1
00:00:00,440 --> 00:00:08,060
Hello and welcome back in the last lap pratico, we already built the password for the L-l file.

2
00:00:08,720 --> 00:00:14,570
Now we are going to convert this into four hex string and then put it in our Trojan.

3
00:00:15,650 --> 00:00:18,890
So in order to convert this into a formatted screen.

4
00:00:20,860 --> 00:00:27,160
We put it in open air in House Ed Thanks, Ed..

5
00:00:28,690 --> 00:00:31,690
And then you can see it is be executable.

6
00:00:31,720 --> 00:00:38,380
It's called the magic by Ms Z and B Magic by here.

7
00:00:38,650 --> 00:00:40,420
Also the string.

8
00:00:41,770 --> 00:00:45,830
And so this is a complete P executable.

9
00:00:46,420 --> 00:00:50,040
So we are going to explore this as a.

10
00:00:51,230 --> 00:00:52,790
So go too far, export.

11
00:00:52,940 --> 00:00:53,780
So let's see.

12
00:00:57,090 --> 00:01:00,930
And then select the folder that you want to export it to.

13
00:01:04,830 --> 00:01:12,990
Our Dear Inject Trojan, so you can export it as persuasively a Ferdowsi sea safe.

14
00:01:14,520 --> 00:01:21,690
And you can now close this, so now you go and look at your audio injector Trojan folder.

15
00:01:22,020 --> 00:01:25,140
There is a new file of passive sniffer dogs see.

16
00:01:26,110 --> 00:01:28,750
So we open this year, if not that plus plus.

17
00:01:30,210 --> 00:01:38,040
And you should have your your file here, bassist sniffer Ferdowsi, and you can see the he is a very

18
00:01:38,040 --> 00:01:48,420
long file copy formatted, so all we need to do is to copy everything from here right down to the end

19
00:01:48,420 --> 00:01:51,630
of this this file.

20
00:01:52,110 --> 00:02:01,830
The last line copy all of this and then open your the injector trojan.

21
00:02:02,550 --> 00:02:05,160
We've got that plus plus and then.

22
00:02:06,650 --> 00:02:14,090
Basically in here to override this, to override all of this territory, everything and then rename

23
00:02:14,090 --> 00:02:16,450
it to this name, that's it.

24
00:02:17,330 --> 00:02:26,540
So once you've done that, you've already got your password sniffer dial in hex string format inside

25
00:02:26,570 --> 00:02:28,310
your gear injector.

26
00:02:29,360 --> 00:02:34,880
So next thing to do is to compile it so that the now go to this location.

27
00:02:36,440 --> 00:02:38,030
We don't need this anymore.

28
00:02:38,150 --> 00:02:39,020
So if you do?

29
00:02:42,130 --> 00:02:43,030
Yesterday's.

30
00:02:45,750 --> 00:02:47,010
You can also close this.

31
00:02:48,030 --> 00:02:50,190
And now we can go to this location.

32
00:02:51,320 --> 00:02:56,850
Copy here to go to your x64 native to his command from.

33
00:03:00,200 --> 00:03:03,050
Change to correct directory and compile.

34
00:03:04,460 --> 00:03:07,340
By using the composite hit enter.

35
00:03:26,170 --> 00:03:32,170
Now he has finished compiling and building it, you can see a new five year deal injector so we can

36
00:03:32,170 --> 00:03:33,760
now manually test this.

37
00:03:34,720 --> 00:03:37,960
So let us run the program directly.

38
00:03:39,280 --> 00:03:41,290
Yeah, Injector EIC hit enter

39
00:03:43,900 --> 00:03:45,370
and it is running now.

40
00:03:45,400 --> 00:03:52,120
You can see it is a great day and then we can open a debate with you.

41
00:03:53,540 --> 00:03:58,830
Live view, search for DBG View and open.

42
00:04:01,350 --> 00:04:03,720
You can also open process, hacker.

43
00:04:06,640 --> 00:04:07,120
Yes.

44
00:04:09,560 --> 00:04:12,770
We are going to monitor it using Prozac and debug view.

45
00:04:14,510 --> 00:04:16,310
So now we are ready to.

