4.3 Planting a Backdoor Lab Instructions Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

19 hours 55 minutes
Video Transcription
Hi. Welcome back to the course. In the last video, we talked about a lot of the terminology you're gonna need to know for this particular lab. So if you haven't watched that yet, go ahead and policies video and go back to that where we discuss things like T FTP back doors and RFC 13 50.
So in this video, we're gonna go ahead and start our lab. Now, we're gonna do two parts to this video. We're gonna do part one in this video here, and we're gonna figure our T FTP server and then in part to it's in the next video. We're gonna go ahead and actually plant our backdoor on our target machine.
So this lab is gonna be done inside of the cyber, a lab environment. Now, you're welcome to set up your own environment, but we're not gonna cover how to do that in this particular lab.
So let's go ahead and get started. So if you're not familiar with how to log into the Saberi Labs, just log into your saberi account
and then once you log in, you're going to see a little search box right here. So we're gonna look for the certified ethical Hacker lab.
We're just gonna type in certified as the ethical excuse me and hacker.
And that is press enter under keyboard is gonna pull up the search results for us here now, since based on the time I'm filling in this video, you're gonna notice that the older penetration testing, unethical hacking course is showing up in here. But when you guys do your search, it should show this current one
and then the second option here we see that this is our actual ethical hacker lapse. You'll see it's got the practice labs as the author for this particular module.
So all we have to do you can either just click on start now. I always just liketo do open in a new tab. Gotta have it and which everyone is your preference. But basically, it's gonna take you to this page right here.
Well, then you're just gonna click this big launch button.
It's gonna take a moment of soda, launched the labs for us.
So while it's doing that, we just come back for a lab document here.
So we did step number one. We log into cyber re into our counter that we starts for certified ethical hacker. Step number two. We found the ethical hacker practice laps. So that's what these are here. Now, if you for some reason that drops you into this main bucket where all these different labs like programming, you know, the Oracle D B A stuff. If it drops you in there, just look for the
practice labs. Ethical Hacker one. And that'll be where you want to go,
and then just click on that and I'll take you where we just work.
All right, so our next step here and step three, we want to search for the planting a backdoor lab. It is about 1/4 of the way down here. It's this one right here. And just go ahead and click on that.
And then next we want to click to start button. That's gonna go ahead and actually launch this lab for us.
All right, so we're gonna go ahead and turn on all our virtual machines next to just cover your mouth over top of each one and click that power on option.
All right. Just like that, you'll see that I'll say busy, and it's gonna take a minute or so toe pull all the way up here for us.
All right, So we stopped him before we already selected to start that, launched her lab for us. And then we're in step five right now where we're launching all our virtual machines. Now, once we get those loaded up, we're gonna log into P Lab. When? 801
And then from there, we're gonna go to the Internet page, and then we're gonna find tools in the T f T. P. So we're actually gonna get this installed in just a little bit here,
and then once we have it installed, we're gonna actually configure everything and get it set up. So that way and part two, when we plant our back door, we can actually do so.
You'll see here that the machines are starting to pull up here for us, and the one we want is that last one there were gonna give that another few seconds or so. It should pull it pretty quickly here.
So again, if you have not watched the previous video, it's it's very important for you to just pause this. Want to go back to that one? Just be really understand, as I threw out these different terms, what we're talking about and what we're really doing with a backdoor, you know, and at a very high level, What we're doing is we're maintaining access on our target machine because we've already hacked into it somehow, right?
You know, whether whether we're, you know, breaking a cracking password or
or, you know, getting some kind of user action, et cetera to get us access to that device soon as we have it, we want to make sure we can maintain access and do whatever else we want to do on the machine.
All right. So you see, while I was talking there, the win 8801 actually pulled up. So again, step number six, we're gonna connected that machine. So this bottom one here, I just click on the name that will pull up the machine for you. It's gonna take a second or so to establish connection and kind of everything set up and configured, but we're gonna scroll down to the bottom
and you'll notice I don't have an Internet explorer. And if you're using the Sabra labs, you might notice that's missing there as Well,
so if you don't have that because we need that we could just grab and throw a shortcut on there for our lab here. So I'm just gonna right click on the start menu and go to search
and then just type in Internet
and it should start pulling up. So I'm just gonna I'll find it here, and then I'm gonna right click on it and just pin it to the task part just so that I When I scroll down, I see it there. So that's a quick step. I don't have that in a step by step guide, but it happens occasionally in these labs. I noticed. So sometimes for me it would be there then other times I had to do the steps. You're just
pinning it to the task force. What could access it So
again, all we did there we right click on the start menu. We did a quick search for we started typing the word Internet and you see, Internet Explorer just pulled right up.
We right click, and then I don't I don't have the option dependent to the task. Parker's already did that, but you were just pin it to the task bar, and now we can just go down and go ahead and click and launch it.
