Time
49 minutes
Difficulty
Intermediate
CEU/CPE
1

Video Transcription

00:01
Hi, everyone. Welcome back to the course. So in the last video, we talked briefly about what viruses warms in Trojans are some of the differences between those
00:09
in this video We're gonna start our lab, so we'll start off here with a very simple attack rushing to do the attack on ourselves. Well, not for real, but we'll do it inside of the savory lab environment. And then after this video, we're gonna move into Dave's hands on demonstration. So how he'll have a brief introduction to his labs, and then we'll move into actually doing his labs in the next couple of videos.
00:29
So let's go ahead and get started. I've gotta step by step guide here. Just make sure you download that. As usual in the supplement of resource is section.
00:35
First thing we need to do is make sure we're loved into the cyber, a website which you should be If you're watching this course and then once you come into the search box here, just type in C E. H.
00:45
Won't you search for that? You're gonna be looking for the certified ethical hacker and ch in parentheses. So that's the one we're gonna be looking for by practice laps. Let's go ahead and click on that
00:55
and then click the launch button
00:56
and you're gonna have one more button click. You can click this launch item button here.
01:00
Now that is actually gonna launch the lab environment for us. So it takes a second or so to pull up here.
01:06
The next thing we want to do is we want to look for the performing malware attacks lap. So you'll see we have several Absa choose from here, but we want to select this performing Mtwara Tax Lab right here
01:17
it is about 1/4 of the way down the page or so
01:19
once you click on that, just click on the start button here. That's actually gonna go ahead and generate the lab environment where we'll see our virtual machines.
01:27
Now we need to turn on a virtual machines. Normally the server one, this top one here will turn on automatically, but the rest of them usually have to do manually. So the way we do that, we just go ahead and hover our mouths over top of each one and select this power on options.
01:42
So, just like that, just make sure you cook the ploughed power on now, it's gonna take a few minutes or so for these to boot all the way up. I'm gonna pause the video briefly, and once they're fully booted up on my side, we'll go ahead and continue with lap.
01:55
All right, so you'll see that my machines are fully booted up. Now, if yours are still booting up, go ahead. Just pause the video and wait in two years or all the way up, and you should see all of them showing this green button here that says on
02:07
Now, if you're not already on the windows 10 machines So if you're not on the P lab, win 10 machines, go ahead and click on that and bring up that particular machine on urine.
02:15
And now we're gonna go back to our lab document here.
02:19
So we've gone ahead and start up all our virtual machines. We've selected the P lab when Tanner, our Windows 10 machine. Now we're gonna click the right click on the task bar and then just open the task manager.
02:29
So let's go and do that. Now. We're just gonna right click down here the test far and select task manager.
02:35
Now, once we've opened that up, I'm just gonna move this over here because some other things were gonna be doing this lab. I want to be able to actually see what's going on here in the task manager. But go ahead and click on this performance tab next.
02:46
Now, what you'll notice is that we're not using a whole lot of the CPU right here, right? You know, it's kind of varying. Excuse me. Varying between 15 maybe 20% or so, but not a whole lot of CPU usage
02:57
and same with memory were about, you know, anywhere from 18. It sometimes goes up to 25% or so, but again, not a whole lot of memories in use.
03:05
All right, let's go back to our lab doctor in to see what else we need to do here.
03:09
So now what we're gonna do is we're gonna basically create what's called a fork a bomb. We're gonna create a short little commanders out of a note pad document and then actually execute the file. And all this is really going to do is create a loop. So it's creating a loop of opening a process and what that's gonna do is eat up. The resource is on this particular machine. Or at least it should. In theory, and it
03:29
we'll be able to see that change inside of the task manager.
03:31
Now, this is not sophisticated or anything like super cool or anything like that. But it does give you a foundational understanding of how you can attack a system. Now, of course, when we go into Dave's labs and we talk about ransomware and stuff like that with the wannacry example, that's a little more sophisticated. But we're kind of giving you those baby steps first,
03:50
and then we're moving to the more advanced. Now we're
03:53
review.
03:53
All right, so it's going to go ahead and get started here. We're just gonna open a note pad document. So we're just gonna right click on the start menu at the bottom right here,
04:00
select the search option,
04:02
and then just type no pad in the search and go ahead and click on it.
04:06
Now you'll see her in the lab document. This is gonna be the number zero. These air, not capital, owes these air zero, So we're gonna be putting a percentage sign zero we're gonna pipe that to a percentage sign and zero. So let's go ahead and do that now.
04:18
So percentage sign zero will pipe that again. 2% of signing and zero.
04:26
All right. Once we entered that in there, we're just gonna go ahead and save this files. If you come down here to step 16
04:30
we're just gonna go to file on safe house.
04:32
And then once we do file, save as we want to select the desktop on the left side here. So be just a second. There we go. I just like desktop there. Now, we're gonna name this file for Tom. They sees me for bomb dot d a t. So, basically a batch files over creating here.
04:50
Now, again, um,
04:53
this is gonna be something that your traditional antivirus rent and Mel were solutions you pick up there if it's finding, have normal batch files. But for our purposes, we're inside of a virtual environment here in the cyber allows, and so it should work without any issues. It'll all right? So once we taught that in and we've named a foot bomb dot bat, we're just gonna click save there
05:14
and we can go ahead. Just X out of that. Now you'll see the file there in the background. So all we have to do if you go back to our lab document here is we're just gonna now, right, click
05:21
on the file and then select open
05:25
what that's gonna do. Once we do that is it's gonna open up a command prompt window and we're gonna take a look and see our performance. So that's what I want you to pay attention to. Look at the CPU usage and that's what we want to know For Question number one in the lab document here Doesn't CPU usage go up? So just keep an eye on that as we actually run this attack
05:44
and we'll see what happens.
05:46
So as I mentioned, it's gonna open a command prompt window. You're also gonna see an Air ministers popping up and you could basically click okay to that is gonna keep popping up. But again, as it's doing that, I just take a look at the CPU usage and see if it goes up at all.
06:00
All right, so just right, click and select open and you'll see in a moment or so it'll open that command prompt window for you. Wanna move mine down just a little bit so I can keep an eye on the CPU usage and you'll see there in the background. My CPU usage has gone up to almost 100%. It was about 99%. And if we just click this error message here and keep hitting, okay,
06:17
you'll see the eventually CPUC starts to drop because a gambler is opening a process here,
06:24
and then it spikes back up again.
06:26
But you get the general idea. The goal here is a denial of service, a type of attack where we take up the rear.

Up Next

Malware Threats

This malware analysis training course covers basic information about things like viruses, worms, Trojans, ransomware, and more.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor
Instructor Profile Image
Dave Kupratis
Instructor