1
00:00:07,860 --> 00:00:13,860
OK, so in the last lecture, I showed you how to get this beautiful screen up and working, but we

2
00:00:13,860 --> 00:00:16,560
want these important voting so that things are a little bit more realistic.

3
00:00:16,560 --> 00:00:16,810
Right.

4
00:00:16,830 --> 00:00:19,390
Shouldn't have to put 3000 in your browser.

5
00:00:19,410 --> 00:00:20,070
That's kind of lame.

6
00:00:20,610 --> 00:00:24,990
And we also want to make it look more realistic to our attacker, who is going to be on the public using

7
00:00:24,990 --> 00:00:25,320
Kawi.

8
00:00:25,330 --> 00:00:26,840
Twenty twenty one one.

9
00:00:27,360 --> 00:00:27,680
All right.

10
00:00:27,690 --> 00:00:32,670
So what I'm going to do is log into our router is what I want.

11
00:00:34,000 --> 00:00:34,360
That's it.

12
00:00:39,430 --> 00:00:40,050
You're not one.

13
00:00:42,430 --> 00:00:42,750
Yeah.

14
00:00:43,380 --> 00:00:43,800
Go ahead.

15
00:00:46,650 --> 00:00:48,730
Log into open sense.

16
00:00:49,670 --> 00:00:50,250
All right.

17
00:00:50,280 --> 00:00:55,380
And the first thing we want to do when we get here is we and we got to do this, OK, because.

18
00:00:56,410 --> 00:01:01,480
We need to block we need to uncheck block public networks and the interfaces, I'm going to tell you

19
00:01:01,480 --> 00:01:02,130
why in a moment.

20
00:01:02,140 --> 00:01:04,660
So if we click on interfaces, we go to win.

21
00:01:06,730 --> 00:01:11,410
We can scroll down, he sees his block public private networks now think about it on a typical wind

22
00:01:11,410 --> 00:01:12,430
interface, you'd want to do that.

23
00:01:12,430 --> 00:01:16,060
You don't want our FCC 1918 know your ten dollar dresses.

24
00:01:16,060 --> 00:01:17,430
You want anything 168.

25
00:01:17,680 --> 00:01:21,550
The 172 sixteen's to wanted me to 31 addresses hitting your win.

26
00:01:21,570 --> 00:01:22,530
That that should be blocked.

27
00:01:22,540 --> 00:01:24,550
That's private traffic but right in a lab.

28
00:01:24,670 --> 00:01:25,060
Right.

29
00:01:25,410 --> 00:01:31,690
And we're trying to emulate an adversary on the Internet attacking our web infrastructure.

30
00:01:31,900 --> 00:01:34,960
And that adversary is going to have a 190 to 168 address.

31
00:01:35,290 --> 00:01:39,370
We're pretending that it's public, but of course it's actually private because it follows the privacy

32
00:01:39,370 --> 00:01:40,450
1918 standard.

33
00:01:40,960 --> 00:01:47,350
So we just need to uncheck this in order for a lab to work somewhat uncheck block public block private

34
00:01:47,350 --> 00:01:49,210
networks, click save.

35
00:01:50,320 --> 00:01:51,910
Then don't forget after you click save.

36
00:01:52,210 --> 00:01:54,550
To apply it, you have to apply the changes.

37
00:01:54,670 --> 00:01:55,960
Otherwise it won't actually take.

38
00:01:56,980 --> 00:02:01,840
Yes, I've learned from experience right now we can set the point forward, so if we go to firewall.

39
00:02:03,000 --> 00:02:09,180
Firewall net put forward, you can see we don't have anything here, so we're going to click on ADD

40
00:02:10,020 --> 00:02:11,770
and this really important to pay attention here.

41
00:02:11,790 --> 00:02:14,550
OK, so we want to interface to be when.

42
00:02:15,060 --> 00:02:20,460
Yes, the destination to be the win.

43
00:02:24,150 --> 00:02:24,690
Address.

44
00:02:25,790 --> 00:02:30,860
It's when we hit the Wynn address in our browser from our Kelly Linux box, this is what should happen.

45
00:02:31,820 --> 00:02:35,110
Destination port range should be from HTP to HDB.

46
00:02:35,150 --> 00:02:41,380
You want to keep the protocol the same, but the target IP, it's going to be different, right?

47
00:02:42,140 --> 00:02:45,050
It's going to be 10 dot 100.

48
00:02:45,050 --> 00:02:49,550
That's 091 and then the redirected target port.

49
00:02:50,360 --> 00:02:51,080
You go to other.

50
00:02:54,020 --> 00:02:55,850
And we're going to change this to.

51
00:02:57,340 --> 00:02:57,940
Three thousand.

52
00:03:00,110 --> 00:03:01,340
We're going to redirect that port.

53
00:03:02,570 --> 00:03:03,650
And what else here?

54
00:03:05,670 --> 00:03:08,190
We can leave everything else the way it is and we click save.

55
00:03:09,680 --> 00:03:12,710
And I can see we've got this rule here for the wind interface TCP.

56
00:03:13,660 --> 00:03:19,750
The address, the union address saying we hit that destination, so any sauce packet coming to the destination

57
00:03:19,750 --> 00:03:21,550
of our winter dress on Port 80.

58
00:03:22,570 --> 00:03:29,320
Do some that magic and translated to this port, which is our dockery's to container oost you shopping

59
00:03:29,320 --> 00:03:30,340
on this internal port.

60
00:03:30,940 --> 00:03:31,520
Does that make sense?

