1
00:00:08,430 --> 00:00:14,670
OK, so in the last lecture, we installed the werewolf station, that's going to be sort of our base,

2
00:00:14,820 --> 00:00:17,930
our ground for everything that we're going to build into our cyber age.

3
00:00:18,210 --> 00:00:22,200
And now we need our attacker, the we're going to use callisthenics.

4
00:00:22,300 --> 00:00:27,600
This is the industry standard virtual machine when it comes to launching attacks.

5
00:00:27,950 --> 00:00:28,320
All right.

6
00:00:28,540 --> 00:00:30,750
The most advanced penetration testing distribution ever.

7
00:00:30,840 --> 00:00:35,190
Yeah, it really is pretty advanced because I'm a little bit you can see, yes, it actually is the

8
00:00:35,190 --> 00:00:35,940
industry standard.

9
00:00:36,420 --> 00:00:41,140
And there's a lot of really, really cool things that you can do with Kelly.

10
00:00:41,610 --> 00:00:43,690
Here's a little snapshot of the image.

11
00:00:44,460 --> 00:00:47,180
And if we scroll down a little bit, you can see it's got all these tools, right?

12
00:00:47,190 --> 00:00:47,730
You got burps.

13
00:00:47,730 --> 00:00:52,950
We Hydra, John the Ripper now TEGO in map responder sequel map.

14
00:00:53,460 --> 00:00:54,750
I mean, it's crazy.

15
00:00:54,750 --> 00:00:59,160
There's so many different attack tools here, Wireshark, and it's all built into this distribution

16
00:00:59,160 --> 00:01:02,790
so that you don't need to really worry about installing it.

17
00:01:03,810 --> 00:01:08,100
You can click on tools and you can see I mean, the list just goes on and on, guys.

18
00:01:09,360 --> 00:01:10,440
So we're going to go in and set this up.

19
00:01:10,440 --> 00:01:14,580
I'm going to show you the easiest way to set up Caleigh is just to install the virtual machine.

20
00:01:14,580 --> 00:01:18,000
So I must go all the way up to the top and let's go to download.

21
00:01:19,320 --> 00:01:22,520
And instead of getting the installers, this is the installer.

22
00:01:22,530 --> 00:01:23,700
This is the live CD.

23
00:01:23,700 --> 00:01:29,130
So that you could put from a CD if you want to do is the version for Apple with a new one processor.

24
00:01:29,310 --> 00:01:32,970
Where we're going to do is we're just going to grab the virtual machines for being a workstation.

25
00:01:33,090 --> 00:01:36,030
So we go to the VMware download page.

26
00:01:38,610 --> 00:01:42,780
Know what we can do, by the way, the password tells you, but here's Kelly Kelly.

27
00:01:43,420 --> 00:01:48,890
That's how we get in and we want the 64 bit Kelly Linux being my workstation.

28
00:01:48,910 --> 00:01:53,320
So it's two point four geeks is going to take some time, but we can go and grab that kick this download

29
00:01:53,320 --> 00:01:53,650
off.

30
00:01:54,340 --> 00:01:54,760
All right.

31
00:01:54,760 --> 00:01:55,840
To the download has finished.

32
00:01:55,850 --> 00:01:57,820
Let's go ahead and open and extract.

33
00:02:01,510 --> 00:02:07,180
It's going to right click it and I'm using seven zip to extract the way that I got seven zip if you

34
00:02:07,180 --> 00:02:07,880
don't have seven zip.

35
00:02:07,900 --> 00:02:09,970
By the way, you can just go to seven.

36
00:02:10,690 --> 00:02:15,200
Zip, I believe was just seven zip big with a dash between the seven and zip.

37
00:02:16,360 --> 00:02:16,720
Yeah.

38
00:02:16,750 --> 00:02:19,500
And just download the 64 bit Dixy.

39
00:02:20,140 --> 00:02:20,280
Right.

40
00:02:20,420 --> 00:02:26,290
Install that and once you install it you'll have the option of Right clicking.

41
00:02:27,470 --> 00:02:32,660
And then going to seven zip and saying extract here, OK, so I'm going to go in and check to this folder

42
00:02:33,110 --> 00:02:35,430
once the finishes will come back around, right.

43
00:02:35,540 --> 00:02:38,050
So we've got to extract it, but jump into the folder.

44
00:02:39,290 --> 00:02:41,990
And what do you want to do with click this David Mix file?

45
00:02:42,000 --> 00:02:48,590
It should automatically open with VMware workstation because it is a VM where virtual machine configuration

46
00:02:48,590 --> 00:02:48,870
file.

47
00:02:49,250 --> 00:02:50,000
So we double click it.

