1
00:00:00,510 --> 00:00:01,670
Welcome back.

2
00:00:01,680 --> 00:00:04,770
We are ready for our final project of dissection.

3
00:00:04,770 --> 00:00:12,330
Let's create the ark spool for which we'll automate the entire process and run it in a while loop since

4
00:00:12,330 --> 00:00:16,260
we already did this in the previous video in using KP in our terminal.

5
00:00:16,260 --> 00:00:18,830
We don't really need it right here.

6
00:00:18,840 --> 00:00:20,880
We can simply just create a new file

7
00:00:24,020 --> 00:00:29,690
which we can call our spool for dot P wipe.

8
00:00:29,980 --> 00:00:35,710
All right we need the same library that we imported before so import.

9
00:00:36,170 --> 00:00:43,660
So we're going to import escaping like this import KP dot all as KP.

10
00:00:44,060 --> 00:00:51,560
We also want to import the SIS library and we want to import the time library.

11
00:00:51,620 --> 00:00:52,090
All right.

12
00:00:52,160 --> 00:00:54,780
So these are the three libraries that we are going to need.

13
00:00:54,920 --> 00:00:57,200
As you can see we have all three of them.

14
00:00:57,200 --> 00:01:00,750
So we need to install any additional libraries.

15
00:01:01,130 --> 00:01:07,580
Now the first thing that we want to prompted the user is for the target's IP address and Walters IP

16
00:01:07,580 --> 00:01:12,400
address now before we actually even code anything.

17
00:01:12,400 --> 00:01:15,400
Let's discuss what we want this program to do.

18
00:01:15,400 --> 00:01:20,500
In the previous video we showed how we actually sent a malicious package to Windows 10 machine telling

19
00:01:20,500 --> 00:01:22,720
them that we are the router.

20
00:01:22,720 --> 00:01:25,210
Now we need to do that two times.

21
00:01:25,210 --> 00:01:30,430
So we need to send the malicious packet to understand machine telling the Windows 10 that created the

22
00:01:30,430 --> 00:01:31,030
router.

23
00:01:31,150 --> 00:01:35,650
And we also need to send the malicious back into the router telling the router that we have Windows

24
00:01:35,650 --> 00:01:42,410
10 machine and then we can forward the packets from one machine to another and vice versa.

25
00:01:43,370 --> 00:01:45,710
If you think about it it should be rather easy.

26
00:01:46,040 --> 00:01:47,060
So let's start with it.

27
00:01:47,060 --> 00:01:53,000
We first of all need to prompt the user of this program to specify the target's IP address and the robbers

28
00:01:53,030 --> 00:01:53,900
IP address.

29
00:01:55,160 --> 00:01:57,630
All right so let's start with the target IP.

30
00:01:58,400 --> 00:02:03,590
And since we import to the source library we can simply just specify that the target IP will be equal

31
00:02:03,590 --> 00:02:07,330
to the seats that are we.

32
00:02:07,910 --> 00:02:09,460
Which is number two.

33
00:02:09,680 --> 00:02:15,410
And this basically means that we are going to read the target's IP and if Walter's IP from the command

34
00:02:15,410 --> 00:02:18,090
line once the user of this program runs it.

35
00:02:18,140 --> 00:02:24,230
Let me just give you a quick look if you can understand it.

36
00:02:24,460 --> 00:02:27,440
For example this program will be ran something like this.

37
00:02:27,430 --> 00:02:32,530
So Python 3 are subwoofer loops not be Y.

38
00:02:32,920 --> 00:02:39,820
And then after it for specify one I do that 168 that one that one and 182 that 168 that funded to.

39
00:02:40,360 --> 00:02:47,170
So the first argument will be the IP address of our router and the second argument will be the IP address

40
00:02:47,170 --> 00:02:54,520
from our target machine and then we are going to feed the IP addresses from the command line and store

41
00:02:54,520 --> 00:02:56,100
it into these variables.

