1
00:00:00,330 --> 00:00:06,130
Hello everyone and welcome to our next project which is going to be a project on our spoofing.

2
00:00:06,180 --> 00:00:10,650
Now this is going to be a little bit of hard to project than the previous few that we did.

3
00:00:11,070 --> 00:00:15,990
Since we are going to interact with different packets and different Internet protocols inside of this

4
00:00:15,990 --> 00:00:22,230
section we're also going to introduce a new library which is a massive library called Skippy which allows

5
00:00:22,230 --> 00:00:26,530
us to modify send and receive different packets and responses.

6
00:00:26,530 --> 00:00:33,060
All right now for those of you that are not familiar with networking with our spoofing or with our packets

7
00:00:33,060 --> 00:00:38,590
in general I will make sure to leave some of the resources links so you can read more about the art

8
00:00:38,610 --> 00:00:41,570
spoofing and understand it a whole lot better.

9
00:00:42,000 --> 00:00:44,880
In this project we're going to create two programs.

10
00:00:44,880 --> 00:00:48,300
First one is going to be the manual of spoofing.

11
00:00:48,300 --> 00:00:52,560
So we're going to go through the entire process of our spoofing line by line.

12
00:00:52,590 --> 00:00:55,630
We're going to see the responses how it happens.

13
00:00:55,710 --> 00:01:00,810
What we need to specify in order for our spoofing to happen and then we're going to create that second

14
00:01:00,810 --> 00:01:04,380
program which is going to automate that entire process.

15
00:01:04,380 --> 00:01:09,360
The reason why we are first performing the manual large spoofing is so we can understand everything

16
00:01:09,450 --> 00:01:10,560
a little bit better.

17
00:01:11,070 --> 00:01:12,330
All right.

18
00:01:12,570 --> 00:01:15,180
Now let's explain our spoofing briefly.

19
00:01:15,180 --> 00:01:18,000
Well let's imagine we have three machines on the network.

20
00:01:18,120 --> 00:01:21,000
The first one is router which is routing the connections.

21
00:01:21,090 --> 00:01:24,120
The second two are two different laptops.

22
00:01:24,360 --> 00:01:28,610
One of them is the target laptop and one of them is the attacker laptop.

23
00:01:28,620 --> 00:01:34,620
Now the attacker machine sends the art packets which tell the router and tell the machine that their

24
00:01:34,620 --> 00:01:37,650
connection should go over the attackers machine.

25
00:01:38,680 --> 00:01:39,640
How do they do that.

26
00:01:39,850 --> 00:01:45,670
Well simply the attacker sends their after a packet which tells the router Hey I am the target machine.

27
00:01:45,670 --> 00:01:49,740
You can send the packets to me instead of the real target machine.

28
00:01:49,780 --> 00:01:55,150
Then what we do with those packets we read them and then we can forward them to the actual target machine.

29
00:01:55,150 --> 00:02:02,020
So the target will have no idea that anything is happening since the packets are arriving at the destination.

30
00:02:02,260 --> 00:02:04,150
We do the opposite to the target.

31
00:02:04,150 --> 00:02:09,680
So we send the hour back is to the target which tell the target machine Hey I am the router.

32
00:02:09,760 --> 00:02:11,390
Please send the packets to me.

33
00:02:11,470 --> 00:02:16,990
And then the packets that were supposed to go from the target machine to the router go first to our

34
00:02:16,990 --> 00:02:19,620
machine and then we forward them to the altar.

35
00:02:19,900 --> 00:02:25,150
And therefore we are the man in the middle there by our spoofing the connection.

36
00:02:25,150 --> 00:02:25,640
All right.

37
00:02:25,660 --> 00:02:31,270
So another thing to keep in mind is that this will not work on all networks.

38
00:02:31,270 --> 00:02:35,230
It will only work of some networks where are spoofing is still possible.

39
00:02:35,230 --> 00:02:41,790
There are a bunch of different networks in the world that have security measures that prevent our spoofing.

40
00:02:42,340 --> 00:02:49,770
But there is even more of them that do not prevent spoofing so that's why we are covering this project.

41
00:02:49,770 --> 00:02:53,480
Let's start with creating the project inside of a pie chart.

42
00:02:53,490 --> 00:02:54,240
Here it is.

43
00:02:54,240 --> 00:03:02,770
I already went on file and then you project solved simply just type right here AARP's tool for we can

44
00:03:02,770 --> 00:03:03,580
create.

45
00:03:03,580 --> 00:03:04,990
We want to create this window

46
00:03:10,330 --> 00:03:16,930
and we're going to start off by importing the libraries that we need for the first program which is

47
00:03:16,930 --> 00:03:22,390
going to be us going line by line and checking out how our spoofing works.

48
00:03:22,480 --> 00:03:26,920
We're only going to need one library and that is going to be this KP library.

49
00:03:26,950 --> 00:03:36,370
So first of all I will go right here and click on new python file and we will call this first program

50
00:03:36,760 --> 00:03:37,450
malicious.

51
00:03:37,590 --> 00:03:42,200
Our packet and we can shorten that by simply typing mile arc.

52
00:03:42,520 --> 00:03:43,790
Not be white.