48
00:02:51,550 --> 00:02:54,100
And what do you know, the workstation pops to the foreground.

49
00:02:54,580 --> 00:02:57,070
The first thing we're going to do is we're just going to rename this.

50
00:02:57,400 --> 00:02:57,850
It's going to right.

51
00:02:57,850 --> 00:02:59,740
Click it rename.

52
00:03:00,260 --> 00:03:06,240
I'm going to call it Calli 20 21 dot one.

53
00:03:06,700 --> 00:03:08,980
It's the version of the VM.

54
00:03:09,570 --> 00:03:10,710
It's close home tab.

55
00:03:10,720 --> 00:03:12,180
And we need to change a couple of things in here.

56
00:03:12,790 --> 00:03:14,830
So let's go to a virtual machine settings.

57
00:03:15,250 --> 00:03:15,550
All right.

58
00:03:15,550 --> 00:03:23,320
So we've got two gigabytes of RAM that should be sufficient for processors that should work on the 80

59
00:03:23,320 --> 00:03:24,730
gigabytes of hard drive space.

60
00:03:24,760 --> 00:03:25,450
That's a good bet.

61
00:03:25,450 --> 00:03:29,350
We don't need quite that much, but I think it doesn't matter because this VM is built that way.

62
00:03:29,350 --> 00:03:30,670
So we're just going to leave it the way it is.

63
00:03:32,100 --> 00:03:36,570
The network adaptor we're going to leave it is not for now, so we can update the VM after we finish

64
00:03:36,660 --> 00:03:37,110
doing that.

65
00:03:37,140 --> 00:03:43,080
We'll go ahead and change it over to Bridgid because we want our attacker to we're basically trying

66
00:03:43,080 --> 00:03:47,700
to simulate an adversary on the outside of our network, outside of our DMZ, you know, see what I

67
00:03:47,700 --> 00:03:48,330
mean in a moment.

68
00:03:48,880 --> 00:03:51,300
So it's going to be that the way it is, everything looks good.

69
00:03:52,140 --> 00:03:53,430
Click on Over to Options.

70
00:03:53,820 --> 00:03:55,310
Anything else we need to configure here?

71
00:03:56,830 --> 00:04:02,440
Enhanced keyboard with that, if available at sea shareholders, we don't have to mess with that right

72
00:04:02,440 --> 00:04:02,740
now.

73
00:04:03,250 --> 00:04:03,610
All right.

74
00:04:03,610 --> 00:04:05,050
So everything else looks pretty good.

75
00:04:05,530 --> 00:04:08,710
Let's go to the hard disk and see test.

76
00:04:09,910 --> 00:04:10,320
All right.

77
00:04:10,330 --> 00:04:10,900
So this is good.

78
00:04:10,930 --> 00:04:14,740
I was checking the hard disk to see if there was a way to change it over to an SSD because I have an

79
00:04:14,740 --> 00:04:15,580
SSTO on my computer.

80
00:04:15,580 --> 00:04:16,050
But it's OK.

81
00:04:16,660 --> 00:04:17,530
Everything looks good.

82
00:04:17,570 --> 00:04:17,890
Let's click.

83
00:04:17,890 --> 00:04:18,180
OK.

84
00:04:19,420 --> 00:04:25,030
And we're just going to fire this guy up on the virtual machine and we're just going to say I copied

85
00:04:25,030 --> 00:04:25,170
it.

86
00:04:26,470 --> 00:04:30,550
Now, while this boots, you may notice in the background, these files are going to fill out.

87
00:04:31,000 --> 00:04:31,530
That's OK.

88
00:04:31,560 --> 00:04:32,550
Don't need to worry about this.

89
00:04:33,100 --> 00:04:37,420
These are the files that being workstation uses to function like here you have the virtual memory from

90
00:04:37,420 --> 00:04:37,820
the VM.

91
00:04:37,840 --> 00:04:39,970
This is the virtual the VM desk.

92
00:04:39,970 --> 00:04:40,790
The virtual desk.

93
00:04:41,170 --> 00:04:41,400
Right.

94
00:04:41,440 --> 00:04:42,310
So it's not really a disk.

95
00:04:42,310 --> 00:04:43,060
It's just a file.

96
00:04:43,150 --> 00:04:50,890
But the VMware workstation hypervisor lies basically to the guest and tells the guest at this file is

97
00:04:50,890 --> 00:04:53,590
a disk that's a hypervisor work.

98
00:04:55,330 --> 00:04:56,350
While these boots are going to right.

99
00:04:56,350 --> 00:04:56,820
Click here.

100
00:04:57,520 --> 00:05:00,940
When I say new folder, I'm going to call this public.