So let's go back to our lab document here. So where it step Summer, Stephan, here. We just launched Internet Explorer.
Now we're gonna go to tools and then T f T p. So we're on the intranet page, so we're just going to scroll down.
We see we have tools, will go ahead and click on that. And then now we want to scroll down till we find T f T P.
Right now. When? A little too far. There it's just up a little bit. There we go.
So let's go ahead and click on that. And now you're gonna see inexcusable hanging out in there. So let's go back to her lab document.
So we see here that we want to go ahead and click on that Execute Herbal and then once it downloads, we want to go ahead and run it. So let's do that now.
So just click on the executed ble,
and it should prompt you here and just say run!
And now it's gonna take a moment or so to open it up and actually launched the wizard forced to use. So we'll let that do that. We may or may not get a prompt regarding user account control. You'll see. I'm gonna get it here. Just say yes to that. We know that it's an unknown publisher.
And for our the purposes of this lab, we don't care about the security certificate
as far as getting your make sure signed.
All right, so that should be pulling up now for us in just a moment or so.
So Step number 12. The installation wizard is gonna pull up on begin for us, and then it's gonna basically take us through a license, your page, and we're just gonna accept the license agreement at that point. And then everything else as far as the installation is, basically, just leave it as a default and then click next and then install.
All right, so we see here, we've got it popped up here, and that's the license agreement. You're welcome to read through all that. If you want to a person, you don't care about it. Just for a practice laps. So we're just going to say I agree to that.
You'll see here we have some different options. We're just gonna leave those alone and just click on next.
And then we can also special specify a destination folder if we wanted to. I'm leaving the default there as you should as well. And just click on install there. It's gonna get and install a forest. Now, it's pretty quick when it installs it. And then you just click on this close button here.
All right, So we'll go back to our document here. So we click next
and then step 15. We clicked, install, and then the installation actually finished. We just clicked close. We just finished. Step 16 here.
So now we should look for and we should see the tea FTP server icon on your desktop. We actually do see it. It's this one right here. This kind of green lines with little yellow in between.
Okay, so we're gonna double click on that icon next, so you can go ahead and close your Internet Explorer browser. We don't know. We're not going to need that again in this lab.
And then we're just gonna double click on this icon right here. You'll see it's gonna open a couple of things for. So it opens this T f t p D 64 by ph union
and then also this window security alert. So we're gonna address this first,
so we see that we do get that window security alert message and step 19.
So what we want to do, we want to make sure that all the check boxes are actually checked,
and then we're gonna click on the allow access button.
All right, so let's go ahead and do that now.
So we're gonna check all these boxes
and then just click this allow access button at the bottom,
All right? And so you see, nothing really happens aside from us just allowing all this stuff through the firewall.
Okay, So now we're gonna go ahead and configure our T FTP server.
So we do see that this thing is papa box years a t f T p d 64 by ph union.
And that's going to stay open after we clear out the window security alert message.
So next step here is step 22 clicking brows, and we're gonna select T f T p in the server directory. So we're gonna click on this browse button
and that we're just gonna scroll down here.
And what we're looking for here
is we're gonna look for C program files X 84 then end maps so you'll see when we
pull this up here that
we have program files right here. But we're looking for a program files x 86. So you want to keep going,
And that's the one you're looking for. The program files x 86. Then you also want to click on the end Matt folder.
Okay, so if you look back on our document, we we were at sea. We navigated to program files X 86 then we clicked the end match folder, And now we're just gonna click on Okay.
All right, so we're just gonna say okay to that. There.
So now our next step years, we're gonna change our target. So our server interface is gonna be this I p address right here. So that when we do that and the server interface is drop down list, we're just gonna basically select this one here.
What that's gonna do is finish out our server configuration,
so let's go ahead and do that.
So in this bottom check box here.
Just go ahead and click on 100 to 1680.5.
so that's it. You may or may not get a palpable about the clipboard. If you don't like phones, you can just click fish don't show again and hicks out of it. I like it for some of the labs that I do. So I just *** out of that.
All right, so our server is now configured.
We see that a step 27.
if you remember from the previous video where we kind of introduced this lab of some of the terminology do you remember what simple thing that T FTP allows us to do?
So if you said allows us to transfer a file, then that's That's pretty much what I'm looking for. They're just basically at the simplistic level. That's what we're looking for, that it helps you transfer a file.
All right, so in this lab, we just set up Artie FTP server and got it all configured. Now the Lexx next lap, we're actually gonna go ahead and install our back door on the target machine
Up Next
Penetration Testing and Ethical Hacking

Do you like breaking things or figuring out how things work? Join thousands of professionals who’ve entered the information security field by taking this class. Taking this ethical hacking course will give you the skills needed to become a professional penetration tester and prepare you for industry certifications, like the CEH.

Instructed By