Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:01,260 --> 00:00:08,050 During the section I will focus about how to do the same attacks that we explain during this course. 2 00:00:08,410 --> 00:00:15,820 Ultimately how can I compromise system remotely system could be a computer could be a mobile phone. 3 00:00:16,030 --> 00:00:17,780 Any system how to do that. 4 00:00:18,210 --> 00:00:22,120 We focus using the attacks to do that locally. 5 00:00:22,140 --> 00:00:24,560 I mean how can we attack target locally. 6 00:00:24,570 --> 00:00:27,110 But we need to see how to do that. 7 00:00:27,600 --> 00:00:32,850 Now to be able to do that we're going to follow the same steps of the previous attack except we need 8 00:00:33,240 --> 00:00:38,030 to do to change or to have two different chances number one. 9 00:00:38,100 --> 00:00:42,030 And instead of using your private IP you can use your public IP. 10 00:00:42,120 --> 00:00:50,390 I mean in most of the previous attack we used the private IP which was 1 9 2 and 6 8 200 whatever. 11 00:00:50,700 --> 00:00:56,850 But in this case if you are sending to the victim a public IP you need to send them you send them your 12 00:00:56,850 --> 00:00:57,270 IP. 13 00:00:57,270 --> 00:01:00,470 You need to send them your public IP not your private. 14 00:01:01,230 --> 00:01:07,470 And to be able to know what public IP you are using simply just type what is my IP dot com and I believe 15 00:01:07,470 --> 00:01:09,270 I already explained that before. 16 00:01:09,390 --> 00:01:13,420 What is my IP document to show you what IP you are using. 17 00:01:13,470 --> 00:01:19,120 But definitely we will not use this IP the same way it is because this is evidence against you. 18 00:01:19,380 --> 00:01:26,020 So number one is that for the attack or if you are implementing any malicious code or doing any social 19 00:01:26,020 --> 00:01:34,080 engineering you need to send them here is your public IP not your private IP. 20 00:01:34,090 --> 00:01:39,380 The ones that you are using internally but this is not actually the main issues that I need to explain 21 00:01:39,380 --> 00:01:39,950 is this. 22 00:01:40,000 --> 00:01:46,240 The main issues and I need to explain in this issue that you need to configure port forwarding and I 23 00:01:46,240 --> 00:01:52,090 need to explain to you what is port for all of this is the core or the main issue to be able to establish 24 00:01:52,400 --> 00:01:57,420 a remote attack what is port forwarding. 25 00:01:57,600 --> 00:02:04,920 Now let's take this small diagram that we are explaining assumes that the victim are behind. 26 00:02:05,140 --> 00:02:10,470 Are are on the Internet and this is your network zone on the right. 27 00:02:10,470 --> 00:02:11,990 It's your net or other machine. 28 00:02:12,000 --> 00:02:21,150 You have many Compte many devices on Cybernetica of some machine which has 1 1962 1 2 2 1 0 6 1 0 7 29 00:02:21,500 --> 00:02:28,440 you have a mobile phone you have a server you have a tablet so you have different computer on your network 30 00:02:29,220 --> 00:02:33,570 and all the computer and all the devices that have different private IP. 31 00:02:33,750 --> 00:02:38,380 But they have the same public IPs IPs that I showed you. 32 00:02:38,700 --> 00:02:44,810 It's the same public IP so all the machine has the same public IP but they have a different private. 33 00:02:45,060 --> 00:02:50,300 And actually the public IP is not the one who is assigned to the computer. 34 00:02:50,490 --> 00:02:52,890 The public IP is a router IP. 35 00:02:52,890 --> 00:02:56,660 So all of them because they are using the same router to connect to the Internet. 36 00:02:56,670 --> 00:03:02,640 So they are using the IP of the router which is a public IP. 37 00:03:02,640 --> 00:03:06,470 So you need to understand the difference between private and public. 38 00:03:06,480 --> 00:03:14,590 Now here is a scenario assumes that I did send to the victim that is on this global or on the internet. 39 00:03:15,010 --> 00:03:17,040 If you are an. 40 00:03:17,220 --> 00:03:20,390 That is the IP of your computer. 41 00:03:20,520 --> 00:03:21,260 Right. 42 00:03:21,690 --> 00:03:26,160 And once you click on this you are then I will get full access to his machine. 43 00:03:26,160 --> 00:03:31,560 Now what happened is because I'm sending that to someone that is on the Internet and so and I didn't 44 00:03:31,560 --> 00:03:38,310 send them in my private as I just mentioned I send to the victim my public IP which is the router IP. 45 00:03:38,580 --> 00:03:45,370 So I'm assuming that I sends email for the victims the victim are clicking on the public IP. 46 00:03:45,380 --> 00:03:53,080 Now he's trying to connect to the public IP so the traffic would reach the router. 47 00:03:53,500 --> 00:03:53,830 Right. 48 00:03:53,830 --> 00:04:01,000 I mean the victims connecting to the router and then he will be confused to which computer I need to 49 00:04:01,000 --> 00:04:05,910 connect to this computer or that computer or my mine or my tablet. 50 00:04:06,160 --> 00:04:11,680 So what I'm saying is when the traffic is a malicious traffic or as the victim is doing a reverse connection 51 00:04:12,750 --> 00:04:19,790 back OK and he's connecting from his computer to the hacker computer since he's connected to the public 52 00:04:19,790 --> 00:04:20,440 IP. 53 00:04:20,780 --> 00:04:25,250 So the traffic would reach to the router and then he would be confused he can find that there is many 54 00:04:25,250 --> 00:04:30,500 computer behind this router so to which machine he should connect. 