101
00:05:01,510 --> 00:05:01,890
Right.

102
00:05:02,470 --> 00:05:06,250
Because this VM is going to be on a public network.

103
00:05:06,520 --> 00:05:09,700
It's going to drag it put in public and for the hour.

104
00:05:10,660 --> 00:05:11,560
And we should be good to go.

105
00:05:11,980 --> 00:05:19,720
We can log in with Kelly and we're going to go and kick off an update zero after update tech.

106
00:05:19,720 --> 00:05:23,970
Why that, Kelly, to get this thing going?

107
00:05:25,490 --> 00:05:33,560
Always one of the latest and greatest free labs and CEDO Apte of grade tech y and I love this upgrade

108
00:05:33,560 --> 00:05:34,060
complete.

109
00:05:34,070 --> 00:05:38,600
It's going to take a while and once it finishes, we'll circle back around here and we'll continue setting

110
00:05:38,600 --> 00:05:39,140
up Kelly.

111
00:05:39,530 --> 00:05:40,010
All right.

112
00:05:40,010 --> 00:05:40,970
So everything finished here.

113
00:05:40,970 --> 00:05:52,580
Let's just make sure that we have the latest version of open VM tools, desktop and Fuse.

114
00:05:53,660 --> 00:05:55,850
This is what Kelly recommends that you should have installed.

115
00:05:55,850 --> 00:06:01,880
If you want to make sure that you can drag and drop copy and paste between the guest, VM and the host.

116
00:06:02,390 --> 00:06:05,310
While that works in the background, that's going to change our background.

117
00:06:05,750 --> 00:06:07,870
So this is just a personal preference of mine.

118
00:06:07,880 --> 00:06:11,970
I like to change the wallpaper and see which one do I like here.

119
00:06:13,160 --> 00:06:13,970
This is the guy like.

120
00:06:13,970 --> 00:06:19,700
Yeah, and the other thing will change are the power settings that doesn't go to sleep.

121
00:06:21,050 --> 00:06:29,120
So what we'll do is we'll say system plugged in, get set to never display, display power management,

122
00:06:29,120 --> 00:06:29,750
turn that off.

123
00:06:31,840 --> 00:06:33,790
And put them will change this to never.

124
00:06:35,710 --> 00:06:39,760
When the screensaver is activated, don't bother with this thing right here.

125
00:06:40,050 --> 00:06:41,020
We don't want to lock the screen in.

126
00:06:41,020 --> 00:06:42,050
The system is going to sleep.

127
00:06:43,000 --> 00:06:43,660
This is our lab.

128
00:06:43,660 --> 00:06:47,380
So we want it to be available to us at all times because that all looks good to me.

129
00:06:49,060 --> 00:06:54,760
By the way, if the screen is too small, when you're building this out, you can type DPI and this

130
00:06:54,760 --> 00:06:57,760
will actually change the resolution so that everything gets bigger.

131
00:06:58,210 --> 00:07:04,840
And it'll just be a lot easier for you to sort of view that the contents of your VM than other windows

132
00:07:04,840 --> 00:07:05,460
can be kind of small.

133
00:07:05,470 --> 00:07:06,560
So that's one way to get around it.

134
00:07:07,270 --> 00:07:11,260
And one other thing we should do first is make sure we can think Google.

135
00:07:11,440 --> 00:07:13,330
Of course we can, because we just updated everything.

136
00:07:13,360 --> 00:07:14,290
We're connected to the Internet.

137
00:07:15,040 --> 00:07:17,590
But one thing we should do is just check out Kelly Linux's website.

138
00:07:18,010 --> 00:07:25,690
So if we go to the website, because you're probably going to want to eventually configure a file sharing.

139
00:07:27,340 --> 00:07:35,230
Between the guest and host VMS, let's going to clear this out first, customize and take away the title

140
00:07:35,230 --> 00:07:39,220
bar, take away the bookmark bar, change of theme to dark.

141
00:07:40,210 --> 00:07:40,530
Done.

142
00:07:41,440 --> 00:07:41,740
OK.

143
00:07:42,550 --> 00:07:49,100
We should also get Foxy proxy because we're going to need this when we start doing our pendas without

144
00:07:49,100 --> 00:07:51,550
Pinterest and Firefox.

145
00:07:54,290 --> 00:07:54,920
And that.

146
00:07:59,230 --> 00:08:00,960
OK, let's go to Kelly's website.

147
00:08:01,840 --> 00:08:05,320
This is what I wanted, so we just did this.

