1
00:00:01,210 --> 00:00:08,740
In the previous videos we learned how to create a Trojan buy back during normal files such as images

2
00:00:08,830 --> 00:00:18,400
documents songs and so on so that when executed the user sees the normal file but at the same time our

3
00:00:18,460 --> 00:00:27,460
eval code gets executed in the background so the challenge now is how to deliver this Trojan to the

4
00:00:27,460 --> 00:00:35,010
target the first delivery method that we're going to talk about and my personal favorite is the mail

5
00:00:35,010 --> 00:00:36,020
delivery.

6
00:00:36,120 --> 00:00:42,080
Now this delivery method just like any other delivery methods relies on the information that you gathered

7
00:00:42,090 --> 00:00:45,600
so far so information gathering is very very important.

8
00:00:45,630 --> 00:00:52,850
When it comes to this this delivery method is really handy because you can use it in so many scenarios

9
00:00:53,300 --> 00:00:58,700
you can use it to deliver all the back doors and the evil files that we see so far.

10
00:00:58,700 --> 00:01:04,370
You can use it to pretend to be a friend and contact your friend and tell him to download something

11
00:01:04,700 --> 00:01:10,610
you can use it to pretend to be a Web site that the target Web site interacts with and pretend to be

12
00:01:10,610 --> 00:01:14,740
the argument of the other Web site and ask the target to do something.

13
00:01:14,810 --> 00:01:21,050
You can pretend to be a member of the support team that the target website uses and then ask them to

14
00:01:21,050 --> 00:01:26,090
change their passwords for example for the web server that they're using you can use it to pretend to

15
00:01:26,090 --> 00:01:32,090
be a company that your target interacts with and tell them that there is a new update of your software

16
00:01:32,090 --> 00:01:36,290
that they already use and then get them to download and install a backdoor.

17
00:01:36,590 --> 00:01:41,940
So the possibilities are limitless really when it comes to mail delivery.

18
00:01:42,110 --> 00:01:47,840
In this lecture I'm gonna show you an example of targeting a person that's called Z and I have the information

19
00:01:47,840 --> 00:01:54,140
that we gathered already in our information gathering lecture and after we gathered everything we managed

20
00:01:54,140 --> 00:02:01,700
to see that Zaid has a number of friends in here and the same friends we managed to see their emails

21
00:02:01,700 --> 00:02:09,150
here and we managed to get Z's email which is a that a security dot org now Zaid could be just a normal

22
00:02:09,150 --> 00:02:10,750
person does you want to hack.

23
00:02:10,800 --> 00:02:14,970
He could be a friend of a person that you want to hack but you want to hack state first and then hack

24
00:02:14,970 --> 00:02:16,150
to that person.

25
00:02:16,200 --> 00:02:20,960
He could be the admin of a website or he could be an employee of a company.

26
00:02:21,000 --> 00:02:26,320
It really doesn't matter what we're looking at in this lecture is how can a person that's called Zaid.

27
00:02:26,340 --> 00:02:32,280
And then from there you can leverage that person to hack into other systems or into other networks or

28
00:02:32,280 --> 00:02:33,530
into a different company.

29
00:02:34,760 --> 00:02:40,490
Now from the information that we gathered we seen Zaid has these friends and these are the emails of

30
00:02:40,490 --> 00:02:42,170
his friends.

31
00:02:42,200 --> 00:02:45,960
So what we're going to do is we're going to pretend to be one of these guys.

32
00:02:46,190 --> 00:02:50,600
So I'm not ask at high security dot org and it's this person in here.

33
00:02:50,600 --> 00:02:55,080
His name is Mohammad NASCAR so we're going to pretend to be that person.

34
00:02:55,130 --> 00:03:00,380
We're gonna send an email to Zaid and the email is gonna look as if it's coming from this person and

35
00:03:00,380 --> 00:03:05,640
then we're going to ask Zaid to download a file let's see how this works.

36
00:03:05,720 --> 00:03:10,670
And this is gonna be a more realistic delivery method that you can actually use in real life.

37
00:03:12,990 --> 00:03:15,260
Now there are a number of ways to do this.