55 00:04:30,690 --> 00:04:35,700 And this is where I need to configure according to the port. 56 00:04:35,810 --> 00:04:41,990 So you notice that you noticed in some previous attack that we were specifying that the victim will 57 00:04:41,990 --> 00:04:49,200 do a reverse connection to my computer which has this IP and I have to specify support as well. 58 00:04:50,610 --> 00:04:56,760 If you go back to the attacks that we implemented in social engineering on malicious software or our 59 00:04:57,210 --> 00:05:03,240 set or any attack you notice that whenever we are configuring attack we need to specify IP which in 60 00:05:03,630 --> 00:05:12,260 our IP private IP and support what will be change as you're going to see on the next demonstration I'm 61 00:05:12,260 --> 00:05:17,090 going to change a private IP to the public IP and I'm going to keep support. 62 00:05:17,180 --> 00:05:21,980 But what I'm going to do and what I do on my router I'm going to go to my router and go tell him any 63 00:05:21,980 --> 00:05:28,970 traffic coming from outside if it target port for 444. 64 00:05:28,990 --> 00:05:32,500 Please forward this traffic to my computer. 65 00:05:32,500 --> 00:05:36,720 If your target port four five six it please forward to. 66 00:05:36,820 --> 00:05:42,520 So I'm configuring router to receive the traffic and forwards the traffic according to the port number. 67 00:05:42,730 --> 00:05:47,230 It depends on the traffic is coming to each port. 68 00:05:47,770 --> 00:05:49,430 So I'm going to show you how to do that. 69 00:05:49,660 --> 00:05:55,120 And then it would be more clear it clear once we take an example to do this port forwarding which will 70 00:05:55,120 --> 00:06:01,040 allow to accept the traffic router accept traffic and forwards traffic to a specific machine. 71 00:06:01,420 --> 00:06:10,780 I need to go to my router so you can go to your router by typing the router IP if you are not aware 72 00:06:10,780 --> 00:06:13,610 of the router IP you just check. 73 00:06:13,630 --> 00:06:20,200 It's usually written on the bottom of the router but most of the cases it's 1 and 2 and 6 to 1 or 2 74 00:06:20,200 --> 00:06:25,750 0 to 1 this is most of the router has this default IP to allow you to configure the. 75 00:06:26,230 --> 00:06:27,590 And I will go here. 76 00:06:28,430 --> 00:06:33,400 And talk to my router and we're going to go to the adventure setting. 77 00:06:33,470 --> 00:06:38,860 The interface will be change that will be different depending on what router you are using but you're 78 00:06:38,890 --> 00:06:41,810 going to look for the same options that you are doing. 79 00:06:41,810 --> 00:06:45,350 So in my case I would look for port forwarding. 80 00:06:45,350 --> 00:06:51,680 This is the main things that you need to learn to be able to do a remote attack. 81 00:06:52,010 --> 00:06:57,050 And don't worry if things seem to be a little bit complex it is quite easy once we take a demonstration. 82 00:06:57,050 --> 00:06:58,320 It will be quite easy. 83 00:06:58,700 --> 00:07:03,790 And here I can say I have to specify so I paeans support. 84 00:07:04,160 --> 00:07:12,840 So since I will accept the traffic on my Linux machine let me see the IP of my Linux machine. 85 00:07:18,670 --> 00:07:19,970 My Linux. 86 00:07:20,010 --> 00:07:23,190 So let's see. 87 00:07:23,190 --> 00:07:24,650 Let me clear the screen 88 00:07:28,920 --> 00:07:33,410 and let me type f config. 89 00:07:38,250 --> 00:07:47,600 And as you can see IPs 1 9 2 and 62 6:39 So going back here I will type regarding the IP which is my 90 00:07:47,600 --> 00:07:54,650 Kennedy-Nixon which could be the generic or backtrack any any computer 1 and 2 and 6 2 2 2 1 0 7. 91 00:07:55,010 --> 00:07:55,750 OK. 92 00:07:56,090 --> 00:08:01,600 If you receive the TCAP traffic I can keep TCAP or read your post but in my case most of that could 93 00:08:01,640 --> 00:08:10,250 be TCAP something in any traffic TCAP traffic coming from outside and requesting to connect to port 94 00:08:10,460 --> 00:08:19,010 4 4 4 4 depending on the attack will be done on which port I mean if that could be you'll be sending 95 00:08:19,010 --> 00:08:25,640 in traffic that will allow the victim to connect on port 4 4 3 or 5 5 or whatever port you put the port 96 00:08:25,640 --> 00:08:31,330 here and you click on apply change and it's true true down here. 97 00:08:31,660 --> 00:08:33,680 Now what exactly is a slide means. 98 00:08:33,680 --> 00:08:41,080 This means that any traffic coming from outside from the Internet to the router if the traffic is showing 99 00:08:41,080 --> 00:08:44,820 that is coming or targeting port for 444. 100 00:08:44,860 --> 00:08:51,770 Please forward this traffic to the this IP which is Michael in the next IP and on Michael in the next 101 00:08:51,790 --> 00:08:59,200 I will establish a listener and he will accept that if you didn't do this specific step any traffic 102 00:08:59,200 --> 00:09:04,750 coming from outside to the router will be stuck because he don't know to which computer behind the router 103 00:09:04,780 --> 00:09:06,430 he should connect. 104 00:09:06,460 --> 00:09:10,350 So let's see a real example to simplify the process. 105 00:09:10,370 --> 00:09:15,900 But what I want you to do right now is to go inside your router configuration do not change anything 106 00:09:15,910 --> 00:09:22,300 just shiksas port forwarding and on the next election we're going to take a real example to show you 107 00:09:22,300 --> 00:09:22,810 how it all. 11645