Time
1 hour 41 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:01
Welcome back to the cyber Celtic course. This is other than the name and today we recover exploitation and insulation.
00:09
So
00:11
going back to the cyber guilty and we started with reconnaissance were we gathered as much information as we can about the target of the attack.
00:20
Then we decided doing reconnaissance
00:23
that we
00:26
we'll attack a wonders machine
00:31
and it seemed like
00:34
the best way to deliver this is through social engineering.
00:39
So we move to phase two organization and an organization. Now that we know that we're going to attack you Windows machine, We created a weapon using MSF venom and then we created another one just for the for, for to show you how to evade protection tools using unicorn.
00:58
And then we moved to delivery where a we we went through social doing, took it and sending an email using social Jing took it.
01:07
And now an exploitation.
01:10
So the assumption is were attacking owned this machine, the windows machine, the payload that we're going to share or going to send
01:19
ah will be delivered using a human weakness or human vulnerable to using a social engineering
01:26
technique
01:29
and to exploit that weakness and then move on to instigation. So today we're going to cover a face four and five cause in our example, that kind of integrated.
01:40
Okay, so an exploitation and I like to call the step that the hacking begin. A lot of people disagree, but
01:47
all this is speaking when you talk about hacking you, the first thing you think about his exploitation.
01:52
So it's just something that I like to call, but it's not really ah
01:57
agreed upon in these type of security and Issy
02:00
so an exploitation. The goal is to exploit weaknesses in the victim's security.
02:07
And the idea can. The idea here, or what we're doing here is we're we're targeting the weakest link in any security chain, which is the human weakness that you human weakness, eyes often triggered, is often
02:25
used during attacks. Social engineering and
02:30
fishing is one of the most famous ways to exploit a system.
02:35
So what we're going to do is we're going to send the Lincoln and again we're not going through the technicality of sending an ink that was covered during ah
02:45
delivery and using the search engine took it. It's one of the documents that are available. Resource is However, the assumption is a link is being sent. A ah
02:55
a and e mails being sent a link is malicious. In this link, there's an eye frame, the automatically downloads the payload.
03:04
So
03:05
that's why I said, it's kind of in our example. Expectation on insulation are working hand in hand. However, it's not, uh,
03:15
uncommon
03:16
for hikers to go to face 56 and go back to fire his five times two immortals go back to six. And so on the news this mellower that we installed at the beginning, Tunes told more and more example. Moron. More tools on example is installing that cat,
03:35
which we're going to do through ah, before the end of
03:38
the tour before the end of the course, to extract data out of the ah, the victim's machine.
03:46
So let's jump light into our example.
03:51
And
03:52
as I said, we're going to use I myself Council, which is meat exploit.
03:58
And our goal is to, ah to utilize the pillow that we did together in the previous and face to video and organization.
04:08
So we're going to do is we're going to create that it's not all,
04:12
uh, here, which is exploit
04:15
multi
04:16
handed.
04:18
And here we're going to create our payload.
04:21
So we said we're going to use Windows
04:26
Interpreter.
04:28
So diverse.
04:31
So reverse Underscore TCP
04:34
our host.
04:36
Sorry,
04:38
the host is one and two. The only 68. That 121
04:46
our report.
04:48
It's going to be triple for
04:51
And just to verify, Let's show options.
04:57
So there you go. You have
04:59
your host, your
05:00
airport and our
05:03
haloed
05:05
on our model.
05:08
So let's
05:09
starts start the listener.
05:13
So the listener is now waiting for connectivity.
05:17
What we're going to do is we're going to jump to our Windows machine,
05:24
which
05:26
already has the link,
05:29
which is basically hosted on the same machine
05:31
for the purpose of
05:33
the, uh, course
05:36
again, as you saw Biscuit, as soon as I enter, I got this doing to solve this payload, Doc.
05:44
Uh, e x c obviously a
05:46
It's more successful. Attack would be at least now call it Kayla.
05:53
So I'm gonna learn it
05:54
again for the purpose off off, uh,
05:58
to achieve the objective off the example.
06:01
So
06:02
if you and now we go back
06:04
and that's all we want from the victim's machine doing does
06:09
machine. If we go back,
06:11
you can see it changed a bit.
06:15
So now
06:16
we have one session open. So now I successfully
06:23
exploited on Dhe installed
06:26
a payload on the victim's side.
06:30
Okay, so we went through insulation and exploitation in one session. I know there's a lot of information here. I try to make that simple. It's possible, however, to make sure that we covered the whole thing. What is the difference between exploitation and installation?
06:46
As I said, exploitation were trying to exploit the system to get beyond the skirt controls. An installation. What we're trying to do is tune saw install
06:55
am L A. Or a factor that would allow us to communicate with the victim or the machine that we used during the exploitation to get inside the victim's network.
07:10
Second is true or false and exploitation. The purpose is to find a vulnerability to exploit. Actually, this is not really true because finding the vulnerability and discovering the vulnerability happens earlier. Doing
07:25
organization s Are we doing reconnaissance on an organization we create the
07:30
tool or the application of the payload that would exploit that vulnerability.
07:38
Finally, why is installation an important step? As I said from insulation were in the network. We need to have a successful installation to be able to move on to the following steps.
07:49
So
07:51
and the following two steps, we're going to use the same tool. We're going to use the same basically the mature, bitter ah session that we have. And then we're going to run a number of commands on the victim's machine to make sure that
08:07
it is a successful attack.
08:11
So today we covered exploitation and installation. We're on a victim's a quote on the victim's machine. On dhe. We received a collectivity session with
08:22
the Attackers machine
08:24
and the next video we'll cover. We will cover command and control.
08:31
See you then.

Up Next

Cybersecurity Kill Chain™

A practical take on Lockheed Martin Cyber Kill Chain™, The course simulates an example target attack following the 7 phases of the Cyber Kill Chain™.

Instructed By

Instructor Profile Image
Abdulrahman Alnaim
Security Operations Manager
Instructor