38
00:03:15,270 --> 00:03:20,850
The easiest is just to go on Google and look for spoof emails online.

39
00:03:21,090 --> 00:03:24,540
You'll see a lot of Web sites that will allow you to do this.

40
00:03:24,540 --> 00:03:30,680
The only problem with these Web sites is the e-mail that you're going to send will end up in this Palm

41
00:03:30,690 --> 00:03:33,090
directory of the target person.

42
00:03:33,090 --> 00:03:38,420
So it will not be delivered into their inbox which is not great.

43
00:03:38,460 --> 00:03:45,480
The main reason for this is because these Web sites are public and a lot of people use them for spamming

44
00:03:45,930 --> 00:03:53,850
mail servers so such as Google Hotmail and Yahoo have blacklisted these servers and any email that comes

45
00:03:53,850 --> 00:03:59,520
from the servers that these Web sites use will be marked as spam.

46
00:03:59,520 --> 00:04:05,610
Therefore in order to bypass this you can either use your own server if you already have a Web hosting

47
00:04:05,610 --> 00:04:13,080
plan or you can sign up for a free web hosting plan and use that to send your fake emails or an even

48
00:04:13,080 --> 00:04:20,010
better solution is to sign up for an S. MPP or a mail server.

49
00:04:20,010 --> 00:04:26,460
Now again there are a number of Web sites that offer this a lot of them are paid but with the paid Web

50
00:04:26,460 --> 00:04:32,610
sites you'll actually get really really good results because they are used by actual marketers and by

51
00:04:32,700 --> 00:04:34,950
actual companies to send emails.

52
00:04:34,980 --> 00:04:38,250
So spam is never sent through the servers.

53
00:04:38,250 --> 00:04:44,330
If you look through Google for a free as empty server or a free mail server you will find some Web sites.

54
00:04:44,430 --> 00:04:50,130
And an example of this is this one right here and this is also a really really good Web site because

55
00:04:50,190 --> 00:04:58,540
it is a paid Web site but they offer a free plan which we can use to send our fake emails again.

56
00:04:58,550 --> 00:05:06,320
This Web site is designed for e-mail marketing and for actual companies to communicate with their customers.

57
00:05:06,320 --> 00:05:12,860
So when you send e-mails through the servers of this Web site they will not be marked as spam because

58
00:05:12,920 --> 00:05:18,280
it's very rarely used for spam so we're going to sign up with this Web site.

59
00:05:18,280 --> 00:05:24,790
We're just going to pick a user name and I just going to set it to G H and W CKD the same user name

60
00:05:24,790 --> 00:05:35,960
I use for my email then I'm going to input my email and I'm gonna set a password and create the account.

61
00:05:36,190 --> 00:05:42,850
Now I'm gonna go to the email that I used when I signed up and you'll see that we got a welcome message.

62
00:05:42,850 --> 00:05:49,750
I'm going to open it and I'm going to confirm my email address to activate my account.

63
00:05:49,750 --> 00:05:55,390
Now it's asking me for more questions so it's asking for my first name last name company name phone

64
00:05:55,390 --> 00:05:58,230
number company website and so on.

65
00:05:58,240 --> 00:06:00,630
You don't have to fill this very accurately.

66
00:06:00,670 --> 00:06:03,190
I'm just going to use any information for it.

67
00:06:03,310 --> 00:06:10,360
Just make sure you put a correct phone number because they will send a verification code to this phone

68
00:06:10,360 --> 00:06:20,010
number agree to the terms and submit the form now it's asking us for the verification code I have it

69
00:06:20,010 --> 00:06:21,810
here on my phone number.

70
00:06:21,930 --> 00:06:31,150
So it's 8 1 0 5 3 9 and finally it's asking us to select the plan.

71
00:06:31,320 --> 00:06:37,530
Like I said the free one is fine unless you want to send a lot of emails on the same day.

72
00:06:39,280 --> 00:06:41,370
And that's it we're good to go.

73
00:06:41,440 --> 00:06:48,580
So in the next lecture I will show you how to use the s empty P servers offered by this Web site in

74
00:06:48,640 --> 00:06:50,860
order to send fake emails.