WEBVTT 00:01.120 --> 00:06.640 Okay, now you know how to add the location into this registry. 00:06.680 --> 00:07.080 Okay. 00:07.760 --> 00:10.760 And I want to show you one more thing. 00:10.760 --> 00:17.560 And that is here into this top Python project. 00:17.600 --> 00:21.480 At least right now you see that this is the evil file. 00:21.520 --> 00:21.720 Okay. 00:21.760 --> 00:22.840 This is the backdoor. 00:23.440 --> 00:32.400 And whenever we don't, we don't have any kind of, uh, any kind of listener from Linux. 00:32.400 --> 00:39.880 And I try to double click here and it is trying to execute, trying to run. 00:39.880 --> 00:45.000 And it gives me this kind of error because there is no one to listen, okay. 00:45.040 --> 00:47.360 No connection could be made. 00:47.360 --> 00:51.120 So we need to handle this, uh, first. 00:51.120 --> 00:57.040 And then we will be able to add other details to our program. 00:57.040 --> 00:58.120 And that is right here. 00:58.160 --> 00:58.560 Okay. 00:58.560 --> 01:05.360 First you know how to handle this because we learned something about try and accept. 01:05.960 --> 01:09.840 So first we need to put them into try arc. 01:09.880 --> 01:10.320 Okay. 01:12.240 --> 01:16.320 And then we use accept. 01:19.600 --> 01:19.960 Okay. 01:20.000 --> 01:30.200 Here we use except except and any kind of error like exception. 01:30.240 --> 01:30.680 Okay. 01:33.520 --> 01:36.880 Then let's call says dot exit. 01:37.800 --> 01:45.400 So now if I save this and now if I go back here and try to execute the program once again, you will 01:45.400 --> 01:46.360 see that. 01:50.720 --> 01:55.240 Right now, if I wait for a while again I'm getting this error. 01:55.760 --> 01:59.920 Maybe let me save this again. 01:59.960 --> 02:00.240 Okay. 02:00.280 --> 02:02.930 We have this dot Exit. 02:04.610 --> 02:06.610 And also we have this layer. 02:06.650 --> 02:06.930 Okay. 02:06.930 --> 02:12.050 We have try and try it will come and try to connect to the program. 02:12.890 --> 02:20.290 If that is not able to to connect then we call this dot exit. 02:20.610 --> 02:23.850 So let's save it once again okay. 02:24.370 --> 02:31.530 That is because this program and the other program this book is different because of that okay. 02:31.570 --> 02:33.250 We need to package this once again. 02:33.250 --> 02:36.250 So okay I will handle that later. 02:36.290 --> 02:36.770 Sorry. 02:38.810 --> 02:43.090 Uh, the next part is uh, to become persistent. 02:43.130 --> 02:43.570 Okay. 02:43.610 --> 02:45.570 What is that means? 02:45.570 --> 02:53.250 That means whenever I, whenever the victim try to restart the computer, we need to have a copy of 02:53.250 --> 02:59.730 our evil file, put them in a safe place so the victim do not suspect. 02:59.730 --> 03:04.930 And the program run Uh, successfully and safely. 03:06.410 --> 03:12.290 So for that, let's come here, create a method or a function. 03:12.730 --> 03:16.250 And I am going to name this function, um. 03:16.290 --> 03:20.810 Become persistent. 03:22.890 --> 03:23.690 Persistent. 03:23.730 --> 03:24.130 Okay. 03:24.970 --> 03:28.690 So here we need to add self keyword. 03:28.690 --> 03:33.330 And right here first we need to give the location of the evil file. 03:33.370 --> 03:34.450 Okay. 03:34.490 --> 03:44.130 And if you want to find a location to put your, uh file there let me go to Python. 03:44.130 --> 03:47.130 Here we have OS. 03:47.130 --> 03:47.650 Okay. 03:49.290 --> 03:51.970 Dot e n v I r o n. 03:52.930 --> 03:58.050 And in here, if I give, uh, app data. 03:59.490 --> 04:00.970 And if I hit enter. 04:03.930 --> 04:05.930 First, we need to import this. 04:05.970 --> 04:06.410 Sorry. 04:07.570 --> 04:08.610 Import OS. 04:10.050 --> 04:17.610 And now when I hit enter, you see that it gives me the AppData location in, uh, right here. 04:17.730 --> 04:28.730 So now I can use this OS environ and then update, uh, to get this location and then put my application 04:28.730 --> 04:30.690 or my evil file right there. 