1
00:00:00,480 --> 00:00:06,480
We were writing in an order that Darknet executables in memory and we executed.

2
00:00:08,780 --> 00:00:09,490
This is all to see.

3
00:00:09,500 --> 00:00:11,120
The calendar to see.

4
00:00:12,770 --> 00:00:16,940
And here you can see the finances of this man raised on this own cable.

5
00:00:17,720 --> 00:00:19,340
And if you want to

6
00:00:21,920 --> 00:00:30,470
transfer to this machinery to the machine, uh, or you can also do like you can transfer this loader

7
00:00:30,860 --> 00:00:38,660
and you can horsepower grinder and this will automatically fetch from the portal and that is executed.

8
00:00:38,960 --> 00:00:44,480
So first, let's see how to load the assemblies, botnet assemblies from the.

9
00:00:45,170 --> 00:00:48,530
So let me create the simple function.

10
00:00:51,730 --> 00:00:54,850
Learned from fight.

11
00:00:56,620 --> 00:00:58,960
And this takes the spring file park.

12
00:01:01,210 --> 00:01:03,820
And we'll be using the system that reflection.

13
00:01:03,820 --> 00:01:13,180
So the reflection is like reading the metadata of the assembly itself so we can see as assembly.

14
00:01:14,540 --> 00:01:15,290
Dot Road.

15
00:01:15,890 --> 00:01:16,760
So here we can see.

16
00:01:16,760 --> 00:01:21,170
We have also learned a lot from using roadside.

17
00:01:22,810 --> 00:01:28,000
And the string part that inspired part and written by piece assembly object.

18
00:01:34,760 --> 00:01:39,230
So we cannot execute this assembly, but in true point.

19
00:01:39,630 --> 00:01:44,080
So the central point is the main function in our doctor and assemblies and that.

20
00:01:44,900 --> 00:01:52,820
And the first parameter is you need to if you want to create an instance of this class, you can create

21
00:01:52,820 --> 00:01:55,320
that and you can pass that into this.

22
00:01:56,040 --> 00:02:03,950
For now, let's just say null and the parameters we are going to pass is the object array of string.

23
00:02:04,670 --> 00:02:08,330
So we will be creating a string error, new arguments.

24
00:02:09,860 --> 00:02:12,590
So here we can pass our arguments.

25
00:02:16,030 --> 00:02:18,370
Gamma new object area.

26
00:02:20,580 --> 00:02:21,220
Of new.

27
00:02:22,530 --> 00:02:23,490
So this is my.

28
00:02:26,040 --> 00:02:26,660
Springer.

29
00:02:27,000 --> 00:02:28,110
That is argumentative.

30
00:02:28,290 --> 00:02:30,810
That is the object.

31
00:02:32,460 --> 00:02:40,920
So at this point, uh, we cannot be past the final part and that executable gets executed.

32
00:02:41,700 --> 00:02:43,170
So we can say program.

33
00:02:47,500 --> 00:02:50,590
We can't be that low profile.

34
00:02:50,710 --> 00:02:52,630
So here we need to pass the fight.

35
00:02:55,090 --> 00:02:56,910
And we created another, uh.

36
00:02:58,150 --> 00:02:58,600
Program.

37
00:02:58,600 --> 00:02:59,870
That is my sandbox.

38
00:03:00,490 --> 00:03:01,810
So you on this one?

39
00:03:03,190 --> 00:03:05,320
And it's that message box.

40
00:03:08,880 --> 00:03:12,290
So hard shifting rhetoric on this and cops.

41
00:03:12,300 --> 00:03:12,600
But.

42
00:03:24,300 --> 00:03:27,000
And after that, what we can do is begin to come.

43
00:03:30,370 --> 00:03:33,260
But as anything to.

44
00:03:34,300 --> 00:03:34,930
Continue.

45
00:03:36,190 --> 00:03:37,540
So let's go and run this one.

46
00:03:39,580 --> 00:03:44,150
And now we can see our dot net has been loaded and successfully neutered.

47
00:03:44,530 --> 00:03:46,730
One thing you can notice is, uh.

48
00:03:47,870 --> 00:03:54,950
The program execution has transferred from this location over to this invoke.

49
00:03:55,520 --> 00:03:58,920
And we're going to undertake the uh.

50
00:04:00,000 --> 00:04:00,380
Okay.

51
00:04:00,390 --> 00:04:01,840
Button on the button.

52
00:04:01,890 --> 00:04:04,260
The execution continues.

53
00:04:05,280 --> 00:04:12,420
So see anything to continue so we can press any key to exit the program.

54
00:04:13,590 --> 00:04:20,070
So if you want to execute some other code along with our binary, what we can do is we can create a

55
00:04:20,070 --> 00:04:20,730
new thread.

56
00:04:21,360 --> 00:04:25,200
So we can set thread basically a tradeoff.

57
00:04:26,370 --> 00:04:37,770
So here we can say, uh, lambda expression, and now we can copy these two lines over here and put

58
00:04:37,770 --> 00:04:38,390
this in your column.

59
00:04:38,700 --> 00:04:45,060
So this will create a new thread and the thread will execute this code and we can considered to be that

60
00:04:45,080 --> 00:04:45,420
start.

61
00:04:46,320 --> 00:04:48,780
So you need to join.

62
00:04:48,840 --> 00:04:54,600
So if you set it up, join the main thread suspense until the street gets computer.

63
00:04:55,620 --> 00:05:00,120
So it's similar to what we have done previously.

64
00:05:00,960 --> 00:05:05,010
So what you can see we did not get the press anything to continue.

65
00:05:05,520 --> 00:05:07,320
Now let's go and comment this one.

