1 1 00:00:01,420 --> 00:00:02,390 So far in the course, 2 2 00:00:02,390 --> 00:00:04,260 we seen a number of methods 3 3 00:00:04,260 --> 00:00:06,690 to gain full control over computers. 4 4 00:00:06,690 --> 00:00:09,810 So we seen how to do that using server side attacks, 5 5 00:00:09,810 --> 00:00:12,500 client side attacks, and how to use social engineering 6 6 00:00:12,500 --> 00:00:13,803 to achieve that as well. 7 7 00:00:15,590 --> 00:00:17,200 All of the attacks that we did so far, 8 8 00:00:17,200 --> 00:00:19,210 we did them inside the network. 9 9 00:00:19,210 --> 00:00:22,040 And I chose to do that for convenience. 10 10 00:00:22,040 --> 00:00:24,100 That doesn't mean that these attacks only work 11 11 00:00:24,100 --> 00:00:24,970 inside the network. 12 12 00:00:24,970 --> 00:00:27,510 In fact, all of these attacks work outside 13 13 00:00:27,510 --> 00:00:28,850 the network as well. 14 14 00:00:28,850 --> 00:00:30,740 The only thing is that you need to configure 15 15 00:00:30,740 --> 00:00:34,610 your network in a way to allow incoming connections 16 16 00:00:34,610 --> 00:00:37,570 from the internet from outside your local network. 17 17 00:00:37,570 --> 00:00:40,240 So you can use beef, you can use the back doors, 18 18 00:00:40,240 --> 00:00:41,990 you can use the server side attacks, 19 19 00:00:41,990 --> 00:00:43,400 all the tasks that we did so far, 20 20 00:00:43,400 --> 00:00:45,090 except for the special cases, 21 21 00:00:45,090 --> 00:00:47,720 all the only thing that you wanna keep in mind 22 22 00:00:47,720 --> 00:00:50,460 is you wanna configure your router 23 23 00:00:50,460 --> 00:00:52,930 to handle reverse connections properly 24 24 00:00:52,930 --> 00:00:54,993 and direct them to the kali machine. 25 25 00:00:56,470 --> 00:00:58,700 So right now I'd like to focus on that 26 26 00:00:58,700 --> 00:01:00,670 and show you how that would work 27 27 00:01:00,670 --> 00:01:04,110 and how to configure your router to achieve that. 28 28 00:01:04,110 --> 00:01:04,943 So first of all, 29 29 00:01:04,943 --> 00:01:07,080 let's have a look on a default network setup. 30 30 00:01:07,080 --> 00:01:09,830 So we seen this before we seen a similar diagram. 31 31 00:01:09,830 --> 00:01:12,420 And right here you can see that we have the router, 32 32 00:01:12,420 --> 00:01:15,200 here we have the clients that's connected to the router. 33 33 00:01:15,200 --> 00:01:16,310 And then we have the router 34 34 00:01:16,310 --> 00:01:18,500 that is connected to the internet. 35 35 00:01:18,500 --> 00:01:20,720 And we mentioned before that all the clients, 36 36 00:01:20,720 --> 00:01:22,690 all devices inside the network, 37 37 00:01:22,690 --> 00:01:25,070 they actually don't have internet connection, 38 38 00:01:25,070 --> 00:01:28,420 they can only access the internet through the router. 39 39 00:01:28,420 --> 00:01:30,770 So whenever they want to request something, 40 40 00:01:30,770 --> 00:01:32,920 whenever they want to go to a website, for example, 41 41 00:01:32,920 --> 00:01:36,550 if they wanted to go to Google, this device would actually 42 42 00:01:36,550 --> 00:01:39,350 send a request to the router, 43 43 00:01:39,350 --> 00:01:40,393 the router is gonna go to the internet, 44 44 00:01:40,393 --> 00:01:43,090 it's gonna get google dot com 45 45 00:01:43,090 --> 00:01:45,570 and the response is gonna be sent to the router, 46 46 00:01:45,570 --> 00:01:49,100 then the router will forward that response to the device 47 47 00:01:49,100 --> 00:01:50,093 that requested it. 48 48 00:01:52,350 --> 00:01:57,130 So inside the network, each device has its own private IP. 49 49 00:01:57,130 --> 00:01:59,760 So we can see these IPS are written in red 50 50 00:01:59,760 --> 00:02:02,550 and these only exists within the network, 51 51 00:02:02,550 --> 00:02:04,780 that's why we call them private IPS. 52 52 00:02:04,780 --> 00:02:06,650 Because outside the network, 53 53 00:02:06,650 --> 00:02:08,413 these IPS are not visible. 