Time
1 hour 41 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:00
Hey, guys, welcome back to the cyber kilt. In course of savage Ready, This is after running name and today's episode we're going to cover
00:08
delivery.
00:10
So we went through the constance. We gathered as much information as we can, and I know I bored you with this. However, reconnaissance is an extremely important phase. We're going to use the information that we learned from reconnaissance and delivery because we want to create a successful social engineering attack
00:28
or if we're going to use an open FTP. That's something that we would have learned about
00:34
doing reconnaissance. A new organization we covered,
00:39
creating the payload using Unicorn Enemy destroyed. And now we move to delivery.
00:44
So in delivery, our goal is to send the malicious payload that we created
00:50
and
00:51
organization
00:52
to the victim's side. This can be in multiple ways. The 1st 1 is open. Service is if you're lucky enough
01:00
and the company or the target that you're trying to attack has an open service. That would be
01:06
a lot easier because
01:08
you can deliver the payload through that open service so that say they have an open FTP port, allows anonymous connection and give you some privileges you can go ahead and deliver the
01:23
A payload using that open service.
01:27
The other one is social engineering and social engineering is extremely popular
01:32
and might be, ah,
01:34
one of the most skills or one of the most tools used to be able to deliver a payload, or
01:44
at least fish. Some information back from the
01:47
ah tak it roar from the target. I'm sorry the last thing is over. The last method is can be physical. As we said, attacks are no only technical, they can be physical,
02:00
and that's something that I've seen before. A USB is dropped in the parking lot or in the lobby or something like that. It would have something like
02:09
a tag that says
02:13
Compensation 2019 or something like that. Ah, lot of people would find this interesting and
02:20
disconnected
02:22
to the work
02:23
workstations.
02:25
Andi, I can. Then the payload in the USB will ah
02:32
be delivered to the network using that
02:37
Yes, yes, the connection or the user
02:40
that is not really vigilant. That connected that you speak to the work work station
02:47
and there is a lot of popular or extremely popular examples of something like this happening so in today's episode we're going to cover is the social engine torque it, and it's a fairly simple tool. We're not actually doing a We're not actually sending the e mail or something, but we're going to go
03:07
through the social engine torque it. I'm going to leave.
03:09
A link to some of the resource is that has to do a social dealing took it.
03:15
It comes a built in and Callie Lennox, So you just have
03:21
two.
03:23
Open it
03:23
and it's one of the easiest tools that you will ever
03:28
use.
03:30
So that's the social engineering tool. Kit
03:35
was created by a trusted sec, which is the same Ah,
03:40
guys that created
03:44
Unicorn.
03:45
It gives you a number of off, ah,
03:49
of options.
03:51
So the 1st 1 is a social drinker attack. We're gonna get into it in a minute. There's penetration testing. This is not
03:59
usually used a lot
04:02
for penetration testing. They have a number of third party models,
04:06
and then
04:09
you can update and so on hold because I got the, uh,
04:14
calendar. It's built in
04:16
Ah, social drink. Took it. I can. When I travel, I obeyed my calendar. Next, this is automatically updated with it on. Obviously, I did not need to do my homework. I did not upgrade Michael Alex in a while.
04:30
So let's go into social engineering. Get tax
04:33
and again. As I said, this is fairly simple tool. You can't play spear phishing attacks from here.
04:41
Basically, you can't form a mass email attack. You can create a file format attack assertion, gene template
04:48
and then we go back website Attack Victor's. And that's extremely popular as well, where you create a website that has a payload and then use another tool with a decision. Took it to send an email. Ah, that has a forced Oh, a false link that would send
05:09
the victim to one. Do the work site that you created.
05:14
Ah, there's a lot of ah
05:17
off features here. Mass A. Miller is one of them. You can create
05:23
a a mass email attack. Not going to do that.
05:29
So let's go back or sang a single human as well.
05:31
Ah, there is also a semi us spoofing, but you need a web service to do that. Obviously. Well, access point is another one. If you if the attacker is doing a physical attack. Hey, can proof a wells Ah, access point using the stool and then, uh,
05:51
maybe one off the employees within the company with connectors.
05:57
Oh, the target. I'm sorry. I'm assuming it's a company. And the target would, uh,
06:03
would, uh, connect to his access point on the rogue access point
06:08
on dhe. The attacker will be able to deliver
06:11
the payload that way.
06:14
So, uh,
06:16
that's the source Engine took it. As I said, I'm going to leave a number of documents.
06:20
Uh, an hour in the resource is page. That would go. Moreover, search engine torque it on the capabilities off. Social engineer took it.
06:31
So
06:33
what is the purpose of the delivery faves?
06:38
So the delivery, what we do in the delivery fee is our main purpose or goal of the delivery place is to deliver our payload to the other side to the target off
06:47
the attack.
06:49
There are multiple ways of doing it. It can be using all the service's social engineering or even physical
06:57
through our force. Reconnaissance faces normally not used during the delivery face.
07:02
And as you noticed,
07:04
in delivery and in weaponization. I've talked about a lot about reconnaissance
07:11
because if he did collect reconnaissance, you will know what kind of interest do the system admin has? What kind of interest is the CEO has with CFO as, and then you can create
07:24
a fairly successful social engineering attack or campaign that would trick them into hopping. You deliver your payload.
07:34
Finally, social gene can only be used to get the FTP servers passwords in order to upload the payload.
07:42
So that's one way to use social engineering is, Ah,
07:47
get them to put in the reason and create a website using social engineering toolkit. Clue No upside that looks like that FTP server and let them put him there using the password. Then use this username and password. Don't directly P server. However, that's not the only way out there.
08:05
As I said, social dealing, you can,
08:07
uh, let them click on the link. The link would send them to a a page or a fake page that would automatically download orders told your payload on their machines.
08:18
So in today's episode, we covered delivery pays on. We talked a little bit about destruction. Janine took it. In the next episode, we go to exploitation on installation. The next episode is where the hacking begin.
08:33
See you then

Up Next

Cybersecurity Kill Chain™

A practical take on Lockheed Martin Cyber Kill Chain™, The course simulates an example target attack following the 7 phases of the Cyber Kill Chain™.

Instructed By

Instructor Profile Image
Abdulrahman Alnaim
Security Operations Manager
Instructor