All language subtitles for 1 - Teaser Hacking a Windows 11 Computer & Accessing Webcam English

af Afrikaans
sq Albanian
am Amharic
ar Arabic Download
hy Armenian
az Azerbaijani
eu Basque
be Belarusian
bn Bengali
bs Bosnian
bg Bulgarian
ca Catalan
ceb Cebuano
ny Chichewa
zh-CN Chinese (Simplified)
zh-TW Chinese (Traditional)
co Corsican
hr Croatian
cs Czech
da Danish
nl Dutch
en English
eo Esperanto
et Estonian
tl Filipino
fi Finnish
fr French
fy Frisian
gl Galician
ka Georgian
de German
el Greek
gu Gujarati
ht Haitian Creole
ha Hausa
haw Hawaiian
iw Hebrew
hi Hindi
hmn Hmong
hu Hungarian
is Icelandic
ig Igbo
id Indonesian
ga Irish
it Italian
ja Japanese
jw Javanese
kn Kannada
kk Kazakh
km Khmer
ko Korean
ku Kurdish (Kurmanji)
ky Kyrgyz
lo Lao
la Latin
lv Latvian
lt Lithuanian
lb Luxembourgish
mk Macedonian
mg Malagasy
ms Malay
ml Malayalam
mt Maltese
mi Maori
mr Marathi
mn Mongolian
my Myanmar (Burmese)
ne Nepali
no Norwegian
ps Pashto
fa Persian
pl Polish
pt Portuguese
pa Punjabi
ro Romanian
ru Russian
sm Samoan
gd Scots Gaelic
sr Serbian
st Sesotho
sn Shona
sd Sindhi
si Sinhala
sk Slovak
sl Slovenian
so Somali
es Spanish
su Sundanese
sw Swahili
sv Swedish
tg Tajik
ta Tamil
te Telugu
th Thai
tr Turkish
uk Ukrainian
ur Urdu
uz Uzbek
vi Vietnamese
cy Welsh
xh Xhosa
yi Yiddish
yo Yoruba
zu Zulu
or Odia (Oriya)
rw Kinyarwanda
tk Turkmen
tt Tatar
ug Uyghur
Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,120 --> 00:00:06,420 ‫Now, before we dive into the course content, I'd like to give you a teaser or a taste of what you'll 2 00:00:06,420 --> 00:00:08,610 ‫be able to do by the end of the course. 3 00:00:09,600 --> 00:00:16,320 ‫So this is going to be one example that's based on one topic that's covered in one subsection of the 4 00:00:16,320 --> 00:00:16,800 ‫course. 5 00:00:17,700 --> 00:00:23,370 ‫Now, because this is a teaser lecture, I'm not going to explain the technical aspect of how am I doing 6 00:00:23,370 --> 00:00:23,610 ‫this? 7 00:00:23,820 --> 00:00:27,390 ‫Because I'm going to teach you how to do this as you go through the course. 8 00:00:27,810 --> 00:00:30,690 ‫For now, just sit back and enjoy this lecture. 9 00:00:31,020 --> 00:00:36,060 ‫And after this lecture, we're going to dive into the course content where you learn how to do things 10 00:00:36,060 --> 00:00:38,010 ‫like this and much, much more. 11 00:00:38,610 --> 00:00:44,130 ‫So in this example, we're going to be hacking this Windows 11 computer from this hacking machine. 12 00:00:45,070 --> 00:00:49,570 ‫And the first section of the course, I'm going to show you how to set up your hiking club, including 13 00:00:49,570 --> 00:00:52,090 ‫this hiking machine and the target windows machine. 14 00:00:52,480 --> 00:00:57,970 ‫But for now, what I want to do is I want to hike this computer from this hiking machine. 15 00:00:59,020 --> 00:01:02,290 ‫Now, the attack that I'm going to show you right now and everything that I show you throughout the 16 00:01:02,290 --> 00:01:06,280 ‫course works on Windows 11 and Windows ten and previous versions. 17 00:01:06,550 --> 00:01:09,640 ‫But for now, I'm using Windows 11 because it's the latest. 18 00:01:10,420 --> 00:01:12,430 ‫And the way that I'm going to hack that computer. 19 00:01:12,580 --> 00:01:15,730 ‫Mainly, I'm going to be using a framework called beef. 20 00:01:16,330 --> 00:01:22,960 ‫Beef is a browser exploitation framework that allows us to run a number of attacks against a target 21 00:01:22,960 --> 00:01:23,440 ‫browser. 22 00:01:23,950 --> 00:01:30,160 ‫Now, for us to be able to use beef, we have to inject beef code into the target's browser. 23 00:01:30,400 --> 00:01:36,610 ‫So we have to actually inject beef code into the browser of the target computer, which happens to be 24 00:01:36,610 --> 00:01:37,840 ‫Chrome in this example. 25 00:01:38,290 --> 00:01:45,250 ‫Now we're going to use another program called Buttercup in order to inject beef hook code automatically 26 00:01:45,370 --> 00:01:46,960 ‫into the target browser. 27 00:01:47,440 --> 00:01:52,180 ‫So the target user will not even know that they clicked or did something suspicious. 