54 54 00:02:09,950 --> 00:02:13,100 And we can see that the router here has two IPS. 55 55 00:02:13,100 --> 00:02:16,340 So it has a private IP in red, which is accessible 56 56 00:02:16,340 --> 00:02:18,150 by all the devices in the network. 57 57 00:02:18,150 --> 00:02:20,703 And it's only used inside the network. 58 58 00:02:21,600 --> 00:02:24,690 It also has a public IP, which I have here in green. 59 59 00:02:24,690 --> 00:02:27,940 And this is the IP that's accessible through the internet. 60 60 00:02:27,940 --> 00:02:30,120 So this is the IP that Google sees. 61 61 00:02:30,120 --> 00:02:31,970 So whenever you actually go to Google 62 62 00:02:31,970 --> 00:02:33,400 or to any other website, 63 63 00:02:33,400 --> 00:02:34,920 they see an IP address, 64 64 00:02:34,920 --> 00:02:37,550 but they won't see your private IP address, 65 65 00:02:37,550 --> 00:02:40,070 they'll actually see the IP address of the router 66 66 00:02:40,070 --> 00:02:41,900 because the router is the device 67 67 00:02:41,900 --> 00:02:43,770 that actually making the request, 68 68 00:02:43,770 --> 00:02:45,290 it's not you. 69 69 00:02:45,290 --> 00:02:48,190 So all the requests made by all of these devices 70 70 00:02:48,190 --> 00:02:51,880 on the same network, they'll all appear as if they're coming 71 71 00:02:51,880 --> 00:02:55,300 from the same machine or from the same IP. 72 72 00:02:55,300 --> 00:02:58,390 This is again because the only device that has access 73 73 00:02:58,390 --> 00:03:00,830 to the internet is the router 74 74 00:03:00,830 --> 00:03:02,423 and it's none of these devices. 75 75 00:03:04,220 --> 00:03:06,290 Now, let's go back to our scenario. 76 76 00:03:06,290 --> 00:03:08,510 So we usually, in most cases, 77 77 00:03:08,510 --> 00:03:11,160 or if you think about it in all of the attacks that we do, 78 78 00:03:11,160 --> 00:03:13,820 the main thing is we want to get a reverse connection. 79 79 00:03:13,820 --> 00:03:16,860 Even when we're using beef, we actually get a connection 80 80 00:03:16,860 --> 00:03:18,230 or Port 3000, 81 81 00:03:18,230 --> 00:03:20,860 which is the part that beef is working on. 82 82 00:03:20,860 --> 00:03:23,330 And when we're using our back doors, 83 83 00:03:23,330 --> 00:03:26,990 we actually receive a connection on the port that we specify 84 84 00:03:26,990 --> 00:03:28,690 when we make the back door. 85 85 00:03:28,690 --> 00:03:30,570 So the things that to keep in mind 86 86 00:03:30,570 --> 00:03:31,760 when you want to send that back 87 87 00:03:31,760 --> 00:03:33,910 to your to somewhere outside your network, 88 88 00:03:33,910 --> 00:03:35,800 the first thing you wanna keep in mind is that 89 89 00:03:35,800 --> 00:03:38,450 your local IP is not gonna be visible. 90 90 00:03:38,450 --> 00:03:41,800 So what you wanna do is you wanna use the public IP, 91 91 00:03:41,800 --> 00:03:43,373 the IP of the router. 92 92 00:03:44,220 --> 00:03:47,510 And to get that all you have to do is just go on Google, 93 93 00:03:47,510 --> 00:03:49,563 and then type in what's my IP. 94 94 00:03:53,310 --> 00:03:55,240 And as you can see, Google is telling me that 95 95 00:03:55,240 --> 00:03:59,470 my IP address is this and this IP will actually be the same 96 96 00:03:59,470 --> 00:04:02,043 from all machines in the same network. 