --> 00:01:14,780
So even if you can see all of this, in my opinion, it's, uh, scraps.

17
00:01:15,020 --> 00:01:16,890
So we can for for.

18
00:01:20,600 --> 00:01:21,880
So know what we're going to do.

19
00:01:21,890 --> 00:01:22,250
Yes.

20
00:01:22,250 --> 00:01:27,470
We are going to, uh, check these vulnerabilities of these groups.

21
00:01:27,470 --> 00:01:32,600
So we are going to run this vulnerability scripts.

22
00:01:32,600 --> 00:01:40,880
So let's a map and, uh, we can support the scam to put that in and come forward.

23
00:01:41,750 --> 00:01:51,560
And we can say this group is equal to as some be some we don't know and I can stock.

24
00:01:51,590 --> 00:01:58,300
So that means I play all these unnecessary scripts, uh, particularly in our target.

25
00:01:58,670 --> 00:02:02,120
Now, we can also ignore other host.

26
00:02:04,710 --> 00:02:06,270
And then do the IP address.

27
00:02:26,970 --> 00:02:36,590
So you can see we got the output, you can see the host is vulnerable to the city of Detroit 067 like

28
00:02:36,600 --> 00:02:41,470
you are, and it is not showing anywhere soon.

29
00:02:41,900 --> 00:02:44,740
So what we did is we need to run this campaign.

30
00:02:45,870 --> 00:02:50,580
So it's also vulnerable to the exploit, the stigma surrounding.

31
00:02:52,650 --> 00:02:55,480
And it will show you after this.

32
00:03:02,810 --> 00:03:04,490
So it's saying Furter.

33
00:03:09,370 --> 00:03:10,510
So being one.

34
00:03:14,310 --> 00:03:23,490
OK, now what we need to do is we need to say we can launch that asteroid and I also show you how to

35
00:03:23,490 --> 00:03:24,030
do without.

36
00:03:33,870 --> 00:03:44,010
So you can search for your mess and mess Detroit and you can see this is the most direct 067, so you

37
00:03:44,010 --> 00:03:50,160
can say so are you six and says options.

38
00:03:52,060 --> 00:03:57,250
And you need to set the host, so I'm setting it as a global variable.

39
00:04:04,410 --> 00:04:06,050
Now we need to set the horse.

40
00:04:14,390 --> 00:04:15,770
So it's 180.

41
00:04:19,200 --> 00:04:19,800
Tenter.

42
00:04:22,910 --> 00:04:27,890
You can see the before that some people is a browser, so what you can do is you can use them at a speed

43
00:04:27,970 --> 00:04:31,200
pipe or return for breakfast, other pipes.

44
00:04:31,600 --> 00:04:33,590
So in our case, the browser will work fine.

45
00:04:34,060 --> 00:04:36,190
So now what you can say is run.

46
00:04:37,480 --> 00:04:44,360
You can see exploit failed R and Gurdaspur turncoats I computer, but no decision was created.

47
00:04:45,310 --> 00:04:48,570
So one thing you can do is you can change the payload and you can try again.

48
00:04:48,880 --> 00:04:51,280
So this is how you remember this right now.

49
00:04:51,280 --> 00:04:55,770
What I'm going to do is I'm going to show you how to do manually.

50
00:04:55,870 --> 00:05:04,950
So to do manually, you need to you can search on Google Yamas Dutoit 067 expert.

51
00:05:04,970 --> 00:05:11,210
You can see the first thing you can click on this and you can see here by Danford.

52
00:05:11,230 --> 00:05:16,920
So that means you can have easy run the Python script with some arguments so you can scroll down.

53
00:05:17,560 --> 00:05:25,000
So we need to clone this repository and we need to generate a shortcut using them as a funnel so we

54
00:05:25,000 --> 00:05:32,450
can generate Rauscher with the exact function as a thread and back characters.

55
00:05:32,510 --> 00:05:34,420
So an output format.

56
00:05:37,420 --> 00:05:45,040
And I put forward a see so we can copy and play Python will be an arbitrary 36, so now we are going

57
00:05:45,040 --> 00:05:49,410
to generate the record and we need to oh, OK.

58
00:05:49,420 --> 00:05:53,030
I think we need to insert the python free.

59
00:05:53,740 --> 00:05:58,050
So what you can do is you can clone the entire repository.

60
00:05:58,780 --> 00:06:01,760
So we just copy this and get around this one.

61
00:06:01,780 --> 00:06:04,240
So I have already to this one so.

62
00:06:07,850 --> 00:06:15,560
So this is how territory looks like, so I have started a Python two, so this script is a python to

63
00:06:16,280 --> 00:06:16,530
what?

