1
00:00:00,990 --> 00:00:07,240
In the previous lesson, we have seen how to clone very framework from GitHub dot com.

2
00:00:07,500 --> 00:00:16,610
Right then we have seen how to download all of the dependencies or should I say prerequisites of using

3
00:00:16,620 --> 00:00:18,430
a setup dot S.H. Fine.

4
00:00:19,440 --> 00:00:25,830
Now, in this lesson, we will see how we can use Will to create an undetectable backdoor.

5
00:00:26,280 --> 00:00:27,760
So let's see how to do that.

6
00:00:28,710 --> 00:00:37,050
So first of all, let's navigate to the Hoppity folder or stands for optional softwares, because I

7
00:00:37,050 --> 00:00:40,110
have moved my vill directory to this folder.

8
00:00:44,010 --> 00:00:50,730
Now, if you do else, you will find this flight, which is very good bye.

9
00:00:51,060 --> 00:00:53,400
OK, so let's run it.

10
00:00:59,140 --> 00:01:06,400
Now it says the framework loaded and it mentions two tools loaded.

11
00:01:06,550 --> 00:01:11,250
OK, so the first one is evasion and the second one is ordnance.

12
00:01:11,920 --> 00:01:17,930
So we will going to use the first option, which is evasion, to create an undetectable backdoor.

13
00:01:18,160 --> 00:01:18,530
Right.

14
00:01:19,300 --> 00:01:25,820
And the second one, you can assume this option as a helpful tool for the first one.

15
00:01:26,500 --> 00:01:32,140
And what I mean by that, Halbertal, is like it will create payloads.

16
00:01:32,150 --> 00:01:37,840
So payload is a cord inside our back door, which do evil things.

17
00:01:38,090 --> 00:01:38,450
Right.

18
00:01:39,070 --> 00:01:43,170
So to do all of the evil things we are going to use up in order.

19
00:01:43,840 --> 00:01:44,200
Right.

20
00:01:44,800 --> 00:01:47,020
And here are some available commands.

21
00:01:47,980 --> 00:01:57,580
So except simply exit will then inform information on a specific tool, then list to list of all available

22
00:01:57,580 --> 00:01:58,070
tools.

23
00:01:58,210 --> 00:02:02,960
Then there is options to ensure vill configuration, then update.

24
00:02:03,490 --> 00:02:09,490
So you guys, it is a very important option before creating any backdoor.

25
00:02:09,730 --> 00:02:17,830
Make sure you run update command in order to update the framework, because all of the antibodies programs

26
00:02:17,830 --> 00:02:20,080
update every second.

27
00:02:20,320 --> 00:02:20,650
Right.

28
00:02:20,650 --> 00:02:22,710
Update their database every second.

29
00:02:23,170 --> 00:02:23,490
Right.

30
00:02:23,770 --> 00:02:30,510
So it is important to update you on a feel in order to create an undetectable backdoor or should I say

31
00:02:30,580 --> 00:02:31,270
malware.

32
00:02:31,480 --> 00:02:31,830
Right.

33
00:02:33,790 --> 00:02:37,680
Then there is not going to be safe use to use a specific tool.

34
00:02:37,870 --> 00:02:38,160
Right.

35
00:02:38,530 --> 00:02:40,420
So first of all, let's do list.

36
00:02:40,750 --> 00:02:41,980
And we have two options.

37
00:02:42,220 --> 00:02:44,020
So let's use first one.

38
00:02:45,680 --> 00:02:53,500
Now, it seems there are a couple of 41 payloads loaded, right, so let's check them out.

39
00:02:54,900 --> 00:02:57,930
Now, here you see all of them, right?

40
00:02:59,520 --> 00:03:03,460
So first of all, let's understand this, what it means.

41
00:03:03,510 --> 00:03:06,840
OK, so these are generally divided into three parts.

42
00:03:07,230 --> 00:03:12,280
OK, so the first one, this one is the programming language.

43
00:03:12,300 --> 00:03:19,980
OK, so it's going to use C programming language to, let's say, wrap up our payload.

44
00:03:20,190 --> 00:03:20,680
OK.

45
00:03:21,210 --> 00:03:25,410
It's like giving a gift by wrapping up it.

46
00:03:25,680 --> 00:03:29,360
OK, so that the person doesn't know that what's inside it.

47
00:03:29,790 --> 00:03:35,850
So this is the programming language which we are going to use to wrap on our payload.

48
00:03:36,700 --> 00:03:39,600
OK, so this is C programming language.

49
00:03:39,610 --> 00:03:44,800
Then there is go then there is other like Burning Power, Shell, et cetera.

50
00:03:45,300 --> 00:03:45,660
Right.

51
00:03:46,230 --> 00:03:47,940
So let's understand this one.

52
00:03:49,140 --> 00:03:54,360
So the first one is the programming language which help us to wrap up our payload.