66
00:05:07,680 --> 00:05:10,920
So this thread was probably our main thread.

67
00:05:11,910 --> 00:05:12,780
So let's run this.

68
00:05:13,080 --> 00:05:15,390
And here you can see our nationalism.

69
00:05:15,390 --> 00:05:15,600
Yeah.

70
00:05:15,600 --> 00:05:16,290
That you could read.

71
00:05:16,620 --> 00:05:17,430
And in this.

72
00:05:19,470 --> 00:05:23,130
Apparently our main thread has been continued.

73
00:05:24,930 --> 00:05:30,840
So I cannot press anything to continue until my this has been stopped.

74
00:05:35,060 --> 00:05:43,090
So now what we're going to do is we're going to write another function that is public void lowered from

75
00:05:43,760 --> 00:05:44,330
you are.

76
00:05:46,370 --> 00:05:50,750
So this will take the parameter string that is that you order.

77
00:05:51,530 --> 00:05:54,350
And when we're using a system that network.

78
00:05:54,530 --> 00:06:03,200
So if you run the PowerShell download function to download anything from PowerShell from the machine,

79
00:06:04,040 --> 00:06:09,280
you can say you are using system that dot that download string.

80
00:06:09,590 --> 00:06:12,800
So the same dot net class we'll be using here.

81
00:06:13,880 --> 00:06:14,570
So web.

82
00:06:17,870 --> 00:06:23,930
Client WB the risks you cost to new web client and they will be that.

83
00:06:25,780 --> 00:06:26,600
Let me see that.

84
00:06:26,920 --> 00:06:28,510
And here you can see a downward strain.

85
00:06:28,510 --> 00:06:29,980
So these were downward.

86
00:06:30,340 --> 00:06:34,090
And if you have this partial in rock expression, you can barely pass that.

87
00:06:34,660 --> 00:06:36,370
Otherwise you can see downward data.

88
00:06:36,370 --> 00:06:41,090
So this will download the data from the you are and this will.

89
00:06:41,140 --> 00:06:42,620
But it is brighter.

90
00:06:42,910 --> 00:06:44,230
So we can by.

91
00:06:46,000 --> 00:06:49,180
File content is equal to this one.

92
00:06:49,780 --> 00:06:54,130
So we have the matter that we can simply.

93
00:06:55,680 --> 00:06:57,420
Uh, use the load function.

94
00:06:57,810 --> 00:06:59,370
Read this file content.

95
00:07:08,450 --> 00:07:09,610
So we're going to get some print.

96
00:07:09,690 --> 00:07:10,520
Copy this one.

97
00:07:12,920 --> 00:07:13,670
Year to year.

98
00:07:18,010 --> 00:07:22,600
So let me comment this one regarding Sir Peter Lord from.

99
00:07:25,380 --> 00:07:26,220
You are in love.

100
00:07:32,010 --> 00:07:34,830
So let's go and bring our server.

101
00:07:51,340 --> 00:07:56,380
So I'd say it's GDP, 8000 slash.

102
00:07:58,970 --> 00:08:03,000
Message box the one that the see.

103
00:08:06,490 --> 00:08:07,720
So they should do fine.

104
00:08:11,250 --> 00:08:12,570
So let's go and run this one.

105
00:08:13,080 --> 00:08:22,010
And here we can see the request from the machine to the message box to the model to exit.

106
00:08:23,100 --> 00:08:25,500
So it's our same box.

107
00:08:26,220 --> 00:08:27,660
So the IP addresses the same.

108
00:08:29,780 --> 00:08:33,080
So you can see now we can continue the program.

109
00:08:34,400 --> 00:08:37,850
Now let's, uh, this is about the simple right now.

110
00:08:37,850 --> 00:08:40,700
Let's see the calendar to see.

111
00:09:03,490 --> 00:09:08,020
Because somebody is doing this to clean their dirty.

112
00:09:08,020 --> 00:09:16,000
And then what we need to do is we need to pass the commander in arguments because our silicone takes

113
00:09:16,000 --> 00:09:18,730
diaper, does put in the payload to serve a purpose.

114
00:09:18,850 --> 00:09:19,690
So we consider.

115
00:09:26,630 --> 00:09:27,410
So evident.

116
00:09:27,530 --> 00:09:31,250
I am running already the server.

117
00:09:33,530 --> 00:09:35,570
And the number is one, two, three, four.

118
00:09:37,340 --> 00:09:44,270
And the payroll server is the same IP address and you can just double it zero zero.

119
00:09:46,620 --> 00:09:48,210
So let's go and run this one.

120
00:09:51,220 --> 00:09:57,340
And if you're going to finish this and here you can see we've got that connection and we can also see

121
00:09:57,370 --> 00:10:03,280
our main thread gets continued regardless of our mood.

122
00:10:04,570 --> 00:10:06,850
So we can go and execute the comments.

123
00:10:14,610 --> 00:10:18,230
So tell us about this really are a pretty simple roadmap.

124
00:10:18,300 --> 00:10:23,670
So you can also experiment by removing this common data joint.

125
00:10:24,930 --> 00:10:32,970
So our main thread got suspended and we get that a new connection where you're going to execute the

126
00:10:32,970 --> 00:10:33,630
comments.

127
00:10:36,790 --> 00:10:46,570
So if you want to write any code, if you want to write something that should continue after our daughter

128
00:10:46,570 --> 00:10:53,440
doesn't like the can, you can simply comment commandeer this one rather than just simply just start

129
00:10:53,440 --> 00:10:53,860
the thread.

130
00:10:54,070 --> 00:10:55,990
So to run the parallel to the main thread.