53
00:03:43,810 --> 00:03:53,440
Simple as that and all we need to do is typed firms KP dot all import and then star sign and a star

54
00:03:53,440 --> 00:03:59,100
sign simply implicates that we are importing everything from escape it all but you can notice that the

55
00:03:59,100 --> 00:04:04,450
escapees actually read underline therefore we need to install it first so let's open up our terminal

56
00:04:05,910 --> 00:04:10,510
to three groups Page 3 install escapee

57
00:04:13,370 --> 00:04:18,020
it will collect the library and in no time we should have it up and running.

58
00:04:18,080 --> 00:04:23,580
Here it is if we go right here in just a few seconds this red line will go away.

59
00:04:24,950 --> 00:04:29,260
All right so let's experiment with Skippy a little bit.

60
00:04:29,730 --> 00:04:36,930
So if I go and open up my terminal right here and before we actually code anything inside of my charm

61
00:04:37,200 --> 00:04:44,660
let us open up our terminal zoom in our terminal and run escape.

62
00:04:44,760 --> 00:04:50,280
Now you will notice that you can simply just run escapee instead of python in your terminal and it will

63
00:04:50,310 --> 00:04:58,090
open a platform or a framework that allows you to only execute escape commands all right.

64
00:04:58,100 --> 00:05:04,310
So here it is I will enlarge this so we can see everything better in case you don't have KP installed.

65
00:05:04,400 --> 00:05:09,560
Simply you can insulate by using Pip 3 as we showed in pie chart.

66
00:05:09,590 --> 00:05:15,070
Now what Skippy allows us to do is it allows us to create different types of packets.

67
00:05:15,110 --> 00:05:18,580
For example we have DCP packets UDP packets.

68
00:05:18,590 --> 00:05:25,250
We can also create ICMP packets and in our case in this section we are going to use our packets.

69
00:05:25,400 --> 00:05:30,480
So if we simply just type El s and in brackets I specify ARP.

70
00:05:30,830 --> 00:05:35,820
You will notice that first of all this El s is the same as the Allies command inside of a terminal.

71
00:05:35,870 --> 00:05:41,480
It will simply just list all of the different fields that the art back in has.

72
00:05:41,480 --> 00:05:46,700
So we have all of those fields that we need to specify inside of an hour packet before we actually try

73
00:05:46,700 --> 00:05:48,080
to send it.

74
00:05:48,140 --> 00:05:49,400
We have PTSD.

75
00:05:49,760 --> 00:05:51,200
H W DST.

76
00:05:51,200 --> 00:05:58,870
B source and H W source and O P and these five fields are the most important to us for dissection.

77
00:05:59,120 --> 00:06:06,110
This peat DST is actually the destination to which we are sending the packet the H W DSD destination

78
00:06:06,500 --> 00:06:12,710
MAC address which we are sending the packet the p source is our own IP address and the AGW source is

79
00:06:12,710 --> 00:06:21,850
our own Mac address the O P field is simply set to either 1 or 2 and the reason for that is because

80
00:06:21,850 --> 00:06:28,510
there are two types of our packets if Opie said to one that means we are sending the R request and if

81
00:06:28,780 --> 00:06:36,460
Opie said to do that means we are sending the AAP response and the request is simply asking for example

82
00:06:37,120 --> 00:06:42,910
at which Mac address and IP address is the router and the response would be if someone asked for our

83
00:06:42,910 --> 00:06:49,330
own Mac address over the broadcast we would simply reply Kay that IP address is at this mac address

84
00:06:49,420 --> 00:06:52,020
and that is the ah response alright.

85
00:06:52,480 --> 00:06:56,680
But even though if you don't understand you will understand it to the process of coding.

86
00:06:56,800 --> 00:07:03,760
Now in order to create the packet inside of escapee we can define something like packet equals and then

87
00:07:03,850 --> 00:07:09,370
are specifying which package we want and inside of the brackets we specify all of these options that

88
00:07:09,370 --> 00:07:10,690
we need.

89
00:07:10,690 --> 00:07:18,550
For example I can simply specified predestination equals and then lets say the IP address of my daughter

90
00:07:20,350 --> 00:07:27,070
and if I just type back and that show you will see all of the fields for my packet.

91
00:07:27,070 --> 00:07:29,720
Most of them will be set automatically.

92
00:07:29,950 --> 00:07:35,410
You will notice that the H W source and peace source are set automatically and this is the MAC address

93
00:07:35,410 --> 00:07:40,940
of our killer Linux machine and the IP address of our Kleenex machine.

94
00:07:41,140 --> 00:07:48,810
The OPI set to who has which means this is a request if you try to change it for example packet dot

95
00:07:48,920 --> 00:07:59,050
to be equal to and then we type once again packets show we got changed o p value which is now is at.

96
00:07:59,050 --> 00:08:03,090
So this means we are sending a response alright.

97
00:08:03,340 --> 00:08:11,020
The packet type is is IP before and you can see the H W type is 0 x 1 and all of these values are set

98
00:08:11,290 --> 00:08:16,990
except the hardware destination or the MAC address of the actual target that we want to get the MAC

99
00:08:16,990 --> 00:08:17,530
address from.

100
00:08:18,630 --> 00:08:24,280
All right so this just small intro to the facts and in the next video we are going to implement this

101
00:08:24,280 --> 00:08:29,050
in our pie charm and send our first malicious ah packet.

102
00:08:29,050 --> 00:08:30,960
Thank you for watching and take care.

103
00:08:30,970 --> 00:08:31,290
Bye.