1
00:00:00,840 --> 00:00:02,640
Hello and welcome back.

2
00:00:03,720 --> 00:00:12,360
In the next session, we are going to get started with reverse engineering Windows executable files

3
00:00:12,360 --> 00:00:13,110
using it.

4
00:00:14,370 --> 00:00:24,000
But before we go ahead and do that, first, we need to install Giurgiu on Windows.

5
00:00:25,650 --> 00:00:36,360
In the previous sessions, we already did installation of Ghidorah on Linux and we installed Linux in

6
00:00:37,140 --> 00:00:41,730
which the machine now in Windows.

7
00:00:41,730 --> 00:00:44,370
We should also use a virtual machine.

8
00:00:46,410 --> 00:00:50,400
So the technique for installing is exactly the same.

9
00:00:50,400 --> 00:01:00,210
As for the Linux installation, you should create a new widget machine inside of the Oracle virtual

10
00:01:00,210 --> 00:01:03,510
box and install your windows in there.

11
00:01:04,380 --> 00:01:14,580
However, the windows that you install could either be an important or VFR or you could install from

12
00:01:14,580 --> 00:01:16,950
the ISO images.

13
00:01:17,010 --> 00:01:23,710
So if you do not know where to get a copy of Windows, you can surf the Internet.

14
00:01:24,210 --> 00:01:29,780
There are many downloadable windows on the Internet.

15
00:01:30,600 --> 00:01:39,450
You could buy from eBay, for example, just head over to eBay and search for Windows seven and there

16
00:01:39,450 --> 00:01:40,140
are many there.

17
00:01:41,490 --> 00:01:53,850
So it is not a problem to get a copy of a genuine Windows seven from eBay cell or other sources.

18
00:02:02,930 --> 00:02:12,500
Now, it is very important to use which machine when you are doing reverse engineering, never do reverse

19
00:02:12,500 --> 00:02:15,710
engineering directly on the machine.

20
00:02:16,490 --> 00:02:24,080
On the left side here, when you download and install any kind of software, for example, the correct

21
00:02:24,080 --> 00:02:32,200
me or even a malware, for example, when you're doing reverse engineering and analysis for malware,

22
00:02:33,500 --> 00:02:39,260
if you don't have a washing machine, you install it directly on your host machine and that is very

23
00:02:39,260 --> 00:02:39,830
unsafe.

24
00:02:40,220 --> 00:02:45,530
And you do not know whether to send the correct me that you download safe.

25
00:02:46,370 --> 00:02:48,800
So always use the washing machine.

26
00:02:48,800 --> 00:02:56,090
The washing machine on the right hand side is depicted and shown as a sandbox.

27
00:02:56,540 --> 00:03:04,820
So sunglasses like a safety net where you can play and do anything you want with any kind of software

28
00:03:05,270 --> 00:03:11,870
without getting infected by viruses and Trojans or ransomware and so on.

29
00:03:12,650 --> 00:03:21,140
So always use a washing machine, install your CRANEY using your hacking tools or cracking tools inside

30
00:03:21,470 --> 00:03:22,820
the washing machine.

31
00:03:22,850 --> 00:03:23,240
So.

32
00:03:25,750 --> 00:03:34,420
The added benefit of which machine is that he likes a sandbox and you can easily reset its previous

33
00:03:34,450 --> 00:03:34,790
date.

34
00:03:35,350 --> 00:03:46,510
I explained this in Linux lectures where I show you how to restore the snapshots so we can use this

35
00:03:47,080 --> 00:03:55,900
ability to restore the earlier snapshots to undo any kind of changes which the software or the cranky

36
00:03:55,900 --> 00:03:57,790
or even malware has made.

37
00:03:57,850 --> 00:04:05,370
For example, writing the registry, installing files, altering operating system settings, tampering

38
00:04:05,370 --> 00:04:06,670
with files, etc..

39
00:04:07,780 --> 00:04:19,060
Also many reverse engineering tools and also malware or even Cagney's, which are not malware, can

40
00:04:19,060 --> 00:04:21,270
be tagged as malware.

41
00:04:21,970 --> 00:04:28,840
So sometimes you just do not know for sure whether correct me if you download is really a malware,

42
00:04:28,840 --> 00:04:31,350
not most likely.

43
00:04:31,360 --> 00:04:34,530
It is not a malware, but just false positive.

44
00:04:35,200 --> 00:04:39,170
But you get peace of mind, always use with your machine.

45
00:04:40,010 --> 00:04:45,340
So having said that, just go ahead now and install your voting machine.

46
00:04:45,730 --> 00:04:51,730
I'll show you how to install Ghidorah on Windows in the next few years.

47
00:04:52,300 --> 00:04:55,970
And after that, we can proceed with the reverse engineering.

48
00:04:56,680 --> 00:04:57,940
Thank you for watching.

49
00:04:57,970 --> 00:04:59,200
I'll see you in the next one.