2 hours 37 minutes
Hey, everyone, welcome back to the course. So in the last video, we went ahead and launch our social engineering. Took it tool inside of Kelly Lennox. We also started configuring the tools so that we can run our phishing attack
and we left off it. Step 20 eights. We had just entered the one to choose the predefined template. Now we're a step 29 of the lab, so we're gonna type in the number three of the prompt. Now that's gonna allow us to select the strange Internet usage from your computer as our message to the user.
So just type in three impress. Enter there.
All right, Now, we need to specify what email address we actually want to send this to. So we're gonna type in HR at organisation dot Com is our sample email address.
So HR at organization dot com
and then just press enter any keyboard,
and then next, we're gonna choose our own server open relays, where we're gonna type in the number two
and then just press enter to choose, use your own server or open. Really?
All right. So now we could specify what address we want the email to come from. Right. So we're here in step 33. We're gonna use admin at organization dot com,
and we don't actually want to send any email to that, so don't click on it. All right, So admin at organization dot com.
All right, just press enter on your keyboard.
Arson now wants us to specify who we're gonna send it from. So obviously we're gonna use we're gonna use admin. But that's not a real life type of thing, right? We would use something a little more creative, but for our purposes, we're just going to send it from Hagman.
So what is type in their admin in press enter?
All right, so now I want to use your name for the open Real light,
how we're gonna do on this next couple of ones. It's just press the enter key. So we don't want to specify a, uh, a username or a password. What is gonna press, enter and use the default stuff?
And I'm not sure why Kelly keeps my mouth keeps going crazy there, but anyways,
we're gonna just hit that twice at the enter key twice. It'll take us now to the S and T e mail server address.
All right, so what we want to type in here is 1 92.168 dot 1.75 1922.168 Not one that 75. Let's go intact that in now.
So 1 92
1.75 his press enter to keyboard.
All right, Now he wants to know the poor number here,
So we want to keep s and t a. P at 4 25 were actually just gonna press enter on the keyboard there
to save that one. All right, Do we want to flag a message as a high priority? So let's see if we want to or no, but we're going to say yes to that because we wanna create that sense of urgency for the end user. So they actually open our stuff and click on it.
All rights were to five. Yes, here and then press enter. Now, this next part of my take five or 10 seconds or so forward to show the command prompt again, eh? So we just kind of have to be patient and let it do that
right. So again, we just wrapped up Step 40 here. We typed. Yes, at the prompt and press enter. And as I mentioned it, it might take five or 10 seconds or so defer to pull back up. You'll see There. It finally has pulled up in the background there. So now we're in step 41. So in the set up, a listener prompt what is gonna type? Yes. So let's go and do that now.
All right, So it's gonna take a moment of so here as well.
All right, so now we're gonna do in this lab. We're gonna on the right side. Where to click on the machine's top of the top right of the screen. So Step 42 here. We're just gonna click on machines and go to the window. Seven machine,
All right, Because we need to make ourselves essentially, we're doing this mean we need to make ourselves the user rights. We need to pretend we're the user. So Step 43 here. Just type in the word password for the actual password on this page.
All right. That's shared longest and might take a moment so you could ignore that message. there about the license being expired, and that doesn't matter. We're inside of virtual environment, and you'll see on the right side here we have, you know, the user name and password. If you needed to know if you get a prompt about restarting, obviously restarted later so we can finish the left.
Let's go back to our lab document here.
So now we're at step 44. Eso again. We close close that Activate. Hey, activate Windows icon. Just we selected. Ask me later. Now we're logged onto the desktop here.
So what we're gonna do is we're gonna open a web browser. Nowhere to type in this address where the type in https and then the one and a 2168.1 dot 75. So let's go and do that. Now we can use either Google Chrome or, um, you know, we can use Internet Explorer. Either one is fine.
Um, I'm gonna do google Chrome just aren't you show you the other component of the lab that I had put in there for you. S o https Colon forts. Last ford slash 1 92.168
I got 1.75.
