1
00:00:00,120 --> 00:00:06,570
All right, my friends, this situation, and I hope you're following me thoroughly throughout this

2
00:00:06,570 --> 00:00:06,980
course.

3
00:00:07,560 --> 00:00:10,220
Let's get started or below.

4
00:00:11,520 --> 00:00:20,370
Our next job is basically to make our payload very much effective and become stronger as well so that

5
00:00:20,370 --> 00:00:22,740
it becomes more and more undetectable.

6
00:00:23,160 --> 00:00:30,270
And I'll also show you even on the antivirus and before we going into the target machine, I'll also

7
00:00:30,270 --> 00:00:35,400
show you how many devices can actually detect our payload as well.

8
00:00:35,760 --> 00:00:43,020
So we'll talk about this not just specific to our target machine, but even about several lentiviruses

9
00:00:43,020 --> 00:00:46,080
and their detection ratio is OK.

10
00:00:46,110 --> 00:00:51,570
So let's get started and start making more payload more and more undetectable.

11
00:00:53,100 --> 00:00:53,500
All right.

12
00:00:53,520 --> 00:00:58,190
So this is our candy machine and we can you at this moment.

13
00:00:59,250 --> 00:01:03,720
OK, so let's start making use of Pennsylvania.

14
00:01:04,980 --> 00:01:11,010
And as you already know for your friends, you can always make use of my iPhone.

15
00:01:11,010 --> 00:01:12,630
iPhone has for.

16
00:01:13,190 --> 00:01:16,050
Oh, sorry, that's my bad.

17
00:01:16,650 --> 00:01:18,140
I have to have.

18
00:01:18,720 --> 00:01:22,770
Usually when you see the red, that's when there's something wrong with it or not.

19
00:01:22,770 --> 00:01:23,910
The note come out.

20
00:01:24,300 --> 00:01:27,930
So this is what you can always refer to for knowing much more.

21
00:01:27,930 --> 00:01:30,060
Commander, for your reference, in fact.

22
00:01:30,850 --> 00:01:33,780
OK, so let's start building it.

23
00:01:33,780 --> 00:01:35,030
So MSF venom.

24
00:01:37,260 --> 00:01:39,510
OK, so then we took the payload.

25
00:01:40,710 --> 00:01:50,050
We can keep it as simple as we have tried earlier so we can keep it like windows Victor.

26
00:01:52,660 --> 00:02:00,340
And then I remember one thing by default, it's always by default whenever you create the bailout,

27
00:02:00,340 --> 00:02:03,630
it's always for a business.

28
00:02:03,740 --> 00:02:12,430
Again, if you want to make it for X 64, 64 bit architecture, you can do it here, 64.

29
00:02:12,430 --> 00:02:15,560
So 64 and this one.

30
00:02:15,960 --> 00:02:25,060
But in this situation, if you want to keep it just for the 60, 86, sorry, you don't need to specify

31
00:02:25,060 --> 00:02:28,870
by default it is taking 86 to reverse.

32
00:02:30,690 --> 00:02:35,770
You can even drive for Stoebe or CBS.

33
00:02:35,940 --> 00:02:36,340
Right.

34
00:02:37,080 --> 00:02:38,890
We'll keep it simple.

35
00:02:40,600 --> 00:02:40,950
All right.

36
00:02:41,260 --> 00:02:45,790
Once it is done, then we'll have to defend the host.

37
00:02:47,260 --> 00:02:48,790
But we have our own system.

38
00:02:48,790 --> 00:02:53,160
IP, at this point of time will define our borders.

39
00:02:53,170 --> 00:02:56,990
Well, we can keep it for you.

40
00:02:57,700 --> 00:03:01,650
Whatever you feel like can be any random number.

41
00:03:02,230 --> 00:03:04,080
Now, this is from now on.

42
00:03:04,090 --> 00:03:05,110
What's your real job?

43
00:03:05,110 --> 00:03:11,080
Start to make your payload even more stronger, more undetectable.

44
00:03:11,110 --> 00:03:11,450
Right.

45
00:03:11,950 --> 00:03:16,780
So as a part of this action will try to make use of an encoding algorithm.

46
00:03:17,350 --> 00:03:21,460
There are many the most popular one is basically Chicot.

47
00:03:21,460 --> 00:03:24,680
I've gotten nine and that's what we got to using it.

48
00:03:25,810 --> 00:03:28,180
So let's let's make use of it first.

49
00:03:28,420 --> 00:03:37,060
Let's remove some bad character in the payload so that we can be our payload looks pretty clear so you

50
00:03:37,060 --> 00:03:46,990
can make it like this way and then and then use this will remove any bad character from the system.

51
00:03:47,350 --> 00:03:51,070
And then there are some changes that you have to do in the opposite.

52
00:03:51,940 --> 00:04:00,710
Slept is basically that's where you define values that can bend land size of the payload, in fact.

