1
00:00:00,060 --> 00:00:00,930
Welcome back, everyone.

2
00:00:00,960 --> 00:00:06,480
This is the lecture on A&amp;E, in fact, about major on planning.

3
00:00:06,510 --> 00:00:14,160
OK, so this this is the beginning of a section where we'll be taking our first example for hacking

4
00:00:14,160 --> 00:00:18,230
that's attacking Windows 10 on pre attack fees.

5
00:00:19,020 --> 00:00:20,070
So understand this.

6
00:00:20,370 --> 00:00:22,670
We have talked about five pieces.

7
00:00:22,680 --> 00:00:26,190
So what I'm really you know what I'm actually referring to.

8
00:00:26,490 --> 00:00:30,440
It's all about before exploitation, before the post code phase.

9
00:00:30,720 --> 00:00:36,870
The first and second, the the information gathering and scanning comes in to pre attack phase.

10
00:00:37,110 --> 00:00:43,560
And that's what we are going to talk about, will be will be talking about information gathering and

11
00:00:43,560 --> 00:00:51,060
scanning fees in this case for for targeting and even understand why we understand it.

12
00:00:51,060 --> 00:00:54,840
Just that there are two reasons.

13
00:00:54,870 --> 00:01:02,460
First, I want you to understand that we want to we want to practice something which is latest, which

14
00:01:02,460 --> 00:01:03,400
is all updated.

15
00:01:03,420 --> 00:01:08,580
We we can actually take an example of all the Windows seven and all those machines.

16
00:01:08,580 --> 00:01:15,750
But because now they use it all, all all the folks are all the users, will making use of Windows 10

17
00:01:16,140 --> 00:01:19,750
and making use of old technik won't really work for them.

18
00:01:20,370 --> 00:01:23,910
So it is I'm making sure all the content are updated.

19
00:01:23,950 --> 00:01:28,680
Second thing is most of the audience out there are Windows 10.

20
00:01:28,680 --> 00:01:35,640
So it is it is good for us to understand because that's what a real world really looks like as well.

21
00:01:36,120 --> 00:01:44,160
So what is planning basically for to win any war, to win any stuff planning is must we have even seen

22
00:01:44,160 --> 00:01:44,700
in the world?

23
00:01:45,290 --> 00:01:49,100
And where are we example as world commander example as well.

24
00:01:50,280 --> 00:01:57,210
So before we could even start our exploitation or start over hacking, we need to understand who is

25
00:01:57,210 --> 00:01:57,780
our target?

26
00:01:58,020 --> 00:02:01,920
Is it really a single user or is it an abuser?

27
00:02:02,310 --> 00:02:11,550
So what I'm really talking about is if the user a bit different, but if your user is random, if you

28
00:02:11,550 --> 00:02:19,560
want to hack any random user out there globally or you want to be specific, let's say, about Adam,

29
00:02:19,590 --> 00:02:27,810
you know, maybe James or anybody is right or maybe the specific employee of a specific company or specific

30
00:02:27,810 --> 00:02:34,860
user of a specific location or specific name of the employee or whatever it is.

31
00:02:35,130 --> 00:02:43,500
You know, if you specify you you are OK to have any Windows 10 or you have a strict hacking in your

32
00:02:43,500 --> 00:02:46,290
mind that I want to hack this person.

33
00:02:46,290 --> 00:02:46,540
Right.

34
00:02:47,010 --> 00:02:50,700
So this is something that you have to clear before you go further.

35
00:02:50,850 --> 00:02:51,220
All right.

36
00:02:51,540 --> 00:03:00,290
And the hacking approach for for exploiting or compromising a target machine is very different.

37
00:03:01,350 --> 00:03:10,920
Hacking a random user can be like, you know, kind of it's good for it's economical for fraud, fraudster

38
00:03:10,950 --> 00:03:18,180
or, you know, cybercrime activity where they launch a campaign or launch an efficient e-mail campaign

39
00:03:18,180 --> 00:03:21,720
for like millions of people or thousands of people worldwide.

40
00:03:21,960 --> 00:03:27,990
And they think, OK, economically, if I get ten people or twelve people to click on it and they can

41
00:03:27,990 --> 00:03:34,050
you know, they can be redirected to the some phishing sites and that they can grab some money out of

42
00:03:34,050 --> 00:03:35,430
it or anything.

43
00:03:35,760 --> 00:03:39,270
So that works for for cyber criminals.

44
00:03:39,270 --> 00:03:39,540
Right.

45
00:03:39,870 --> 00:03:45,150
But for ethical hacker or sophisticated hack, it's all targeted.

46
00:03:45,150 --> 00:03:50,340
It's all specific employees or specific users of a specific organisation.

47
00:03:50,340 --> 00:03:52,020
It could be institution.

48
00:03:52,380 --> 00:03:55,770
It's could be any organized, it could be any company as well.

49
00:03:56,460 --> 00:04:00,290
So in that situation, what what are the different methods?

50
00:04:00,720 --> 00:04:03,080
So you have your attacker ready.

51
00:04:03,120 --> 00:04:05,280
You have your malware or payload ready.

52
00:04:05,640 --> 00:04:06,810
What is the method?

53
00:04:06,810 --> 00:04:13,230
What are the possible methods available is either you can make use of USB, you can put the malware

54
00:04:13,230 --> 00:04:17,100
into the USB and then you can insert into the system.

55
00:04:17,400 --> 00:04:25,260
But that some sort of, you know, that needs a physical interaction that needs person to be physically

56
00:04:25,260 --> 00:04:29,610
available and he can who can insert the pen drive and all those stuff.

57
00:04:29,610 --> 00:04:29,880
Right.