42
00:02:56,110 --> 00:03:02,530
So the target IP will be the second parameter or in this case the third parameter since counting of

43
00:03:02,530 --> 00:03:08,590
elements starts from zero and the zero element is the actual name of the program.

44
00:03:08,590 --> 00:03:09,700
All right.

45
00:03:09,700 --> 00:03:13,630
And we are left with the right people to be equal to dot.

46
00:03:13,720 --> 00:03:22,540
Are we first element or the second element in this case which will be the IP address of the router.

47
00:03:22,600 --> 00:03:22,930
Right.

48
00:03:22,930 --> 00:03:29,710
So we are going to read these two from the command that we're storing it right here and the next thing

49
00:03:29,710 --> 00:03:34,390
that we want to do with these two information since this is the only thing that we are going to get

50
00:03:34,690 --> 00:03:42,280
from the user of this program we want to get the MAC addresses for these two targets so how can we do

51
00:03:42,280 --> 00:03:42,620
that.

52
00:03:42,710 --> 00:03:51,310
Well let's simply specify another variable called Target Mac and that's variable will be equal to get

53
00:03:51,460 --> 00:03:56,380
mac address from the target's IP

54
00:03:59,350 --> 00:04:01,140
then you will see that this is read underlined.

55
00:04:01,150 --> 00:04:05,380
That means this function does not exist therefore we are going to have to code it.

56
00:04:05,380 --> 00:04:06,890
And don't worry about it.

57
00:04:06,940 --> 00:04:09,720
We already kind of coded this function in the previous video.

58
00:04:09,820 --> 00:04:14,860
Once we saw the process of getting the MAC address of upper windows 10 machine all we need to do is

59
00:04:15,190 --> 00:04:16,960
the same and the exact same thing.

60
00:04:17,080 --> 00:04:22,450
Just now we need to do it with both we understand machine and the router so Let's type it right here

61
00:04:22,600 --> 00:04:27,190
router Mac equals get MAC address

62
00:04:30,250 --> 00:04:31,780
from the routers

63
00:04:34,500 --> 00:04:35,060
IP.

64
00:04:36,030 --> 00:04:40,070
And we need to make sure that all of these variables are strings as we are going to use them.

65
00:04:40,070 --> 00:04:47,400
So we're just going to wrap them just in case inside of a string function.

66
00:04:47,400 --> 00:04:47,790
All right.

67
00:04:47,820 --> 00:04:55,680
So string we also want to make sure that the IP addresses or strings.

68
00:04:55,680 --> 00:04:56,800
Just in case.

69
00:04:56,940 --> 00:04:58,470
Let's wrap this.

70
00:04:58,470 --> 00:05:00,760
So we have everything set to go.

71
00:05:01,620 --> 00:05:09,550
Now what we need to do is we need to code to get MAC address function so let's go to it right here.

72
00:05:10,540 --> 00:05:11,500
Let's define it first.

73
00:05:11,500 --> 00:05:17,480
So define get MAC address and let's lower this thing for just seconds.

74
00:05:17,500 --> 00:05:23,320
We can see the program better and since we already noticed right here this function will take a parameter

75
00:05:23,530 --> 00:05:30,160
the IP address whether it is the IP address of the target or derogatory doesn't matter.

76
00:05:30,160 --> 00:05:32,770
The function will perform the same.

77
00:05:32,770 --> 00:05:39,090
So if we remember from the previous video what we first did is we created the broadcast layer

78
00:05:42,030 --> 00:05:44,730
that will be equal to KP dot Arthur

79
00:05:47,450 --> 00:05:53,060
with the destination to the broadcast MAC address.

80
00:05:53,240 --> 00:05:53,690
All right.

81
00:05:53,690 --> 00:05:56,190
So this is the first layer and the second layer.

82
00:05:56,210 --> 00:05:59,360
You already know is the outer layer.

83
00:05:59,360 --> 00:06:08,060
This will be equal to KP dot AAP and the B destination has to be set for the IP address of this actual

84
00:06:08,120 --> 00:06:09,170
function.