64
00:06:17,000 --> 00:06:18,650
You can search for by.

65
00:06:24,620 --> 00:06:34,490
Python poo poo can be derivative, so you can click on this link and you can go down and know what you

66
00:06:34,490 --> 00:06:41,480
can do is you can add this repository and you can get this Python script and this if you run the Python

67
00:06:41,480 --> 00:06:43,860
script using the python, it will insure the people.

68
00:06:44,150 --> 00:06:48,290
So that is simple as the software has been installed.

69
00:06:48,290 --> 00:06:50,580
You need to have to start impacted.

70
00:06:50,790 --> 00:06:54,230
So after the market has been installed, you can use these scripts successfully.

71
00:06:55,040 --> 00:07:00,250
OK, now let's look at the usage of this group.

72
00:07:00,290 --> 00:07:03,530
So this is the Python file and the various.

73
00:07:06,500 --> 00:07:14,020
So you can see here example, the IP address of the machine and the number and this is.

74
00:07:14,360 --> 00:07:16,380
So this number indicates the Russian number.

75
00:07:16,400 --> 00:07:21,020
So it's been three years, three English, French, and you can see here.

76
00:07:21,650 --> 00:07:27,320
But also so here we'll try the Windows XP versions.

77
00:07:28,320 --> 00:07:30,740
Let's try for English.

78
00:07:33,500 --> 00:07:36,620
So first thing we need to do is we need to.

79
00:07:41,550 --> 00:07:50,720
CNN all this far, so we need to look at the available that is available, you can see this is a circle.

80
00:07:52,800 --> 00:07:57,720
So, OK, you know, what they're going to do is we are going to generate the circle.

81
00:07:58,950 --> 00:08:04,890
So I of Vietnam, minus B forbearer and we lost.

82
00:08:12,200 --> 00:08:16,820
The is official and then watched as our IP address.

83
00:08:23,130 --> 00:08:27,540
But one, two, three, four, and exert a function as a third.

84
00:08:29,430 --> 00:08:37,350
So if you use this function, the application is to run and a new will be created for connection.

85
00:08:38,250 --> 00:08:41,670
And you can see our picture 686.

86
00:08:44,270 --> 00:08:45,310
And the fact that it is.

87
00:08:57,200 --> 00:09:00,070
And you can copy the characters here and now farmyards.

88
00:09:05,930 --> 00:09:14,480
So I have already had the previous Shakoor variable, so whatever I did is I have put these three quotations

89
00:09:14,480 --> 00:09:17,660
to make it as a comet, not as a comet, but a string.

90
00:09:17,660 --> 00:09:19,490
But we will never use it, not by Pythonesque.

91
00:09:24,400 --> 00:09:30,910
So this is the circle, so I have already copied this into this Chakarova.

92
00:09:31,600 --> 00:09:37,420
So now what you can do is you can exit and then run this by task group right down to.

93
00:09:46,780 --> 00:09:54,050
And for now, let's try for XP Speed three and number four for different.

94
00:09:57,430 --> 00:10:00,850
Before that started is another and the one, two, three, four, four.

95
00:10:04,640 --> 00:10:06,290
OK, yeah, hit enter.

96
00:10:26,640 --> 00:10:34,850
As you can see now, I have restarted the machine and then we have got the connection, so it's because

97
00:10:34,870 --> 00:10:37,790
like a previous record, that's about the payment.

98
00:10:38,020 --> 00:10:45,470
I can see it has connected to the browser, the pipe, and we also got the robot.

99
00:10:46,110 --> 00:10:51,480
Now, what we can do is then go to, uh, can go to the cedar tree.

100
00:10:52,320 --> 00:10:53,520
And that said, the area.

101
00:10:54,270 --> 00:10:55,260
So you can see one thing.

102
00:10:55,260 --> 00:10:56,730
Notice they do not use this.

103
00:10:57,060 --> 00:10:58,860
So it is a XP machine.

104
00:10:58,890 --> 00:11:02,160
So you need to go to the documents and settings.

105
00:11:12,820 --> 00:11:16,300
So a little be here, you can see it producer and the.

106
00:11:17,620 --> 00:11:19,930
So let's go to this first administrator.

107
00:11:26,460 --> 00:11:28,690
So you can see the contents.

108
00:11:28,710 --> 00:11:29,880
Let's go to desktop.

109
00:11:35,530 --> 00:11:37,460
When you go and print out the contents of the.

110
00:11:38,560 --> 00:11:43,740
So in the same way, what we can do is we can print out the Johns is about.

111
00:12:22,980 --> 00:12:25,340
So you can see the user content of the user.

112
00:12:26,250 --> 00:12:29,010
So this is how you do the minor exploitation.