46
00:04:18,280 --> 00:04:20,620
Open our barracks so openly, I agree.

47
00:04:22,410 --> 00:04:30,960
And Sylvia, you will see this output process to inject the IDs one six, two four and injecting done

48
00:04:31,590 --> 00:04:34,470
allocated memory to two, followed by four zeros.

49
00:04:35,040 --> 00:04:38,720
This must be the region of memory in sight.

50
00:04:39,330 --> 00:04:43,890
There are three which has been allocated for the injection, so you can.

51
00:04:44,190 --> 00:04:51,030
You can confirm that by going to this memory address, that means you use process hacker open very screen

52
00:04:51,960 --> 00:04:54,600
and then go through the memory.

53
00:04:54,610 --> 00:04:58,860
Before that, let's go to my news first and see your process any further.

54
00:04:59,220 --> 00:05:00,210
These are the injected.

55
00:05:01,840 --> 00:05:08,620
And I know if you head over to memory and this address two two four five zero, you should be able to

56
00:05:08,620 --> 00:05:09,520
see the.

57
00:05:10,760 --> 00:05:13,700
The string containing the path to the yeah.

58
00:05:18,750 --> 00:05:19,740
Which is over here.

59
00:05:19,950 --> 00:05:23,430
Peter Boyle, right, about two two, followed by four zeros, if you double click on this.

60
00:05:23,970 --> 00:05:27,180
You will see the injected puff over here.

61
00:05:27,330 --> 00:05:33,870
So this is viewed by Highbury to look your e-mail into the process.

62
00:05:35,700 --> 00:05:37,530
So their concern has been loaded.

63
00:05:38,580 --> 00:05:45,030
Now you can see here so successfully home and then unable to drink, that's OK.

64
00:05:46,040 --> 00:05:49,760
So now you can try to mount and see if you can capture the password.

65
00:05:50,990 --> 00:05:59,720
So we go here and select the drive letter, why selective file and you want to mount?

66
00:06:01,860 --> 00:06:06,660
Reducing a key driver, actually, and this is a one click open.

67
00:06:07,690 --> 00:06:09,160
And then he announced.

68
00:06:11,220 --> 00:06:13,980
Check this display passport so that you can see what you're typing.

69
00:06:14,490 --> 00:06:20,010
Sally Sharp, I want to add on to your passport.

70
00:06:20,430 --> 00:06:22,730
That's the SWG.

71
00:06:23,430 --> 00:06:23,910
OK.

72
00:06:28,490 --> 00:06:28,790
OK.

73
00:06:29,410 --> 00:06:35,730
OK, and I can see the UAW shows the VW output without of it.

74
00:06:36,300 --> 00:06:44,520
And then if you head over to your seat right there, actually for although you can see new file has

75
00:06:44,520 --> 00:06:45,120
been created.

76
00:06:45,630 --> 00:06:48,930
If you open it, you can see your password has been saved.

77
00:06:50,160 --> 00:06:50,910
That's password.

78
00:06:51,240 --> 00:06:52,260
So it's successful.

79
00:06:53,250 --> 00:06:56,010
So our menu testing is successful.

80
00:06:56,820 --> 00:07:01,860
Now we are going to put it in, say, the startup folder.

81
00:07:03,180 --> 00:07:04,620
So let's clear the screen.

82
00:07:05,170 --> 00:07:06,110
We just found this.

83
00:07:07,770 --> 00:07:15,810
We close a city in Iraq now we are going to put our.

84
00:07:16,820 --> 00:07:17,630
Just close this.

85
00:07:19,050 --> 00:07:24,210
And this again, we are going to put this in sight.

86
00:07:24,740 --> 00:07:27,030
I I for there to make it persistent.

87
00:07:28,880 --> 00:07:37,610
So we open our for the we copy this file and then we are going to put it in the starter for the.

88
00:07:39,230 --> 00:07:45,710
To assess the staff for the we use the.

89
00:07:47,820 --> 00:07:52,530
Constrained environment variable call have data.

90
00:07:58,780 --> 00:08:09,880
Percentage Ed percentage, then you take you to the editor for which is here and then you go to Microsoft.

