1 1 00:00:01,240 --> 00:00:03,763 Now that we learned how we can gain access 2 2 00:00:03,763 --> 00:00:07,220 to our target, let's see what we can do with 3 3 00:00:07,220 --> 00:00:08,530 that target. 4 4 00:00:08,530 --> 00:00:10,001 So in this section, we're going to learn 5 5 00:00:10,001 --> 00:00:12,680 a number of things that we can do 6 6 00:00:12,680 --> 00:00:15,250 after we gain access to the computer. 7 7 00:00:15,250 --> 00:00:17,490 Now regardless of the way that you gain 8 8 00:00:17,490 --> 00:00:18,748 the access to that computer, 9 9 00:00:18,748 --> 00:00:21,107 whether you use the server side exploit, 10 10 00:00:21,107 --> 00:00:23,720 whether you used social engineering, 11 11 00:00:23,720 --> 00:00:26,681 if you used the backdoor, if you used a problem 12 12 00:00:26,681 --> 00:00:29,244 with a certain application, we're gonna assume 13 13 00:00:29,244 --> 00:00:31,870 that you gained your access to that computer 14 14 00:00:31,870 --> 00:00:35,427 and we'll see what you can do after that access. 15 15 00:00:35,427 --> 00:00:37,110 In the previous videos, 16 16 00:00:37,110 --> 00:00:40,050 I used to stop once I actually get something like 17 17 00:00:40,050 --> 00:00:41,849 this. So once I get an interpreter session, 18 18 00:00:41,849 --> 00:00:45,360 then I stop and I go to the next lecture. 19 19 00:00:45,360 --> 00:00:48,410 In this lecture and the next few lectures, 20 20 00:00:48,410 --> 00:00:50,071 we're actually going to start by having 21 21 00:00:50,071 --> 00:00:51,590 an interpreter session. 22 22 00:00:51,590 --> 00:00:52,900 So we're not going to talk about how we 23 23 00:00:52,900 --> 00:00:53,900 gained our access. 24 24 00:00:53,900 --> 00:00:55,170 We're gonna talk about the things that 25 25 00:00:55,170 --> 00:00:57,923 we can do after we gained our access. 26 26 00:00:59,070 --> 00:01:00,520 So we're going to talk about really 27 27 00:01:00,520 --> 00:01:02,483 cool things. We're gonna see how you could 28 28 00:01:02,483 --> 00:01:05,580 maintain your access on the target computer. 29 29 00:01:05,580 --> 00:01:07,901 So if the target computer, or the target person, 30 30 00:01:07,901 --> 00:01:11,126 uninstalls the vulnerable program or if they 31 31 00:01:11,126 --> 00:01:13,610 restart their program, their computer, 32 32 00:01:13,610 --> 00:01:17,090 you'll still have access to that computer. 33 33 00:01:17,090 --> 00:01:18,858 We'll see how you could download, upload, 34 34 00:01:18,858 --> 00:01:20,973 read files, open the web cam, 35 35 00:01:20,973 --> 00:01:23,450 start the key loggers. So you'll be able to 36 36 00:01:23,450 --> 00:01:26,100 register any key strikes that the person does. 37 37 00:01:26,100 --> 00:01:28,489 We'll also see how we can use the target computer 38 38 00:01:28,489 --> 00:01:31,290 as a pivot to exploit all the other 39 39 00:01:31,290 --> 00:01:33,710 computers on the same network. 40 40 00:01:33,710 --> 00:01:36,490 So, say for example your target wasn't actually 41 41 00:01:36,490 --> 00:01:38,952 the person or computer that you hacked, but you 42 42 00:01:38,952 --> 00:01:41,410 can use the computer that you hacked 43 43 00:01:41,410 --> 00:01:43,830 in order to hack your target computer if they 44 44 00:01:43,830 --> 00:01:45,730 were on the same network, for example. 45 45 00:01:47,630 --> 00:01:49,940 So again all of the attacks, all of the things 46 46 00:01:49,940 --> 00:01:52,280 that we're gonna do in this section of the 47 47 00:01:52,280 --> 00:01:55,170 course is the Post Exploitation section. 48 48 00:01:55,170 --> 00:01:58,350 So anything that you can do after you exploited 49 49 00:01:58,350 --> 00:02:00,780 your vulnerability and gained access to the 50 50 00:02:00,780 --> 00:02:01,743 target computer.