85
00:06:09,170 --> 00:06:11,410
So in this case it will be the target's IP.

86
00:06:11,420 --> 00:06:18,820
And in this case the routers IP basically once again we are sending the broadcast MAC address.

87
00:06:18,820 --> 00:06:25,500
So we are sending to the entire network asking what is the MAC address of this IP address right here.

88
00:06:25,520 --> 00:06:26,730
All right.

89
00:06:26,860 --> 00:06:31,750
We already know that the other fields of the packet will get filled automatically so we don't need to

90
00:06:31,750 --> 00:06:33,790
specify them by default.

91
00:06:33,790 --> 00:06:38,910
If you remember the p parameter of Dysart back it will be set to one which means it is by default a

92
00:06:38,920 --> 00:06:39,490
request.

93
00:06:39,500 --> 00:06:41,800
We don't have to set that as well.

94
00:06:41,800 --> 00:06:52,390
And right now let's create the packet the final packet which we can call get Mac packet just so we can

95
00:06:52,390 --> 00:06:58,330
understand everything better once we read the program code and get Mac back it will be the broadcast

96
00:06:58,330 --> 00:07:03,040
layer slash our layer all right.

97
00:07:03,980 --> 00:07:10,940
All we are left to do is send this packet and retrieve the MAC address if you remember we will store

98
00:07:10,970 --> 00:07:17,330
this inside of an answer variable and then we will perform the SRP function which sends and retrieves

99
00:07:17,330 --> 00:07:21,910
the response we will perform that on the get Mac packet

100
00:07:24,590 --> 00:07:28,110
with the time out of two seconds.

101
00:07:28,130 --> 00:07:35,000
We want to set the proposed to be equal to False and we want to grab the first element of this list

102
00:07:35,060 --> 00:07:38,410
which is going to be the list with answers.

103
00:07:38,480 --> 00:07:39,360
All right.

104
00:07:39,360 --> 00:07:46,280
And then from that list with answers we want to return the MAC address of the specified target.

105
00:07:46,350 --> 00:07:48,350
So we are returning the answer.

106
00:07:48,570 --> 00:07:52,210
This answer variable will also have a bunch of lists.

107
00:07:52,260 --> 00:07:56,430
So we need to set right here that want the first list.

108
00:07:56,490 --> 00:08:02,470
Then from that first list we want the response which is going to have the MAC address of the target.

109
00:08:02,610 --> 00:08:06,750
And therefore we want to get it with H W as r c.

110
00:08:06,750 --> 00:08:09,680
So we are returning the MAC address of the target machine.

111
00:08:10,860 --> 00:08:11,220
All right.

112
00:08:11,220 --> 00:08:17,010
So before we continue anything let's see whether this works.

113
00:08:17,010 --> 00:08:29,880
At the end we are going to print the watermark and we want to print the target Mac.

114
00:08:30,220 --> 00:08:32,160
So let's run the program.

115
00:08:32,170 --> 00:08:35,080
We already know that we have to run it like this.

116
00:08:35,080 --> 00:08:40,210
So keep in mind that you do not reverse these two IP addresses the first ip address that should go is

117
00:08:40,210 --> 00:08:43,060
the Reuters IP which we can see right here.

118
00:08:43,270 --> 00:08:48,520
Since this is the element two and this is the element three and the second argument is the target's

119
00:08:48,520 --> 00:08:49,570
IP.

120
00:08:49,660 --> 00:08:55,660
So if I run this we get both to the MAC addresses printed out at the screen.

121
00:08:55,960 --> 00:09:00,750
So we successfully get the MAC addresses to our router and target machine.

122
00:09:01,000 --> 00:09:02,350
Good.

123
00:09:02,500 --> 00:09:08,350
In the next video we can code the spoof part which is going to actually send a malicious packet and

124
00:09:08,470 --> 00:09:11,540
create our spoofing between these two targets.

125
00:09:11,560 --> 00:09:15,700
So thank you for watching this lecture and I will see you in the next video by.