04:31.210 --> 04:34.010 So I will be able to use this here. 04:34.410 --> 04:35.130 Very good. 04:35.690 --> 04:37.090 Now okay. 04:37.130 --> 04:39.090 We have become persistent. 04:39.930 --> 04:43.490 And here let's use, uh, evil file. 04:45.410 --> 04:45.650 Okay. 04:45.690 --> 04:50.610 I'm going to name this, um, it will file location. 04:50.650 --> 04:51.050 Okay. 04:54.850 --> 05:04.410 So this evil file location is going to be equal to OS dot n, uh, environment. 05:04.660 --> 05:08.380 And here I need to add that thing. 05:08.580 --> 05:09.300 What was that? 05:09.340 --> 05:11.620 That was app data. 05:12.220 --> 05:20.460 And also I want to concatenate this or add rename this file. 05:20.460 --> 05:22.140 I want to rename this file okay. 05:22.180 --> 05:23.700 That I am going to have. 05:24.460 --> 05:29.900 And let's name it as something that victim do not suspect. 05:30.420 --> 05:38.780 And that is going to be for example let's name it Windows Explorer. 05:42.940 --> 05:43.820 Okay. 05:43.820 --> 05:47.140 So now we have the location of the evil file. 05:47.780 --> 05:54.660 So when we have that then we need to copy this okay. 05:55.860 --> 05:59.020 How can we uh copy this. 06:00.340 --> 06:12.060 We can copy using something called let me first import that, uh, s h or sh uh, util. 06:12.100 --> 06:12.340 Okay. 06:12.380 --> 06:17.260 By using this, we can, uh, copy a file. 06:19.660 --> 06:21.300 So let's use it. 06:21.780 --> 06:28.540 It is, uh, dot copy file. 06:28.540 --> 06:29.740 We have it here. 06:31.980 --> 06:41.380 And here, because the file is an executable, uh, executable file. 06:41.380 --> 06:43.380 So we need to add that here. 06:43.500 --> 06:45.940 So executable. 06:48.900 --> 06:49.700 That is here. 06:49.740 --> 06:52.940 So since dot executable. 06:53.340 --> 06:57.100 And then the next one is the location. 06:57.380 --> 06:58.460 What is the location. 06:58.460 --> 06:59.620 It is evil. 06:59.660 --> 07:01.740 File location okay. 07:03.180 --> 07:06.380 So now this will copy that. 07:06.750 --> 07:13.630 The next one is to call to use subprocess dot call method. 07:15.470 --> 07:28.310 And in here when we try to use the call method, you know how to how we can use the call method. 07:28.470 --> 07:31.190 We were using the call method in somewhere. 07:31.190 --> 07:38.150 So here we need to add the shell is equal to true. 07:38.190 --> 07:46.790 And right here we need to add the path not not the path the command. 07:46.790 --> 07:49.470 What is the command that is here okay. 07:49.470 --> 07:49.710 So. 07:53.030 --> 07:56.150 Up to here okay. 07:56.150 --> 07:57.710 Now I copied that. 07:58.150 --> 08:05.590 And then here I need to use single quote and paste this here. 08:06.190 --> 08:06.470 So. 08:08.550 --> 08:17.550 Now that I put this right in here, the next part is to give the file location after this. 08:17.550 --> 08:17.790 Okay. 08:17.830 --> 08:22.830 As you see that here we are adding the location of a file. 08:23.110 --> 08:24.230 And also right here. 08:24.230 --> 08:26.590 And also you see that we have a double quote here. 08:26.590 --> 08:29.310 We need to handle that as well. 08:29.750 --> 08:32.350 So how can we handle that. 08:33.190 --> 08:35.070 Very easy okay. 08:35.110 --> 08:40.270 We use double quote here and then use concatenation. 08:40.270 --> 08:44.670 Then add your file location okay. 08:44.710 --> 08:46.630 Let me give some space here. 08:48.510 --> 08:50.270 And after you added this. 08:53.510 --> 08:54.190 In here. 08:56.710 --> 08:58.590 Again concatenate. 09:01.030 --> 09:03.750 A single quote inside single quote. 09:03.790 --> 09:10.750 Add a double quote okay now How this will work, I think perfectly. 09:12.030 --> 09:12.950 And also. 09:15.470 --> 09:20.350 Uh, this will come and execute this again. 09:20.990 --> 09:28.030 But it will copy this in here in every time that the windows start. 