1 00:00:01,590 --> 00:00:03,420 ‫To compromise the victims systems. 2 00:00:03,690 --> 00:00:09,360 ‫We prepared some malicious software and forced the victim to run the malware into their systems so we 3 00:00:09,360 --> 00:00:14,250 ‫can open a backdoor or steal some data or gain a session, et cetera. 4 00:00:16,940 --> 00:00:22,400 ‫Before talking about the customer payload creation, we need to see a few terms to make the subject 5 00:00:22,400 --> 00:00:22,910 ‫clearer. 6 00:00:24,100 --> 00:00:29,800 ‫Most likely, you already know the terms we'll talk about in this slide, if so, just jump to the next 7 00:00:29,800 --> 00:00:30,040 ‫one. 8 00:00:31,150 --> 00:00:31,930 ‫Malware. 9 00:00:33,070 --> 00:00:35,550 ‫It's a short term of the term malicious software. 10 00:00:35,770 --> 00:00:39,250 ‫It's a kind of software that's used to compromise the computer systems. 11 00:00:40,350 --> 00:00:46,200 ‫It's an umbrella term used to refer to a variety of forms of hostile or intrusive software, including 12 00:00:46,620 --> 00:00:58,280 ‫computer viruses, worms, trojans, ransomware, spyware, adware, shareware and other malicious programs. 13 00:00:59,260 --> 00:01:06,250 ‫It can take the form of executable code, scripts, act of content and other software. 14 00:01:08,080 --> 00:01:14,470 ‫Payload inside malware is the portion of the malware which performs malicious action. 15 00:01:15,340 --> 00:01:23,110 ‫Metasploit Framework is one of the most known terms in the cybersecurity domain as the open source project 16 00:01:23,110 --> 00:01:30,310 ‫of the Metasploit Project Metasploit Framework as a tool for developing and executing exploit code against 17 00:01:30,310 --> 00:01:31,300 ‫the target machine. 18 00:01:32,940 --> 00:01:38,640 ‫Even though they're depreciated and removed from Metasploit Framework, I'd like to talk about MSFT 19 00:01:38,640 --> 00:01:46,800 ‫payload and MSFT encode first the depreciated because their abilities are collected into a single tool. 20 00:01:47,190 --> 00:01:55,620 ‫MSFT Venom To understand what MSF Venom does, it's better to talk about massive payload and MSF encode 21 00:01:55,620 --> 00:01:56,160 ‫first. 22 00:01:57,690 --> 00:02:04,140 ‫MSF payload was a command line tool that's used to generate an output, all the various types of shellcode 23 00:02:04,350 --> 00:02:11,760 ‫that are available in Metasploit using MMFs payload, you can create an executable file as well as creating 24 00:02:11,760 --> 00:02:16,410 ‫a payload to embed the file the parameters displayed in the slide. 25 00:02:16,650 --> 00:02:20,130 ‫Give us some more about what the MSV payload does. 26 00:02:21,560 --> 00:02:27,470 ‫Most of the time, one cannot simply use shellcode generated straight out of mischief payload. 27 00:02:28,040 --> 00:02:32,180 ‫It needs to be encoded to suit the target in order to function properly. 28 00:02:32,630 --> 00:02:40,220 ‫This can mean transforming your shellcode into pure alphanumeric, getting rid of bad characters or 29 00:02:40,220 --> 00:02:42,590 ‫encoding it for 64 bit target. 30 00:02:43,400 --> 00:02:49,960 ‫It can also be instructed to encode shellcode multiple times, output the shellcode in numerous formats, 31 00:02:49,970 --> 00:02:56,840 ‫see Perl, Ruby and one can even merge it to an existing executable file. 32 00:02:57,440 --> 00:03:02,240 ‫So most of the time this tool was used in conjunction with MSFT payload. 33 00:03:03,020 --> 00:03:07,910 ‫MSFT Venom is the Metasploit standalone payload generator. 34 00:03:08,360 --> 00:03:15,080 ‫It's the combination of MSF payload and MSF code putting both of these tools into a single framework 35 00:03:15,080 --> 00:03:15,710 ‫instance. 36 00:03:16,100 --> 00:03:21,140 ‫That means MSF Venom is a combination of payload generation and encoding. 37 00:03:21,980 --> 00:03:26,780 ‫You can do everything that you can do with MSF payload and MSF. 38 00:03:26,780 --> 00:03:34,580 ‫In code, you can generate a payload, encode the payload, avoid the bad characters, use a custom 39 00:03:34,580 --> 00:03:36,140 ‫template and more.