148
00:08:05,800 --> 00:08:11,440
So we're going to need to reboot, but this is how you can actually have support for shareholders when

149
00:08:11,440 --> 00:08:14,380
you're using open VMware tools, which you basically need to do is create.

150
00:08:15,790 --> 00:08:17,350
This file here, so it's going to do that.

151
00:08:22,590 --> 00:08:25,860
OK, so that's done, and then we get on to the next one and we're just going to say.

152
00:08:27,160 --> 00:08:28,870
Let's make this file executable.

153
00:08:31,300 --> 00:08:37,450
That's what that plus X does, OK, tabs, I flipped over control should be debased.

154
00:08:38,440 --> 00:08:39,070
Very good.

155
00:08:40,460 --> 00:08:46,130
And then all I need to do is run this controversy of town controls of the.

156
00:08:49,570 --> 00:08:54,690
Now, we don't really have any shareholders, but we can change that as pest control alt to escape the

157
00:08:54,700 --> 00:09:03,730
VM settings and then I can go to options shareholders and I'll just add my local downloads folder.

158
00:09:04,130 --> 00:09:08,710
I mean, it downloads that way.

159
00:09:08,770 --> 00:09:14,620
When you want to copy files between your host, your real machine and your guest VM, it's going to

160
00:09:14,620 --> 00:09:16,150
be pretty easy, like, OK.

161
00:09:17,400 --> 00:09:23,850
Next, I'll make it Read-Only so I don't accidentally overwrite something on my host from my guest finish.

162
00:09:24,300 --> 00:09:26,100
OK, let's go and rerun this.

163
00:09:27,310 --> 00:09:30,450
All right, so now if we go to CD amante,

164
00:09:35,010 --> 00:09:39,060
you can see I have two hundred and forty three files in my downloads folder, so that's good.

165
00:09:39,060 --> 00:09:44,170
Remelted and we can just get there by going to this MLT Agfest download folder.

166
00:09:44,820 --> 00:09:45,320
Very cool.

167
00:09:45,570 --> 00:09:49,350
And one of the things you should pay attention to is if you scroll down a little bit further, tells

168
00:09:49,350 --> 00:09:52,520
you what to do with the copy and paste functionality ends or if it stops working.

169
00:09:52,920 --> 00:09:57,090
So we're just going to go ahead and grab this because occasionally copy and paste will fail between

170
00:09:57,330 --> 00:09:58,230
the guest and the host.

171
00:09:58,890 --> 00:10:00,780
And this is a great way to sort of get around that.

172
00:10:02,850 --> 00:10:06,930
But I'm as a control, control, control.

173
00:10:06,930 --> 00:10:07,320
I control.

174
00:10:07,320 --> 00:10:09,240
I got the C4 cat.

175
00:10:10,870 --> 00:10:14,050
They would go and then I'm going to grab this.

176
00:10:16,620 --> 00:10:26,880
Make the script executable, Joseph, be very cool, and then whenever I need to do it, I copy and

177
00:10:26,880 --> 00:10:27,870
paste functionality breaks.

178
00:10:28,380 --> 00:10:30,810
I can just run this right here.

179
00:10:32,370 --> 00:10:39,780
Copy should be in, that should get everything back to normal and just to confirm the copy and paste

180
00:10:39,780 --> 00:10:41,610
does work, let's just make sure we can track something in.

181
00:10:54,110 --> 00:10:57,100
So I'm going to try to drag this executable into the aware.

182
00:10:57,440 --> 00:10:58,100
See if it works.

183
00:10:58,690 --> 00:11:01,190
Looks like it's got be very, very cool.

184
00:11:02,930 --> 00:11:03,770
Permission denied.

185
00:11:05,530 --> 00:11:08,920
We try skip all.

186
00:11:10,160 --> 00:11:11,020
Let's see it.

187
00:11:11,030 --> 00:11:11,570
Still do it.

188
00:11:12,420 --> 00:11:27,470
Create a city that the city desktop KDDI to go home desktop know we did not because I don't have rights

189
00:11:27,470 --> 00:11:29,090
to write to that folder for some reason.

190
00:11:37,830 --> 00:11:41,610
And it could be because they need to reboot, so let's just go ahead and do that.

191
00:11:44,700 --> 00:11:45,690
When in doubt, reboot.

192
00:11:50,870 --> 00:11:59,570
Back in, if I can drag it over here, you got got the file, so that's all we need for Kelly right

193
00:11:59,570 --> 00:11:59,920
now.

194
00:12:00,380 --> 00:12:03,950
And now we can actually move on to our victim workstations.

195
00:12:03,950 --> 00:12:05,640
And we'll start with Windows 10.

196
00:12:06,230 --> 00:12:08,130
I will see you guys in the next lecture.