Cyber security full course | Learn hacking with Backdoo… — Transcript

No-dash-ip.com. This website allows you to create a hostname, a permanent hostname for your temporary dynamic IP address at home. In other words, I could go to nodaship.com and I could create a permanent hostname or a permanent domain name like Ankit.no-dash-ip.com, which will always point to my current IP address, whatever that dynamic temporary current IP is.

dash ip.com which will always point to my current IP address whatever that Dynamic temporary current iprs I have so let me open up this website so follow if you look at the screen this is what this I website looks like it

So let me open up this website. So follow. If you look at the screen, this is what this website looks like. It says, "Dynamic IP address? No problem. Pointed to a static hostname for easy remote access."

your Dynamic IP address you can easily do that right so from anywhere in the world you can access your computer so let's assume I created something like Ankit dot no dash ip.com so now what I do is in this server

So see, another use of this website is that maybe you want to remotely access your home computer from anywhere on the internet. So by creating a hostname for your dynamic IP address, you can easily do that, right? So from anywhere in the world, you can access your computer.

victim's computer no matter what my IP address is no matter when the victim comes online for the rest of my life even if my IP address keeps changing the victim's computer will always be connected back to my computer

So let's assume I created something like Ankit.no-dash-ip.com. So now what I do is in this server builder, I’m gonna type Ankit.no-dash-ip.com. So instead of typing the IP address, I will type my hostname, my dynamic hostname, or whatever you want to call it.

dynamic IP address by combining lost door with no dash ip.com most of the problems related to using Trojans have now been counted or gotten readoff now just like no dash ip.com there's another very interesting website known as Dynamic DNS

And now what happens is when I build the server and infect the victim's computer, no matter what my IP address is, no matter when the victim comes online, for the rest of my life, even if my IP address keeps changing, the victim's computer will always be connected back to my computer.

your Dynamic IP address so typically you've got to click on remote access this is a paid service but it's completely worth it if you're planning to use a Trojan like lost door on a lot of victims around the world because then

So I don't need to worry about antiviruses anymore. I don't need to worry about finding out the victim's IP address. I don't need to worry whether the victim has a dynamic IP address, and I also don't need to worry if I have a dynamic IP address. By combining Lost Door with no-dash-ip.com, most of the problems related to using Trojans have now been counted or gotten read off.

undetectable Trojan or a fat Trojan you have a few other fat Trojans which I like to actually recommend to all of you lostore is fabulous lost door works but just in case it stops working or it starts getting detected by antivirus

Now just like no-dash-ip.com, there's another very interesting website known as Dynamic DNS, Dyn DNS. So let me actually just do a Google search and open up the website for all of you, Dynamic DNS. So the website address is dyn.com or din.com. It pretty much does the same thing. It allows you to create a domain name for your dynamic IP address.

law store if all of you look at the screen this is what nuclear rat looks like you gotta first click on create server it will ask you to enter the IP address of your own computer it says reverse

So typically, you've got to click on remote access. This is a paid service, but it's completely worth it if you're planning to use a Trojan like Lost Door on a lot of victims around the world because then you don't need to worry about finding out the victim's IP address ever again, and the victim will always connect back to you.

options where you can choose the file name so I would say system 32 something then the dll name subfolder uh the startup methods then what options you want melt server option I believe is it basically will automatically get deleted after it's

So you have no-dash-ip.com and also you have din.com. As simple as that. Now just like Lost Door is a fully undetectable Trojan or a fat Trojan, you have a few other fat Trojans which I like to actually recommend to all of you. Lost Door is fabulous. Lost Door works, but just in case it stops working or it starts getting detected by antivirus software, I like to recommend another fully undetectable Trojan to all of you.

your own server and then you can even share that server with different IP addresses or with different victims so the concept is just like lost door it just looks different and it's a different software one more five project which I like to

It's called Nuclear RAT. Nuclear RAT. Let me quickly give a demonstration of Nuclear RAT to all of you. So the funda is pretty much the same as Lost Door. If all of you look at the screen, this is what Nuclear RAT looks like. You gotta first click on create server. It will ask you to enter the IP address of your own computer. It says reverse connection.

somebody else's computer and start controlling that person's computer now some of these Trojans which use a reverse connection where the victim connects to you you may have to do some port forwarding on your router so that when the connection comes from