28 00:01:52,570 --> 00:01:57,910 ‫Now, I've already configured Buttercup to do that, so I'm simply just going to run it by giving it 29 00:01:57,910 --> 00:02:02,590 ‫to my network interface and giving it a script that I'm calling here. 30 00:02:02,590 --> 00:02:08,860 ‫Spoof the cup that will place me in the middle of the connections, allowing us allowing Buttercup to 31 00:02:08,860 --> 00:02:13,240 ‫inject the hook code of beef into the browser off the target. 32 00:02:13,720 --> 00:02:17,800 ‫Now I'm going to show you how to do this, how to use Buttercup and how to write this script yourself 33 00:02:18,010 --> 00:02:19,150 ‫as we go through the course. 34 00:02:19,240 --> 00:02:21,400 ‫So this is just a teaser for you to enjoy. 35 00:02:21,580 --> 00:02:23,590 ‫Do not worry about the technicalities. 36 00:02:23,980 --> 00:02:25,340 ‫So I'm going to simply run it. 37 00:02:25,600 --> 00:02:30,970 ‫And now Buttercup is going to intercept all the data that will be sent and received from this computer. 38 00:02:31,390 --> 00:02:36,430 ‫And the last step, I'm going to run a couplet that is called Steph's hijack couplet. 39 00:02:36,820 --> 00:02:43,990 ‫This script will allow us to downgrade connections and inject Beef's code into the browser. 40 00:02:44,530 --> 00:02:48,250 ‫Again, I'm going to show you how to write that script and use it later on in the course. 41 00:02:48,250 --> 00:02:50,080 ‫So just watch it and enjoy. 42 00:02:50,410 --> 00:02:52,930 ‫So I'm simply going to hit enter to run that. 43 00:02:52,960 --> 00:02:57,100 ‫And as you can see, we get no errors, meaning that everything is running successfully. 44 00:02:57,670 --> 00:03:03,700 ‫And I'm also in here, if you look at the top part of my terminal window, I'm actually listening for 45 00:03:03,700 --> 00:03:09,880 ‫incoming connections because eventually the end goal is I want to be able to receive a connection from 46 00:03:09,880 --> 00:03:15,580 ‫the target computer, from my backdoor so that I can control their computer and do anything I want on 47 00:03:15,580 --> 00:03:15,700 ‫it. 48 00:03:16,030 --> 00:03:18,280 ‫So right now, I'm listening for incoming connections. 49 00:03:18,280 --> 00:03:21,850 ‫So when my attack is successful, I will get a connection in here. 50 00:03:23,380 --> 00:03:27,170 ‫So let's go ahead to the target computer and simply run the browser. 51 00:03:27,190 --> 00:03:29,980 ‫So we're assuming that this is the normal target user. 52 00:03:30,430 --> 00:03:31,240 ‫On their browser. 53 00:03:31,390 --> 00:03:37,060 ‫And for example, they go to Google Dot IEEE in order to just browse the Internet or search for something 54 00:03:37,060 --> 00:03:38,410 ‫that is interesting to them. 55 00:03:39,250 --> 00:03:45,040 ‫Now, when this happens, Buttercup is going to automatically inject the hook code for beef. 56 00:03:45,430 --> 00:03:50,200 ‫And if we go to beef, you can see that now we have a new online browser. 57 00:03:50,470 --> 00:03:54,370 ‫So right now, beef is connected to this browser right here. 58 00:03:54,370 --> 00:04:01,270 ‫This browser is hooked to beef, and therefore we can click on it, get the detailed information about 59 00:04:01,270 --> 00:04:01,450 ‫it. 60 00:04:01,930 --> 00:04:08,350 ‫And if we click on the commands, we'll be able to run a large number of commands that'll allow us to 61 00:04:08,350 --> 00:04:10,480 ‫do so much on that target. 62 00:04:11,230 --> 00:04:15,580 ‫Now, we will go through all of that later on in the course, but the one that I want to show you right 63 00:04:15,580 --> 00:04:18,220 ‫now is in the social engineering category. 64 00:04:18,400 --> 00:04:23,200 ‫It basically shows a fake notification bar for Chrome browsers. 65 00:04:23,980 --> 00:04:28,270 ‫So we're going to display a message saying Critical update. 66 00:04:28,810 --> 00:04:36,130 ‫Click here to install and then we're going to give a link to my backdoor. 67 00:04:36,970 --> 00:04:40,390 ‫So when the user clicks on that message, they will install a backdoor. 