Now Google Chrome. You may or may not get a message that says, Hey, it's unsafe to proceed. Do you want to still proceed? So I'm going to show you that route there, Microsoft and an Explorer. You might see a different type of errors,
and we'll give it a few seconds or so. There we go. Sometimes it takes a moment. No. If you get this, you're just gonna click on Advanced
and then click down here. Where says, proceed to that I p address? You know, they're telling you Hey, it's unsafe still. But we know we're inside of a lab environment and that we're hoping that everything's safe.
That'll take us to this log in page right here. So let's take a look at that.
All right, so here we're in step 48.
So we're at the log in page right now. So now we're gonna enter a user name of T. Smith
and a password of I like turtles. You know, like who does not like turtles right there. Always pretty friendly until you go try to touch him. All right, T. Smith. And then I like turtles for the password again. All over, case.
All right, then just go ahead and sign in.
What we should see is that email address that we had set up earlier. We should see an email so that strange internet usage, etcetera. Let's go back to our lab document, see what we need to actually do with that.
All right, so now we're gonna click Thio, open the email, and then click the download option to download the file. So we're gonna click the email, and then we're gonna click the download option.
So go ahead and click on the file there
and doesn't look like it downloaded. Let's see here.
Oh, there we go. That's what I was missing. There were right there. So the download link right there is what we actually want that when we can actually hope in the file. So
we're gonna do now. We've clicked download option here instead. 51 we're gonna click, and then we're gonna go open and folder, and then we're gonna open this file inside of Adobe Acrobat Reader. So we Generally speaking, we normally have to specify how we want to open. This will say Chauhan folder.
We're gonna right click
and then we're gonna say open with the adobe
and I might take a moment. So it's gonna give us the license agreement. Just accept that it doesn't matter too much for our purposes.
It's gonna ask us a special file file Thio
So we're just gonna navigate to the desktop and we're gonna click on safe.
Let's go and do that. Now we're just gonna navigate to our desktop screen. Um, we could just leave that his former. If you want to call it something else, that's fine. We'll call it like, funny file or something like that,
and then just click on safe.
But we're gonna get this message here about launching the files. Let's go back to our lab document.
So now we're to do is select open button
and then we're gonna go back to our Callie machine and what we should see. It's any command Shell has opened in our command line. So we're gonna select the open button at this top of box here. Then we'll go back to our Callie machine and take a look.
All right, so we get that arrested stairway, just say okay to that so we don't nothing's really happening on the windows machine. But let's Callie want to see what's going on.
All right, so let's take a look here. Some reason my Miles is still acting up. Now, if you're just doing this, especially this year Mouse's Dragon things. So what we see here is we do see that the command shell is opened. Right? So we see a medicine boy framework exploit. Command shell is open for us. A good deal.
All right, so we're to select enters. We're gonna pee. Were to put enter here.
If then we're just gonna type in sessions, Dash Little case high in the number one. So we're basically tryto open a section here,
so we'll give it a second or so here might take him over to so and then we're gonna type in sessions
on then dash. Lower case I in the number one.
It's kind of going slow. We'll see if it actually took that, commander. Not
while we're waiting on that. Find out. I think it did. Is just going really slow.
Um, I want you to think through how an attacker could use this. Use this, you know. So obviously at this point, the attacker could escalate privileges. You know, we're obviously not covering attacks in this particular course, but from here, and it looks like it's still not freezing up on me, that's fine. It looks like it's freezing up on me. And that's why um,
what we could do from here is weekend, you know, uses command, Sheldon, escalate privileges, steal data, et cetera, et cetera. It looks like I should take the word sessions wrong with Survives freezing up. It's not used to what that is. But in any event, from this point, we would basically escalate privileges and start moving through this machine. Take it over,
you know, fully and then move laterally through the network trying to find other machines. The target. So,
this video is really designed to show you like a fun activity. Essentially, you know, we are able to get information on our target to some extent, but this was more so designed to show you, like a fun activity to give you some more hands on, kind of spice it up a little bit instead of just gathering information and the entire course.
So this wraps up our laps. So in the next video, we're actually gonna go ahead and just your course wrap up. So I look forward to seeing you there. And this video we just went through and finished out our lab on using the social engineering tool kit to run a phishing attack against our turkey.