91
00:08:11,020 --> 00:08:12,640
Go to Windows.

92
00:08:13,960 --> 00:08:19,060
Go to the stock menu, go to programs and go to start up.

93
00:08:20,230 --> 00:08:21,410
Now you going to copy it?

94
00:08:21,430 --> 00:08:25,980
Put your Trojan here in this folder.

95
00:08:25,990 --> 00:08:27,970
Staff order now.

96
00:08:27,970 --> 00:08:36,280
Every time the machinery reboots, this Trojan is going to run and he's going to recite in memory and

97
00:08:36,280 --> 00:08:39,670
looping all the time waiting for that kid to look.

98
00:08:40,360 --> 00:08:44,140
So they are going to reboot this virtual machine and see if he works.

99
00:08:47,550 --> 00:08:52,620
Meanwhile, you also delete the All Blacks that far.

100
00:08:54,340 --> 00:08:55,450
So let's delete this.

101
00:08:59,140 --> 00:08:59,480
Closed.

102
00:09:00,190 --> 00:09:03,040
And I'm going to reboot my Witcher machine.

103
00:09:06,230 --> 00:09:11,600
We start our quality video and come back once it has rebooted.

104
00:09:21,220 --> 00:09:21,730
And he has.

105
00:09:24,280 --> 00:09:30,550
And he has it has a rebuttal, and you can see this console has popped up, meaning that our Trojan

106
00:09:30,550 --> 00:09:31,120
is running.

107
00:09:32,790 --> 00:09:33,980
Tesco to full screen.

108
00:09:36,930 --> 00:09:41,550
So now it is raining, and you can see the title by a shows.

109
00:09:42,730 --> 00:09:44,000
Yeah, injector Trojan.

110
00:09:44,140 --> 00:09:45,370
I see it is running.

111
00:09:45,850 --> 00:09:49,900
So now you open that screen and see what happens.

112
00:09:51,340 --> 00:09:58,030
And you can see process to inject the ID two three zero eight injecting injection down and a Trojan

113
00:09:58,030 --> 00:09:58,720
horse exited.

114
00:09:59,740 --> 00:10:01,810
So the injection is now successful.

115
00:10:05,020 --> 00:10:07,930
Let's try to mount our fire.

116
00:10:11,630 --> 00:10:17,360
Go to your C drive, select the vaccine.

117
00:10:19,480 --> 00:10:20,230
My data.

118
00:10:22,180 --> 00:10:23,290
Adding Mount.

119
00:10:25,150 --> 00:10:31,150
Hate on display, password, select select, I won't do and then keeping your password.

120
00:10:36,230 --> 00:10:37,910
Is he OK?

121
00:10:43,820 --> 00:10:47,780
And you can see he has mounted not us, go to our.

122
00:10:49,640 --> 00:10:56,290
There are three four there, and check out the password file and here is your password file opening.

123
00:10:58,410 --> 00:11:02,490
And you can see your password has been captured here, so it works.

124
00:11:03,120 --> 00:11:03,760
So that's it.

125
00:11:04,050 --> 00:11:04,980
It really works.

126
00:11:05,220 --> 00:11:08,280
So there are a few things you can improve on.

127
00:11:08,670 --> 00:11:16,160
First is you doing one, the Trojan to pop up a black screen when it runs, right?

128
00:11:16,170 --> 00:11:18,420
So there is a first improvement you can make.

129
00:11:20,190 --> 00:11:26,670
And in order to prevent the Trojan from putting out on black screen, you have to change this into a

130
00:11:26,670 --> 00:11:29,070
winning executable.

131
00:11:36,760 --> 00:11:39,220
OK, so to change to win executable.

132
00:11:40,420 --> 00:11:41,410
You need to.

133
00:11:43,910 --> 00:11:46,290
Change this to women.

134
00:11:47,500 --> 00:11:48,080
Women.

135
00:11:49,100 --> 00:11:57,050
So if you want to know how to change the women, all you need to do is search for the signature for

136
00:11:57,050 --> 00:12:01,010
women by going to MSD and Microsoft.