SPF (part 4) Functionality for Agents

00:04

Okay, now let's take a look at some functionality for the agents

00:10

over agent commands. These are all things we can do.

00:14

Something's symbols, like sending a text message to another device. This was like my original, but that research

00:20

well descended to the third found and say, like hide your hair or something like that I

00:27

do a job

00:29

person could also send a link so you could

00:32

no

00:33

grab their contacts list and send the agents all of them as well.

00:38

No

00:39

mess with the circle of trust.

00:42

Two years or third phone, and we should get a message from 5556

00:49

Sure we did.

00:52

This looks like it came directly from that center phone, the one that has the agent that's not in the Centre folder anywhere

01:02

well, down here.

01:07

I endure

01:07

produce simple example There,

01:11

like the first functionality I built.

01:26

Do some other things.

01:29

Let's see, How about

01:40

get installed APS list? All right, so let's grab all of the absolute her own there.

01:48

That's weird.

01:51

So it'll just get a list of all the installer applications. So what we'll do after that is actually pulling app off the device

01:59

so we can reverse engineer is hoping to see any, like company abs that we might want to use

02:05

as a potential agent.

02:07

I'm like you find some vulnerabilities in it, but we can actually pull the entire AP, chaos the phone and then start reverse, engineering it

02:15

with their application security tools.

02:30

This will take a minute. The phones aren't particularly quick about this sort of stuff.

02:35

The SMS was gonna you pretty much instantaneous,

02:38

though. The 45554 phone has to check in with us three f Ellen's in the tax message, but we should be received nearly instantaneous with whatever like there is for text messaging. But the http it is only gonna check in periodically national easily on the battery down.

02:58

Otherwise let anyone there that we're sending a bunch of communication. It's meant to look like normal usage.

03:05

So what, we're gonna have enough time when get a three few information gathered

03:09

that we own agents.

03:13

It also keeps track of all the client side attacks and such

03:15

if the agent we want currently there's nothing. There's We haven't waited quite long enough.

03:23

We'll sit around for a little bit on. Try again.

03:31

Yes,

03:46

There you go.

03:47

So there's all our packages. So that's every application that's installed on there that's got them by their full package name comes off andro don't exchange

03:58

whatever it is that the android ones would be built into

04:03

combat. Abc dot ABC News is on there.

04:12

We could take suffering from this last one

04:15

like yours.

04:15

The maps application,

04:19

my original example for a started using ABC News. In fact,

04:25

android APS

04:27

and then I have to be on the news. So it was a local ABC news program, so I just used their app. Have been using it ever since

04:34

we get back to send commands to an agent.

04:43

Now I can d'oh upload a B k 16.

04:46

We actually pull that.

04:48

That shows us of list again. It allows us to upload the entire application, so just grab it off the phone, steal it if you will.

05:31

All right. We give that a little bit of time. We should be able to

05:38

well, that application.

05:41

You don't cover

05:42

application security in this course, But if you do study android applications security, you'll see how you can reverse engineer this.

05:50

And I stole it on an emulator test. room and run some tests against it,

05:56

you know? So, of course, use it as a

05:58

agent so we could run it through our back door was all in the previous video

06:03

and turn it into an agent as well.

06:08

And some other people from the contact.

06:16

This is just some of the things you can do. You see,

06:19

there's a lot more stuff on here. And once you start bringing in, like, execute command,

06:25

we can run a lot of things. We can download things

06:29

onto the device. Will things off the device that we can run in map?

06:33

See that next video?

06:36

Yes.

06:38

Must be s to pivot onto another device Windows device, actually,

06:44

so you could do a lot with it. I mean, I just have something built in.

06:47

Make it easier, like run and map is really just

06:50

three commands together,

06:54

downloaded map, running mouth to execute command and then upload results of football.

07:00

Let's go back to our information gathered and see if we have an APP. App is currently blank. So you still want the weight? A little bit more

08:03

sounds could be a bit tedious.

08:07

They're of subversion. Why every do the SMS shell, so it has an option where I can have you

08:13

pivot on. Then you can actually do it through as a mass. Have the shell come back. That's actually pretty fast. It really only delays a couple of seconds.

08:22

Let's try this again.

08:24

There we go. The route smart from Vince's Framework Framework Consul map start A P K.

08:31

Opened up. Another channel would actually take a look at that.

08:41

It maps that AP caves, where we have grabbed the entire application off the phone.

08:46

We can do any reverse engineering. We like,