113
00:12:29,410 --> 00:12:34,160
Now, I also want to show you how to do that using an expert.

114
00:12:35,730 --> 00:12:39,310
So that number is a big zero one zero.

115
00:12:39,930 --> 00:12:43,060
So you can you can use this.

116
00:12:43,890 --> 00:12:45,960
So this is somewhat upgraded version.

117
00:12:47,250 --> 00:12:50,040
So I'll introduce you.

118
00:12:50,300 --> 00:12:52,200
The commission is Windows XP.

119
00:12:52,230 --> 00:12:57,750
You can run this, uh, exploit that built so that you no need to delay the initial call.

120
00:12:58,120 --> 00:12:59,910
You'll get the direct command.

121
00:13:00,540 --> 00:13:07,020
So if it is a seven machine or eight machine or 10 machine, so you need to generate the Chalco.

122
00:13:10,390 --> 00:13:11,530
So no.

123
00:13:14,660 --> 00:13:21,020
So this is the territory have already grown, so you can also start a business or you can start your

124
00:13:21,020 --> 00:13:22,190
mind using the net.

125
00:13:22,520 --> 00:13:23,500
So that is up to you.

126
00:13:23,960 --> 00:13:25,160
And you need to do this.

127
00:13:25,220 --> 00:13:32,660
You need to go to this Shalako territory city circle and let us know what you need to do.

128
00:13:32,870 --> 00:13:36,520
You need to run this, underscore that assets.

129
00:13:36,920 --> 00:13:39,220
So we need to run this shell script file.

130
00:13:39,710 --> 00:13:41,000
So what this does.

131
00:13:41,180 --> 00:13:46,750
It will background automatically run the premise of the documents and it will generate the charcoaled

132
00:13:46,760 --> 00:13:48,950
in the binary format.

133
00:13:49,520 --> 00:13:54,590
See Darwin for ASADA, uh, Schellekens and press Pressplay.

134
00:13:55,910 --> 00:13:57,480
And you need to set deluce.

135
00:14:01,920 --> 00:14:05,810
So one, two, three, five, four, six, two will be Patrice's.

136
00:14:08,210 --> 00:14:16,820
So here you can start the regular competition if you want to use the multi hand, you can use the.

137
00:14:17,630 --> 00:14:22,310
So for now, I'm going to use the one hand you can see Stagedoor, Ashtabula.

138
00:14:22,350 --> 00:14:25,920
So if you want to send in a one shot, you can use this data.

139
00:14:26,300 --> 00:14:31,020
So I'm using the stage so you can see the background elements of.

140
00:14:33,810 --> 00:14:37,290
So they saying they'll put the disparity former.

141
00:14:53,150 --> 00:14:59,810
So you can see here now Supersaurus, so these files will be created so you can go back.

142
00:15:04,220 --> 00:15:14,090
And you can see the syntax of this, uh, Boyden's so Python, uh, the filename and the Barguti, and

143
00:15:14,090 --> 00:15:17,300
here you are displaced by the, uh, particular Chalco.

144
00:15:18,200 --> 00:15:25,490
So one thing you can find about whether the script is using Python two or three is you going to get

145
00:15:26,080 --> 00:15:33,200
into Eternal Boo return, underscore Chuka so you can grep for the print statements.

146
00:15:33,230 --> 00:15:39,800
So one difference you can observe from Python two and three is the brackets for the print function in

147
00:15:39,800 --> 00:15:40,260
the python.

148
00:15:41,390 --> 00:15:43,090
So you can see there are the brackets.

149
00:15:43,100 --> 00:15:44,380
You can see this is the bracket.

150
00:15:44,840 --> 00:15:51,990
So that means this python has been written in a Python three, so Python three.

151
00:15:53,540 --> 00:16:04,710
So since our mission is does expe know, I can simply run the this exploit this uh are the square it.

152
00:16:05,150 --> 00:16:11,210
So if it is uh seven or eight or 10, what you need is you can run this and you need to look at the

153
00:16:11,600 --> 00:16:15,090
uh code which we have created initially for.

154
00:16:15,260 --> 00:16:17,480
So that is one that we can look at this.

155
00:16:17,590 --> 00:16:19,940
Uh, six I myself are.

156
00:16:21,450 --> 00:16:28,780
So now I don't expect any IP address.

157
00:16:57,530 --> 00:16:58,780
So you can see we got this.

158
00:16:59,720 --> 00:17:04,610
So this is how you expect it to be vulnerable.

159
00:17:04,640 --> 00:17:11,480
This is a no brainer expert so you can search for the talk for any, uh, vulnerability if you find

160
00:17:11,720 --> 00:17:13,160
where they can run the manual.