09:28.070 --> 09:30.750 But we need to handle that too. 09:30.790 --> 09:40.750 Let's handle that by if condition, let's say if not at or is dot path okay. 09:43.670 --> 09:47.830 If not OS dot path dot exists. 09:50.030 --> 09:50.430 Okay. 09:50.430 --> 09:51.830 We have the command here. 09:52.270 --> 09:55.990 And then let's give the evil file location. 09:59.990 --> 10:02.110 Um, where is that? 10:02.110 --> 10:02.470 Okay. 10:02.470 --> 10:05.870 That is here, let me copy this 10:10.240 --> 10:10.640 Here. 10:11.240 --> 10:13.480 If not, then I want to. 10:17.320 --> 10:18.240 Execute that. 10:18.280 --> 10:18.680 Okay. 10:20.120 --> 10:23.640 And also we need to add white space at the beginning of that. 10:23.680 --> 10:32.240 So now it is completed we need to call this become persistent in some place into this code. 10:33.440 --> 10:38.880 Uh it is better to add that here into this constructor. 10:38.880 --> 10:41.720 So let's do this. 10:41.720 --> 10:43.880 Let's call this method here. 10:49.320 --> 10:49.640 Okay. 10:49.640 --> 10:50.160 Come on. 10:51.880 --> 10:52.320 Okay. 10:52.360 --> 10:55.080 Self dot become persistent. 10:55.080 --> 10:58.080 We don't have any kind of argument or something. 10:58.600 --> 11:02.640 So now let's save this and let's come back here. 11:04.360 --> 11:07.520 Exit this CLS. 11:08.280 --> 11:12.360 Let's go back to this top Python project. 11:12.400 --> 11:12.840 Okay. 11:13.040 --> 11:17.280 So let's again and let's use Pi installer. 11:18.320 --> 11:22.160 Pi in this color. 11:22.360 --> 11:26.040 And then we have reverse factor. 11:26.040 --> 11:31.920 And the next option is one file. 11:32.880 --> 11:38.040 And we have no answer. 11:38.720 --> 11:40.640 Let's hit enter and see. 11:41.840 --> 11:50.480 After this process is completed we will be able to execute the program and see that. 11:57.840 --> 11:58.240 Okay. 11:58.240 --> 12:00.480 Now you see that it is completed. 12:00.880 --> 12:03.160 And let's come back here. 12:06.000 --> 12:07.240 So let's. 12:09.480 --> 12:14.200 Let's come back here and try to execute this and see if we get any kind of error or not. 12:17.240 --> 12:17.640 Okay. 12:18.720 --> 12:20.800 I don't get any kind of error. 12:21.120 --> 12:23.720 And let me come to see. 12:24.240 --> 12:24.560 Okay. 12:24.600 --> 12:30.640 Here I'll also I don't have, uh, the listener. 12:30.680 --> 12:31.080 Okay. 12:31.520 --> 12:33.960 You see that the listener is not listening. 12:35.280 --> 12:35.800 And now. 12:40.720 --> 12:41.120 Okay. 12:41.680 --> 12:46.760 Now, let's come back to this location here. 12:47.520 --> 12:49.320 Let me reload this. 12:50.920 --> 12:53.840 And you see that it is not added. 12:56.920 --> 13:01.040 This dot x is on drive. 13:03.240 --> 13:03.760 Mm. 13:13.570 --> 13:15.210 There could be one problem, okay? 13:15.690 --> 13:18.290 And that is this one that we have. 13:18.330 --> 13:20.210 I named this test. 13:20.250 --> 13:21.850 We have one thing by the name of test. 13:21.890 --> 13:24.570 Let's name this update. 13:24.610 --> 13:25.010 Okay. 13:25.890 --> 13:27.690 And I'm going to save this. 13:28.010 --> 13:35.370 And I have to show you one more thing here into this local drive C user. 13:35.970 --> 13:37.970 And in exploit cheap. 13:37.970 --> 13:40.930 You see the update is hidden by default. 13:41.410 --> 13:45.450 I just right now it's hidden. 13:45.490 --> 13:47.850 No nobody will come and see that here. 13:48.410 --> 13:55.930 And if I open this into roaming you see that Windows Explorer is right here and nobody will suspect 13:55.930 --> 13:56.330 at all. 13:57.290 --> 13:57.730 And. 13:59.890 --> 14:04.250 Uh, let's come to windows back here. 14:05.810 --> 14:06.610 I want to. 14:09.650 --> 14:11.170 Do one more thing here. 14:12.370 --> 14:13.290 No console. 14:13.330 --> 14:13.770 Okay. 14:16.970 --> 14:25.010 I want to repackage this and want to add that into this location. 