68 00:04:40,840 --> 00:04:45,500 ‫Now I've already created that backdoor and hosted it on the web server of KDE. 69 00:04:45,520 --> 00:04:50,470 ‫Again, I will show you how to use that web server and I'll show you how to create backdoors later on 70 00:04:50,470 --> 00:04:51,130 ‫in the course. 71 00:04:51,160 --> 00:04:56,500 ‫So for now, we're just executing and running information that we already know, just as a teaser. 72 00:04:57,660 --> 00:05:00,930 ‫So I'm going to hit, execute and let's go to the target browser. 73 00:05:01,350 --> 00:05:06,990 ‫And as you can see, we're getting a notification bar in here telling us that there is a critical update. 74 00:05:07,000 --> 00:05:08,130 ‫Click here to install. 75 00:05:08,310 --> 00:05:10,770 ‫Now, you could say that there's an update for Chrome or whatever. 76 00:05:10,770 --> 00:05:12,660 ‫You can make this message more convincing. 77 00:05:13,350 --> 00:05:19,350 ‫So if you click on install, you'll see that the file will get downloaded into my downloads just like 78 00:05:19,350 --> 00:05:20,250 ‫any other file. 79 00:05:20,730 --> 00:05:24,340 ‫And if I go to the downloads, let me show you what this file looks like. 80 00:05:26,460 --> 00:05:30,310 ‫You will notice that the file has the right icon for the Chrome installer. 81 00:05:30,330 --> 00:05:33,210 ‫So right here I actually have a clean Chrome installer. 82 00:05:33,240 --> 00:05:38,160 ‫As you can see, I'm naming it clean and this is the one that actually contains a backdoor. 83 00:05:38,460 --> 00:05:40,590 ‫So you can see the files look identical. 84 00:05:40,950 --> 00:05:43,590 ‫But if I run the updates that we just downloaded. 85 00:05:45,170 --> 00:05:49,300 ‫You will notice that you get this warning for running an executable. 86 00:05:49,310 --> 00:05:54,980 ‫So we're going to run it for an unknown publisher and then it's actually going to let you install Chrome, 87 00:05:55,070 --> 00:05:55,850 ‫as you can see. 88 00:05:55,850 --> 00:05:58,090 ‫So it's a Google update set up. 89 00:05:58,370 --> 00:06:02,000 ‫If you say yes, you'll actually get the normal installer for Chrome. 90 00:06:03,260 --> 00:06:09,590 ‫But if we go to the High Commission in here and look at where I was listening for income and connections, 91 00:06:09,980 --> 00:06:14,240 ‫you will notice that I actually got a connection from the Target Windows Machine. 92 00:06:14,840 --> 00:06:22,310 ‫So now I hacked that computer and I can do anything that the normal user can do on their computer so 93 00:06:22,310 --> 00:06:23,930 ‫I can access their file system. 94 00:06:24,110 --> 00:06:27,290 ‫I can register every keystroke they type on their keyboard. 95 00:06:27,470 --> 00:06:28,790 ‫I can listen to their music. 96 00:06:28,790 --> 00:06:30,110 ‫I can turn on their keyboard. 97 00:06:30,230 --> 00:06:31,640 ‫I can turn on their camera. 98 00:06:31,850 --> 00:06:34,520 ‫I can do anything that they can do on their computer. 99 00:06:35,030 --> 00:06:42,860 ‫And just as a quick example to show you how severe this is, I'm going to do a webcam list to list all 100 00:06:42,860 --> 00:06:45,080 ‫of the webcams connected to this computer. 101 00:06:45,290 --> 00:06:47,420 ‫And as you can see, we have only one webcam. 102 00:06:47,660 --> 00:06:50,390 ‫So I'm going to do webcam stream. 103 00:06:50,870 --> 00:06:52,460 ‫Number one, the first camera. 104 00:06:53,000 --> 00:06:57,230 ‫And if I hit enter, we can see a live stream of the target person. 105 00:06:57,710 --> 00:07:00,890 ‫Now, this is just one example of what you're going to learn in this course. 106 00:07:01,130 --> 00:07:04,340 ‫And like I said, don't worry about the technical aspects. 107 00:07:04,370 --> 00:07:07,550 ‫I've connected a number of attacks here in order to achieve this. 108 00:07:07,730 --> 00:07:13,370 ‫But we're going to focus and cover every single piece of the puzzle that allowed us to do this. 109 00:07:13,550 --> 00:07:14,870 ‫So don't worry about it at all. 110 00:07:14,960 --> 00:07:20,060 ‫This is just a teaser to show you what you're going to be able to do by the end of the course. 11670

Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.