61
00:03:31,900 --> 00:03:32,940
So hopefully that makes sense.

62
00:03:34,060 --> 00:03:35,290
We're going to click apply changes.

63
00:03:36,350 --> 00:03:40,130
And you can see that this little thing is green, if you mouse over it, you can see disabled shows

64
00:03:40,130 --> 00:03:43,240
up, so it is enabled and the changes have been successfully applied.

65
00:03:43,460 --> 00:03:44,060
Very cool.

66
00:03:44,480 --> 00:03:50,990
So now what we should be able to do is hit this IP from Kelly control alt to escape.

67
00:03:52,490 --> 00:03:53,210
Let's put this guy up.

68
00:03:53,210 --> 00:03:53,770
Let's go to Kelly.

69
00:03:53,780 --> 00:03:54,650
Let's go to Kelly, guys.

70
00:03:55,100 --> 00:03:56,660
And Kelly is on that.

71
00:03:57,020 --> 00:03:57,310
Right.

72
00:03:57,380 --> 00:03:59,710
That's how we're emulating the public network.

73
00:03:59,720 --> 00:04:04,550
We're just putting it on our net network, which in reality is just my home Internet network.

74
00:04:04,550 --> 00:04:04,880
Right.

75
00:04:05,150 --> 00:04:06,290
Something real special about it.

76
00:04:07,290 --> 00:04:12,350
But I'm treating this as a hostile environment, the hostile Internet, the big bad Internets.

77
00:04:12,930 --> 00:04:13,800
All right, we've got Kelly.

78
00:04:13,800 --> 00:04:15,330
We're going to log on with Kelly Kelly.

79
00:04:16,280 --> 00:04:21,090
It's just before kids need help setting up Kelly, check up at our earlier videos on doing that.

80
00:04:21,400 --> 00:04:22,840
Now, we are good to go.

81
00:04:23,160 --> 00:04:24,660
Let's just make sure we can hit that interface.

82
00:04:24,670 --> 00:04:26,670
We're going to go to our Web browser.

83
00:04:26,970 --> 00:04:30,790
And, of course, we need the wind interface IP to control, to escape.

84
00:04:31,350 --> 00:04:33,720
Let's go to this a couple of ways.

85
00:04:33,720 --> 00:04:34,310
We can get that.

86
00:04:34,680 --> 00:04:38,340
Let's do it PC one and see if we can get it from.

87
00:04:39,550 --> 00:04:40,120
Gulabi.

88
00:04:41,740 --> 00:04:42,340
Despard.

89
00:04:44,680 --> 00:04:49,030
Scroll down one entity, one six eight zero dot 146.

90
00:04:49,420 --> 00:04:54,790
All right, so back to Kawi one 91 68 zero one 46 teashop.

91
00:04:55,720 --> 00:04:58,810
You see, I didn't even have to put in 3000 automatically forwarded it.

92
00:04:59,280 --> 00:05:03,460
And one last thing we're going to do just to take this up one more notch, just to make it that much

93
00:05:03,460 --> 00:05:04,450
more realistic, guys.

94
00:05:05,450 --> 00:05:15,620
If I'm going to go to her house file that Kawi, I am going to type in one to 168, that zero, that

95
00:05:15,620 --> 00:05:18,350
146 and I'm actually going to put in.

96
00:05:19,630 --> 00:05:27,760
The domain I wanted to map to something juice, that carbon like dotcom, what it does is

97
00:05:30,730 --> 00:05:31,190
host.

98
00:05:32,400 --> 00:05:37,650
Yeah, what this does is that when I type in juice, that carbon buy.com in my browser, it's not going

99
00:05:37,650 --> 00:05:38,970
to go out to the Internet first.

100
00:05:38,970 --> 00:05:42,260
It's going to check the host file to see what IP maps of this domain.

101
00:05:42,720 --> 00:05:46,560
And, hey, it's going to say, oh, the IP is one only two one six eight zero one forty six, which

102
00:05:46,560 --> 00:05:51,150
happens to be the public address ever open since router, which is really our private address.

103
00:05:51,150 --> 00:05:52,700
But we're not telling anybody about that.

104
00:05:53,460 --> 00:05:57,090
And then it's going to put forward into Jaisha from Port 80 to 3000.

105
00:05:57,300 --> 00:05:58,670
There's a lot of cool magic happening here.

106
00:05:58,680 --> 00:05:58,980
So watch.

107
00:05:58,980 --> 00:06:00,530
This is going to work.

108
00:06:00,750 --> 00:06:01,320
Is it going to work?

109
00:06:02,430 --> 00:06:03,690
Is it going to work?

110
00:06:03,840 --> 00:06:04,370
Look at that.

111
00:06:05,040 --> 00:06:05,940
Isn't that beautiful?

112
00:06:06,300 --> 00:06:08,040
So now we can actually hit berp against this.

113
00:06:08,040 --> 00:06:11,160
We can hit a WASP zap, we can EMAP, we can hit McDo.

114
00:06:11,460 --> 00:06:16,920
I mean, we can just just attack this web app like crazy and learn so much.

115
00:06:17,370 --> 00:06:18,060
It's going to be great.

116
00:06:18,200 --> 00:06:20,280
Okay, so we are at a really good place.

117
00:06:20,800 --> 00:06:25,560
What we're going to do now is in the next election we are going to install the endpoint with this voter

118
00:06:26,280 --> 00:06:32,280
and set it up as far as we can and then we will go ahead and end up setting up a small enterprise.

119
00:06:32,790 --> 00:06:34,740
So I'll see you guys in the next lecture by.