14:25.010 --> 14:26.810 You see, right now we have one test. 14:26.810 --> 14:31.450 And I want to add another thing by the name of update here. 14:31.490 --> 14:31.930 Okay. 14:33.850 --> 14:36.890 Let's see if there is a if we are able to do that or not. 14:39.130 --> 14:41.170 But it is working okay. 14:41.170 --> 14:43.690 You see that it is copied into the other location. 14:43.690 --> 14:45.330 And it is also. 14:47.810 --> 14:49.090 Going to be added here. 14:53.050 --> 14:53.450 Okay. 14:53.450 --> 14:57.050 There was a problem a very simple and small problem. 14:57.050 --> 14:59.170 And that was here okay. 14:59.170 --> 15:07.450 Whenever I was trying to package this, I used only one slash here for each of them. 15:07.450 --> 15:08.290 Like this. 15:11.410 --> 15:12.130 Like this. 15:12.130 --> 15:12.530 Okay. 15:13.260 --> 15:17.140 And in windows you need to. 15:17.180 --> 15:20.300 While you're using windows, you need to use two commands. 15:20.340 --> 15:28.540 Okay, two slash because one of them is going to if you use one in here, it's not going to be called 15:28.580 --> 15:33.780 or read as slash is because it is backslash is and it has a meaning here. 15:33.780 --> 15:38.220 You need to use two slash for each of them while you're using windows okay. 15:40.660 --> 15:47.300 And when I use this and I repackage this it solved the problem okay. 15:48.180 --> 15:51.140 And you see that here. 15:51.300 --> 15:54.500 And whenever, whenever I executed this. 15:55.740 --> 16:01.940 And here right now you see that it is added okay into rooming windows Explorer dot exe. 16:02.500 --> 16:08.380 And also if I came back to Windows Explorer dot exe here. 16:10.540 --> 16:15.220 User exploit AppData roaming. 16:15.220 --> 16:16.260 You see that here? 16:16.300 --> 16:16.700 Okay. 16:17.740 --> 16:26.980 So let's do one thing and I'm going to close everything here. 16:30.460 --> 16:30.780 Okay. 16:30.820 --> 16:33.940 Now everything is closed okay. 16:34.820 --> 16:37.220 And I am going to come back here. 16:37.580 --> 16:39.940 Let me rerun this. 16:40.140 --> 16:41.220 And right now. 16:45.020 --> 16:53.060 Let's, uh, reboot this system. 16:53.100 --> 16:54.940 Um, update and restart. 16:55.700 --> 16:58.380 I will not update that. 16:58.820 --> 17:00.820 I'm going to power this off. 17:00.820 --> 17:01.220 Okay? 17:03.900 --> 17:04.980 Now that is off. 17:05.020 --> 17:06.820 Okay, that system is off. 17:07.060 --> 17:12.980 Let's come back here and rerun this program. 17:12.980 --> 17:18.180 And also let me here execute my lesson. 17:18.180 --> 17:21.460 Right now it is waiting for incoming connection. 17:24.340 --> 17:26.340 And I'm waiting for this to start. 17:26.340 --> 17:26.740 Okay. 17:33.420 --> 17:35.100 Let's provide a password. 17:43.940 --> 17:45.340 Now the system is loaded. 17:45.340 --> 17:48.180 Let's go back to Kali Linux. 17:48.820 --> 17:49.580 Okay? 17:49.620 --> 17:51.980 Now you see that we got the connection. 17:52.420 --> 17:55.940 And in windows system, you see, we have done nothing at all. 17:55.940 --> 18:00.540 Okay, now I can use input command like dir. 18:01.220 --> 18:04.540 And you see a lot of files here. 18:04.580 --> 18:05.020 Okay. 18:06.420 --> 18:10.740 Uh, that is a lot. 18:10.780 --> 18:11.220 Okay. 18:11.900 --> 18:15.380 You can read them like, uh, this is the a file. 18:15.380 --> 18:17.310 all digital. 18:17.590 --> 18:22.710 And also we have a lot of things like file and also folder. 18:22.750 --> 18:23.510 Okay. 18:23.550 --> 18:24.350 Like this. 18:24.350 --> 18:25.230 This is a file. 18:25.830 --> 18:29.750 And let's come back here. 18:29.790 --> 18:30.510 Hit enter. 18:31.990 --> 18:32.550 Um. 18:42.310 --> 18:43.070 Okay. 18:43.070 --> 18:47.990 This is all and everything now that we can do with them okay. 18:49.870 --> 18:50.270 Uh. 19:01.790 --> 19:02.310 Okay. 19:02.350 --> 19:03.510 So perfect. 19:03.550 --> 19:07.470 Now you have your back door that is working perfectly. 19:07.470 --> 19:13.590 And also you have, uh, your system that is working. 19:13.590 --> 19:13.950 Okay. 19:13.990 --> 19:15.350 So thanks for watching. 19:15.350 --> 19:16.710 And I will see you later.