So when the victim connects to you, it is often known as reverse connection. So you enter your own IP or you type in the dynamic no-dash-ip.com or the din dns.com hostname. Then you can choose the installation options where you can choose the file name. So I would say system32 something, then the DLL name, subfolder, the startup methods, then what options you want. Melt server option, I believe, is it basically will automatically get deleted after it's been installed. You can have some messages that get displayed. It records some stuff and so on.

visit no dash ip.com or din.com to get details on what kind of forwarding you need to do for this to work properly now typically how do these Trojans work right so what happens is that once you infect the victim's computer with a

So that's basically how, and once you basically execute it, just choose where you want to save it. So that's basically how you can use Nuclear RAT to create your own server, and then you can even share that server with different IP addresses or with different victims. So the concept is just like Lost Door. It just looks different and it's a different software.

will be connect to your computer I'll be connecting to that particular port on your computer so in a regular Trojan a port gets opened on victim's computer and then attacker connects to that port so that's what happens in a regular

One more five project which I like to recommend to all of you is Poison IV. Poison IV. So you had Nuclear RAT, Lost Door, and then Poison Ivy. All are great examples of fat Trojans that allow you to actually create your own Trojans from scratch so that you can infect somebody else's computer and start controlling that person's computer.

PC securityworld.com 75 slash common project ports or HTML there's an entire list of different port numbers that are commonly used by popular Trojans so I can quickly open it for all of you just to give all of you an idea

Now some of these Trojans which use a reverse connection where the victim connects to you, you may have to do some port forwarding on your router so that when the connection comes from that remote system to your machine, if you have a router, maybe a Wi-Fi router or something, then it knows where to forward the connection. So you can go to this website portforward.com to get instructions on how to do the forwarding. You can also visit no-dash-ip.com or din.com to get details on what kind of forwarding you need to do for this to work properly.

use on your computer now at this stage I like to actually talk a little bit about some Advanced uh Trojans as well and I would like to call them back doors later on in this course we'll be discussing back doors in detail

Now typically, how do these Trojans work, right? So what happens is that once you infect the victim's computer with a Trojan, a port gets opened on it. So imagine I infect your computer with NetBus. Forget about reverse connections for a minute. I infect your computer with NetBus. It will open a port on your machine, and when I try to connect to your port, I will be connected to your computer. I'll be connecting to that particular port on your computer.

so the big difference here is you are sending a PDF file to the victim see Trojans you're still sending an exe file even if you're using an exe binder you're still sending an exe file to the victim and if the victim is a little bit

So in a regular Trojan, a port gets opened on the victim's computer, and then the attacker connects to that port. So that's what happens in a regular Trojan. In a reverse Trojan, something similar happens. In a reverse Trojan, a port gets opened on the attacker's computer, and then the victim connects to that port. So that's the difference between a regular Trojan and a reverse Trojan.

and then the victim opens it gets infected and a reverse shell connection gets established between victim and attacker and now the attacker has shell access to victim's computer which means that using shell commands victim computer can be controlled so

Now if you go to this particular website, PCsecurityworld.com/75/commonprojectports.html, there's an entire list of different port numbers that are commonly used by popular Trojans. So I can quickly open it for all of you just to give all of you an idea of the information that's there on this particular website.

hackers talking about oh I got shell access to the victim's computer or I you know I execute a reverse shell attack so that's pretty much what happens in a reverse shell attack or when you use a backdoor to kind of enter the victim's

So if you look at the screen, it says list of ports used by Trojans, and there's an entire list of popular Trojans and the various port numbers that they use on your computer.

could also add an additional step which is optional you encode the file to avoid antivirus detection so you encode the PDF file using some encoding and then you send the file to the victim so imagine being able to hide a Trojan

Now at this stage, I like to actually talk a little bit about some advanced Trojans as well, and I would like to call them backdoors. Later on in this course, we'll be discussing backdoors in detail.

so we will be discussing that later on in this particular course right now it is more of a fundamental introduction to Trojans but I just wanted all of you to know that there are there is an advanced version to this as well

Imagine the following scenario. Step number one is that the attacker backdoors a PDF file or maybe an Excel file or maybe a Word document or maybe a malicious link. Step number two, attacker sends that to victim.

particular website and check on this website now you can actually leave a back door or a root kit on the victim's computer using ncat in other words you can actually imagine that you go to your friend's house and your friend leaves you alone with