97 97 00:04:03,400 --> 00:04:05,600 Now, I should note here, if I run if config, 98 98 00:04:07,960 --> 00:04:10,190 I'm actually connected through a wireless card, 99 99 00:04:10,190 --> 00:04:12,240 so I'm not using a net connection, 100 100 00:04:12,240 --> 00:04:15,690 I'm using an external wireless card that's connected 101 101 00:04:15,690 --> 00:04:17,373 to my home network right here. 102 102 00:04:18,960 --> 00:04:21,890 So all the devices in my wireless network 103 103 00:04:21,890 --> 00:04:25,140 at home will have this IP. 104 104 00:04:25,140 --> 00:04:27,860 Again, that's because they all use the same router, 105 105 00:04:27,860 --> 00:04:30,053 they're all connected to the same network. 106 106 00:04:31,520 --> 00:04:35,440 So we're gonna use this IP in our back door, 107 107 00:04:35,440 --> 00:04:38,350 we're gonna send the back door to a person that exists 108 108 00:04:38,350 --> 00:04:40,570 on the internet so exists in here, 109 109 00:04:40,570 --> 00:04:42,750 that person is gonna run that back door, 110 110 00:04:42,750 --> 00:04:45,820 and that back door is gonna use a reverse connection. 111 111 00:04:45,820 --> 00:04:49,100 So it's gonna try to connect back to the router 112 112 00:04:49,100 --> 00:04:51,000 on port 8080 for example, 113 113 00:04:51,000 --> 00:04:54,360 if we chose that port in the backdoor. 114 114 00:04:54,360 --> 00:04:58,260 Once thereafter gets a request for Port 8080 it know 115 115 00:04:58,260 --> 00:05:01,380 what to do with it because the router is not actually 116 116 00:05:01,380 --> 00:05:03,410 listening to Port 8080. 117 117 00:05:03,410 --> 00:05:05,390 And this request will not tell the router 118 118 00:05:05,390 --> 00:05:07,240 where it wants to go. 119 119 00:05:07,240 --> 00:05:10,200 So what we need to do is we need to configure the router 120 120 00:05:10,200 --> 00:05:13,560 to tell it whenever you get a request on port 8080, 121 121 00:05:13,560 --> 00:05:16,733 then I want you to forward that port to the kali machine. 122 122 00:05:17,820 --> 00:05:19,800 And you can do that for any port you want. 123 123 00:05:19,800 --> 00:05:21,980 So I'm just using 8080 as an example. 124 124 00:05:21,980 --> 00:05:24,390 But you can do it for any port 125 125 00:05:24,390 --> 00:05:25,270 that you're listening on, 126 126 00:05:25,270 --> 00:05:28,950 whether it's 8080, 444 or 3000 for beef. 127 127 00:05:28,950 --> 00:05:30,960 The main idea is you wanna use 128 128 00:05:30,960 --> 00:05:33,090 your real IP outside the network. 129 129 00:05:33,090 --> 00:05:35,520 So whenever we run any attack in previous lectures, 130 130 00:05:35,520 --> 00:05:37,500 and even in future lectures, 131 131 00:05:37,500 --> 00:05:39,670 if you wanna run that attack on the internet 132 132 00:05:39,670 --> 00:05:40,930 on someone that doesn't exist 133 133 00:05:40,930 --> 00:05:43,060 on your home network, then first of all, 134 134 00:05:43,060 --> 00:05:46,220 make sure you use your public IP. 135 135 00:05:46,220 --> 00:05:50,070 And make sure you configure your router to forward requests 136 136 00:05:50,070 --> 00:05:53,143 on the port that you're listening on to the kali machine. 137 137 00:05:54,130 --> 00:05:54,963 And I'm gonna show you 138 138 00:05:54,963 --> 00:05:56,680 how to do that in the next lecture. 139 139 00:05:56,680 --> 00:05:58,500 Right now, I just want you to get the idea 140 140 00:05:58,500 --> 00:05:59,920 of what we need to do 141 141 00:05:59,920 --> 00:06:01,500 and how is that gonna work. 142 142 00:06:01,500 --> 00:06:03,570 So we're gonna have examples in the next lectures 143 143 00:06:03,570 --> 00:06:05,603 and it's gonna become much more clear.