58
00:04:32,070 --> 00:04:39,030
For for for doing something in the in the in the user of any organization or company.

59
00:04:39,030 --> 00:04:44,820
It could be even more difficult because that gives you have to pass or you have to cross the physical

60
00:04:44,820 --> 00:04:47,690
barrier as well, physical security barrier as well.

61
00:04:48,270 --> 00:04:55,140
So there are challenges, easy or quick or simple method could be a phishing emails, but that's the

62
00:04:55,890 --> 00:04:59,580
95 percent of time that's the most effective and.

63
00:05:00,840 --> 00:05:08,190
Some of the more interesting way which has evolved very well as the social media adnoc not remember

64
00:05:08,190 --> 00:05:12,650
that these are all approaches, these are exploit method approach.

65
00:05:12,660 --> 00:05:16,920
Basically, you still have to develop your malware.

66
00:05:16,930 --> 00:05:21,690
You still have to deliver your payload will be making our payload ourself.

67
00:05:21,960 --> 00:05:25,560
But you need to decide which method you would be.

68
00:05:26,130 --> 00:05:31,100
You would be opting for delivering that payload, for delivering that model.

69
00:05:31,140 --> 00:05:31,330
Right.

70
00:05:31,640 --> 00:05:39,750
Either you can share through EMY and attaching any files which contains the malicious malicious payload,

71
00:05:40,440 --> 00:05:50,520
which I'll teach you how to do that social media attack as well, which you where the hackers, you

72
00:05:50,520 --> 00:05:57,090
know, impersonate with some of idea or something and then they share some suppliers or they probably

73
00:05:57,090 --> 00:06:00,780
get the immolators account and they compromised the users as well.

74
00:06:01,500 --> 00:06:02,700
Now understand this.

75
00:06:02,700 --> 00:06:05,550
Why are we doing this from fundamentally?

76
00:06:05,850 --> 00:06:11,510
Why can't we just simply if we know a person, you know, if we know a person, if we know our target,

77
00:06:11,520 --> 00:06:12,770
why can't we reach out to them?

78
00:06:13,230 --> 00:06:13,950
Why, why?

79
00:06:14,130 --> 00:06:14,430
Why?

80
00:06:14,520 --> 00:06:20,790
We can't really directly reach out to the system itself, to be really honest, to raise it.

81
00:06:21,120 --> 00:06:30,870
And people folks who understand the Internet or architecture or DCP IP, well, they it's basically,

82
00:06:31,770 --> 00:06:35,090
of course, will be covering the Tsipi stack in detail as well.

83
00:06:36,030 --> 00:06:39,740
But understand this way, there are two reasons.

84
00:06:39,790 --> 00:06:47,940
First, as every system that is being used by home user or the organization, it's hidden behind a router

85
00:06:48,750 --> 00:06:49,860
hidden by a router.

86
00:06:50,100 --> 00:06:56,340
So you have a router which basically translates your private IP, your system IP address.

87
00:06:56,640 --> 00:07:03,720
But the external IP address with that, the external party, the attackers or anybody out there won't

88
00:07:03,720 --> 00:07:08,130
really get the idea of what are the system, what is the system, actual IP address.

89
00:07:08,490 --> 00:07:12,120
So there is no idea somebody can get the information about this user.

90
00:07:12,510 --> 00:07:21,150
Another, as there is by default, all the old all the incoming request from the from the external party,

91
00:07:21,150 --> 00:07:25,550
from the untrusted party or from the public network is blocked.

92
00:07:26,370 --> 00:07:32,280
You can never find Facebook popping up on the system and asking, OK, hey, are you interested to post

93
00:07:32,280 --> 00:07:33,330
some blogs or something?

94
00:07:33,360 --> 00:07:36,870
No, that's not going to happen unless you go out.

95
00:07:38,310 --> 00:07:40,500
The request never comes back.

96
00:07:40,590 --> 00:07:47,220
And that's the that's the Stapleford behavior that the connections connection approach.

97
00:07:47,220 --> 00:07:51,330
Basically, that's how the three way handshake DCB stack really works great.

98
00:07:51,750 --> 00:07:58,410
And that's why once you once there's something inside your system, once the payload is in your system

99
00:07:58,650 --> 00:08:04,620
and that sends the request out there, then the payload or the execution can be done on, then somebody

100
00:08:04,620 --> 00:08:07,160
can be reach out to your system.

101
00:08:07,180 --> 00:08:07,500
Right.

102
00:08:07,500 --> 00:08:09,150
So that's exactly what works.

103
00:08:09,390 --> 00:08:14,820
And that's why you need the malware to be available on your system.

104
00:08:15,150 --> 00:08:20,610
And that has to be intentionally downloaded by yourself or maybe by any other method.

105
00:08:20,870 --> 00:08:21,270
Right.

106
00:08:21,540 --> 00:08:24,060
So that's completely planning fees.

107
00:08:24,060 --> 00:08:30,510
And because this is all about hacking Windows 10 machine, we are we are not talking about hacking.

108
00:08:30,510 --> 00:08:32,700
We have application and this example.

109
00:08:33,120 --> 00:08:41,400
So will be very much on this track, will be very much on will be very much talking about hacking or

110
00:08:41,400 --> 00:08:44,820
payload or malware or exploit related to the windows.

111
00:08:45,120 --> 00:08:45,510
All right.

112
00:08:45,840 --> 00:08:47,520
So I hope you got the idea.

113
00:08:47,550 --> 00:08:51,470
In case you have any question you can ask me the security.

114
00:08:51,630 --> 00:08:52,600
I'll be there for you.

115
00:08:52,950 --> 00:08:53,790
Thank you so much.