53
00:03:54,720 --> 00:03:59,150
OK, so this is the programming language which our target system understand.

54
00:04:00,000 --> 00:04:01,440
Then there is mitigator.

55
00:04:02,040 --> 00:04:11,430
It is up payload, which makes using my desperate framework right now, my husband is a huge database

56
00:04:12,450 --> 00:04:14,870
which is helpful for testing purpose.

57
00:04:15,480 --> 00:04:15,800
Right.

58
00:04:16,800 --> 00:04:18,700
I already told you about just float.

59
00:04:19,860 --> 00:04:26,940
Now there is real, real chance for reverse and then there is Esther.

60
00:04:27,600 --> 00:04:28,260
Not quite.

61
00:04:28,260 --> 00:04:30,770
So it is a protocol which we are going to use.

62
00:04:31,140 --> 00:04:31,500
Right.

63
00:04:31,860 --> 00:04:40,890
So what we are actually doing is we are inserting this payload inside our target system so that then

64
00:04:41,310 --> 00:04:48,720
our target run discord then are made to try to establish a connection back to our PC.

65
00:04:49,050 --> 00:04:49,380
Right.

66
00:04:49,590 --> 00:04:53,550
So in this case, we are not going to connect to our target.

67
00:04:53,670 --> 00:04:56,980
Instead, our target is going to connect to us.

68
00:04:57,720 --> 00:05:03,690
So this way, it will be very helpful to bypass so many securities out there.

69
00:05:04,360 --> 00:05:11,300
OK, because we are not targeting our target is our target wants to connect to our system.

70
00:05:12,150 --> 00:05:19,800
So it's easy for us to not get detected by antivirus or firewalls or defriended, et cetera.

71
00:05:20,260 --> 00:05:23,160
OK, so let's see how to use it.

72
00:05:24,960 --> 00:05:30,870
So let's say we would try this option.

73
00:05:31,830 --> 00:05:40,600
OK, we go programming language and is the payload and it should be s OK, so let's use it.

74
00:05:41,340 --> 00:05:44,130
So use its number is 15.

75
00:05:46,690 --> 00:05:54,010
OK, so it says this these are the options which are available to be used without a back door.

76
00:05:54,080 --> 00:05:57,980
OK, we can modify all of these if we want.

77
00:05:58,510 --> 00:05:58,940
OK.

78
00:05:59,890 --> 00:06:05,140
The more option you modify it, the more secure your back door will be.

79
00:06:05,380 --> 00:06:09,370
OK, secure means not get detected by antivirus programs.

80
00:06:11,140 --> 00:06:13,780
So let's configure some of these.

81
00:06:14,050 --> 00:06:17,400
So this one is important, which is localhost.

82
00:06:17,670 --> 00:06:19,660
OK, so let's configure it.

83
00:06:20,380 --> 00:06:24,400
So use command set and then I'll host.

84
00:06:27,550 --> 00:06:29,870
Then the IP of our gone.

85
00:06:30,490 --> 00:06:33,850
So let me open a new terminal and lift tickets IP.

86
00:06:35,560 --> 00:06:39,260
OK, so standard zero.

87
00:06:39,280 --> 00:06:40,940
Door to door 15.

88
00:06:41,560 --> 00:06:50,080
OK, now let's do one more thing and let's configure the local port, which is said to 80.

89
00:06:50,350 --> 00:06:58,810
Now, 80 is a good port, but I have Apache Web server running on this virtual machine and it's using

90
00:06:58,860 --> 00:06:59,470
or no.

91
00:07:00,310 --> 00:07:03,180
So all it is busy right now.

92
00:07:03,340 --> 00:07:09,830
So let's the use of one other port, let's say 88.

93
00:07:10,060 --> 00:07:16,310
OK, this port also used for connecting purpose, like using your browser in order to connect the website.

94
00:07:16,890 --> 00:07:17,200
Right.

95
00:07:18,340 --> 00:07:28,110
So when a member gets executed, the system thinks that it will going to connect to to a secure website.

96
00:07:28,600 --> 00:07:28,950
Right.

97
00:07:29,230 --> 00:07:31,080
Because it's using board number eighty.

98
00:07:31,090 --> 00:07:31,450
Eighty.

99
00:07:33,250 --> 00:07:34,420
So hit enter.

100
00:07:35,490 --> 00:07:44,130
Done now to generate a back door, simply type generate and enter, and that's how you can create a

101
00:07:44,130 --> 00:07:45,440
backboard using vill.

102
00:07:46,050 --> 00:07:48,490
But there is a problem with this.

103
00:07:49,380 --> 00:07:57,720
We have configured a general backdoor, which there are chances that it gets caught by antivirus programs

104
00:07:57,720 --> 00:07:58,440
out there.

105
00:07:58,710 --> 00:07:59,120
Right.

106
00:08:00,600 --> 00:08:06,630
So we can do some more things, which I will show you in the next lesson.