So the big difference here is you are sending a PDF file to the victim. See, Trojans, you're still sending an exe file. Even if you're using an exe binder, you're still sending an exe file to the victim, and if the victim is a little bit technical or if he's aware, he will actually not use or not open the exe file. But in backdoors, you can actually backdoor a PDF file, an Excel file, a Word document, or a malicious link and send that to the victim.

software that we saw early on in this particular course so let us see how you can do that so I open up MS-DOS and I'm gonna type this command so first of all of you can copy this command down I'll

And then the victim opens it, gets infected, and a reverse shell connection gets established between victim and attacker. And now the attacker has shell access to victim's computer, which means that using shell commands, victim's computer can be controlled. So attacker controls victim's computer.

followed by the port number on which you want to open this connection followed by dash dash exec which means execute and Then followed by the exe file which basically opens that file for you or which basically means that as soon as

So these are the four simple steps that can be used to infect the victim's computer. I'll call it backdoors or reverse shell attacks. So how to get shell access to the victim's computer. You keep hearing hackers talking about, "Oh, I got shell access to the victim's computer," or, "I, you know, I execute a reverse shell attack." So that's pretty much what happens in a reverse shell attack or when you use a backdoor to kind of enter the victim's computer, all of this using Metasploit and Meterpreter.

computer or my friend's computer I copy the Vic the Trojan to his computer but I don't execute it instead I just type this command into into MS-DOS so let's do that so this command has been okay let me I'll have to manually type

So this is an ultimate form of a Trojan which is pretty difficult to detect and pre-

I just open up another MS-DOS prompt and this imagine this is on the criminals computer and I placed that command and within a few seconds if you notice the notepad file is open on the victim's computer so ncat allows you to create a server or a

back door that is listening for a connection on a particular Port which in this case was Port 8000 and as soon as somebody connects to Port 8000 on the victim's computer automatically the notepad.exe file gets executed or gets

opened and instead of the notepad.exe file we could also execute some other malicious file which could cause serious damage to the victim's computer now another way in which you can actually hide a Trojan or make it harder for the victim to understand what a

Trojan whether it's a Trojan or not there's a software called restorator restorator 2007 is basically a pretty old software but it allows you to change the images icons dialog boxes menus and the text that gets displayed in an exe

file or a dll file so you can customize the look and feel of the exe file so that the victim will not even know that um it's a it's a Trojan or some kind of virus now Trojans have been around for a very

long time and traditionally the Trojans only existed on computers and laptops but nowadays you have Trojans for mobile phones as well and one of the first projects that became very popular on the mobile phone platform was a few years ago when

blackberry and BBM messenger was very popular the name of the Trojan was Zees Trojan and what it did was once your mobile phone was infected with the Zs Trojan it would steal all the saved passwords from your phone it would forward or delete

messages from your phone and lots of block calls from certain numbers to your phone so Zs Trojan was the first major outbreak of mobile phone Trojans or for the mobile phone platform even the Android platform has not been spared

one of the first major attacks on the Android platform was was a Trojan or a virus called Droid dreams what it did was it basically infected thousands of legitimate or regular apps in the Android play store and people would just download that app

thinking that it's a regular app but actually the app that they're downloading had a Trojan hidden inside it and the names of these apps would be very attractive like you know XXX photos or some game or some background wallpaper something so

attractive apps were used to hide Trojans inside them and then people would download them from the official app store and actually they are frozen that would spy upon their transactions transfer data from their Android phone back to the criminal

adjust the way you have Trojans you also have something known as key loggers key loggers are basically tools that once installed on your computer whatever Keys you're pressing on your computer will get recorded in the key loggers log

file and then periodically maybe once a week or once a month or on a particular date the log file containing everything that you have typed on your computer will get sent back to the criminal and one of my

favorite key loggers is a software called refrog r e f o g fog so I'm just gonna try and open up refog on my computer let me open up the latest version I may have to install it so give me a minute while I quickly

install it and let's launch the refock keylogger so as you can see it takes hardly a few seconds to install this key logger so if you are at your friend's house you can quickly install it on your friend's

computer and then set it up in such a way that it'll record all the keys that your friend is typing and maybe next week or X number of days later it will automatically email the the keylogger file to you or the

keylogger log file to you so I'm just waiting for a refoc to open up on my computer so I can give a demonstration to all of you it's taking some time to open let's just wait