53
00:04:00,730 --> 00:04:07,840
So you can specify any random number, maybe gets it one zero one two, maybe over one zero anytime

54
00:04:07,840 --> 00:04:08,940
one zero one zero zero.

55
00:04:09,310 --> 00:04:12,990
And then you define the format of your system.

56
00:04:13,000 --> 00:04:17,140
I mean, so the encoding is what the encoder is like.

57
00:04:17,150 --> 00:04:20,380
This you have to specify minus E Ifni.

58
00:04:20,390 --> 00:04:21,610
That's how you define all.

59
00:04:21,620 --> 00:04:25,690
Probably you can make use of hyphen IP encoded as this way.

60
00:04:25,950 --> 00:04:30,040
OK, so once that is done then you specify the name of it.

61
00:04:30,040 --> 00:04:40,190
That could be x 86 and then you specify the name that's called Secada and Nine.

62
00:04:41,260 --> 00:04:43,940
So we have selected the selected encoder.

63
00:04:43,960 --> 00:04:51,460
Now let's have some iteration, the number of time your people get going so you can specify and you

64
00:04:51,670 --> 00:04:58,840
can even go for maybe just to keep, but you don't even have to try multiple more times as well, so

65
00:04:58,840 --> 00:05:06,110
that if you start trying to encode your payload more than, you know, more than a nutritional value

66
00:05:06,110 --> 00:05:13,060
or an event number, it might make your payload corrupted as well.

67
00:05:13,180 --> 00:05:13,460
OK.

68
00:05:13,480 --> 00:05:17,390
So we will be talking about this now.

69
00:05:17,410 --> 00:05:23,830
Once it is done, then you can finally see your payload as you can, of course, define the format of

70
00:05:23,830 --> 00:05:33,970
the system going forward to be ACCE and then you can save this file into your the directory that you

71
00:05:33,970 --> 00:05:35,910
wish to save it.

72
00:05:36,250 --> 00:05:40,220
So I'll keep it on my system itself and they will get it so.

73
00:05:40,700 --> 00:05:44,110
So I specified but group encoded.

74
00:05:44,890 --> 00:05:45,250
Sorry.

75
00:05:46,180 --> 00:05:52,360
And go with the payload ecac.

76
00:05:52,570 --> 00:05:54,070
That's going to be for Windows.

77
00:05:54,100 --> 00:06:00,940
That's why I emc now in our usual practice for the real world, whenever somebody makes the payload

78
00:06:00,940 --> 00:06:05,350
it has to be in such a way that it kind of means the user.

79
00:06:05,350 --> 00:06:05,600
Right.

80
00:06:05,640 --> 00:06:08,890
So we definitely not going to use this name.

81
00:06:09,250 --> 00:06:15,160
We probably we can probably you might use the W or something like this.

82
00:06:15,160 --> 00:06:15,460
Right.

83
00:06:15,490 --> 00:06:21,580
Or maybe salary slip on the stuff.

84
00:06:21,620 --> 00:06:21,880
Right.

85
00:06:22,300 --> 00:06:28,600
This where it makes a beeline for the target user or the victim to download this file from the system.

86
00:06:29,050 --> 00:06:35,340
OK, the moment you hit under this payload get generated and you might see the number of iteration that's.

87
00:06:35,710 --> 00:06:36,680
Let's get started.

88
00:06:37,090 --> 00:06:38,200
Let's see how it.

89
00:06:39,880 --> 00:06:41,770
End up generating the people.

90
00:06:43,010 --> 00:06:44,440
OK, lovely.

91
00:06:44,680 --> 00:06:49,220
You have seen it have it has cried 12 times in person.

92
00:06:49,660 --> 00:06:50,060
All right.

93
00:06:50,060 --> 00:06:52,390
To this way, our pilot has been diverted.

94
00:06:52,420 --> 00:06:56,720
You can see that currently we are, of course, in the room directly.

95
00:06:56,800 --> 00:07:03,840
And then you can see or hear this is how the pilot has been treated with the encoder.

96
00:07:03,970 --> 00:07:04,350
Right.

97
00:07:04,390 --> 00:07:07,720
So this makes the pilot even more unpredictable.

98
00:07:08,170 --> 00:07:15,010
So you need they look for the stations, how to how to scan, how to scan your sample across multiple

99
00:07:15,130 --> 00:07:25,150
devices and to know which antivirus can be bypassed and which one can scan your payload as a virus or

100
00:07:25,150 --> 00:07:27,880
malware on any infected file.

101
00:07:27,940 --> 00:07:28,280
All right.

102
00:07:28,630 --> 00:07:30,250
So I hope you got the idea.

103
00:07:30,250 --> 00:07:31,750
Will catch you in the next mission then.

104
00:07:31,750 --> 00:07:32,250
Thank you.