1
00:00:00,450 --> 00:00:01,500
Welcome back everybody.

2
00:00:01,500 --> 00:00:07,660
And let's test our program to see whether it works in both Linux and Windows.

3
00:00:07,710 --> 00:00:07,950
OK.

4
00:00:07,980 --> 00:00:12,630
So first of all as I mentioned before we're going to test it in Linux first.

5
00:00:12,800 --> 00:00:19,130
What we're expecting for this program to do is start running and then create this process manager the

6
00:00:19,420 --> 00:00:23,340
file and write all the input keystrokes to this file.

7
00:00:24,090 --> 00:00:25,980
Let's see whether it works.

8
00:00:25,980 --> 00:00:32,980
If we open up our terminal we enlarge everything so we can see it better

9
00:00:40,390 --> 00:00:42,490
than we navigate to the key logger project.

10
00:00:42,490 --> 00:00:46,800
So see these pie chart projects and then key logger type.

11
00:00:46,930 --> 00:00:47,880
Right here.

12
00:00:47,950 --> 00:00:52,180
And let's run it with Python 3 Python three key logger P Y.

13
00:00:52,780 --> 00:00:59,110
And of course it will tell us that there is no module named by input and that is because we only installed

14
00:00:59,110 --> 00:01:01,040
it inside of this virtual environment.

15
00:01:01,060 --> 00:01:06,400
Therefore we need to paper three install it inside of a regular terminal as well so people three install

16
00:01:06,790 --> 00:01:11,290
by input it will install and download the library for us.

17
00:01:11,320 --> 00:01:15,000
And then this program should be good to go.

18
00:01:15,220 --> 00:01:15,910
Here it is.

19
00:01:15,910 --> 00:01:16,340
All right.

20
00:01:16,360 --> 00:01:22,750
So let's try to run it once again Python 3 key logger on the y and it seems to work the key logger has

21
00:01:22,750 --> 00:01:23,730
been started.

22
00:01:23,770 --> 00:01:29,050
Nothing is being printed to the screen but if we go and for example inside of our PI try and type right

23
00:01:29,050 --> 00:01:40,510
here Hello World and then we close our key logger with control see type less we'll have the process

24
00:01:40,510 --> 00:01:46,600
manager thought the the inside of this directory if we tried to Cath it to see what's the contents of

25
00:01:46,600 --> 00:01:52,420
the process manager we will see Hello World and the seed which we used to close the program.

26
00:01:53,140 --> 00:01:58,660
OK so our key logger works on linux but this is the least important thing.

27
00:01:58,840 --> 00:02:03,780
This is a key logger that you will most likely never running Linux unless you really need to know.

28
00:02:03,790 --> 00:02:08,980
This is mainly focused on Windows so let's see whether this will work on windows.

29
00:02:08,980 --> 00:02:14,120
Now since this is the first time that we are going to run a program on windows and compile it there

30
00:02:14,960 --> 00:02:18,070
I won't go step by step so we don't miss anything.

31
00:02:18,220 --> 00:02:23,200
First what you need to do is you're going to need that USP drive or you can simply just transfer the

32
00:02:23,500 --> 00:02:25,190
file over a patch to.

33
00:02:25,210 --> 00:02:31,270
But I'm going to use a USB drive to transfer the file from the clinics to my we understand machine much

34
00:02:31,340 --> 00:02:39,430
you need to do is go to the devices go to the US b and simply import your USP device or USP B drive

35
00:02:39,550 --> 00:02:48,550
into your clinics let me lower this lower this as well and this I can read here pop up as soon as it

36
00:02:48,550 --> 00:02:56,650
is imported and all you need to do is copy the files so CPD is the command copy kilograms of P Y to

37
00:02:56,650 --> 00:03:06,540
your USB drive and if we just find where it is located C D from now probably before we actually try

38
00:03:06,540 --> 00:03:09,140
to cooperate you need to open to us B.

39
00:03:09,140 --> 00:03:13,940
So it gets detected by clinics so let's double click it here it is.

40
00:03:14,030 --> 00:03:15,950
This is the directory where it is at.

41
00:03:15,950 --> 00:03:22,520
So you can simply just use your terminal to copy key logger to the media slash route and slash the name

42
00:03:22,520 --> 00:03:27,890
of your USP drive click on enter and it will copy the program for you.

43
00:03:29,000 --> 00:03:36,920
Once you do that you can unplug your USP drive so go to the devices USP and then uncheck your USP device

44
00:03:37,910 --> 00:03:41,890
and go to your main machine or Windows machine whether it is a virtual or physical.

45
00:03:41,900 --> 00:03:43,460
It doesn't matter.

46
00:03:43,460 --> 00:03:49,420
You want to find the actual file that you copy to the US b drive.

47
00:03:49,540 --> 00:03:51,010
Here it is.

48
00:03:51,010 --> 00:03:56,410
Paste it to the desktop of your windows machine and go open up your command prompt.

49
00:03:58,480 --> 00:04:04,150
Once you do that first of all make sure you have Python 3 installed like we did in the first lesson

50
00:04:04,240 --> 00:04:07,990
of this project and now you want to compile this program.

51
00:04:08,590 --> 00:04:09,970
So how can we do that.

52
00:04:09,970 --> 00:04:14,790
Well first of all navigate to the directory but the program is if I type there.

53
00:04:14,800 --> 00:04:16,140
Here is our key logger.

54
00:04:16,160 --> 00:04:19,690
Pete why let us clear the terminal.

55
00:04:19,690 --> 00:04:25,450
CLSA is the command to clear the terminal and the command to actually compile the program to the C is

56
00:04:25,450 --> 00:04:27,390
Pi installer.

57
00:04:27,700 --> 00:04:34,390
Then the name of the program in my case key logger dot P Y and want to use two different options that

58
00:04:34,390 --> 00:04:41,200
Pyne's folder allows us to use which is we want to create the file to be one file so it doesn't depend

59
00:04:41,290 --> 00:04:45,220
on some libraries or other files inside the rectory.

60
00:04:45,220 --> 00:04:49,610
Therefore we will create it to be one file and we do not want it to open Console.

61
00:04:49,630 --> 00:04:57,690
We want it to be silent so will specify no console and click on enter this will compile the program

62
00:04:57,960 --> 00:05:03,720
and you will see to create some of the directories and files right here onto our desktop.

63
00:05:03,720 --> 00:05:05,790
Don't worry about them at the moment.

64
00:05:05,790 --> 00:05:10,560
Let us wait for days to compile and then we're going to explain them what they are.

65
00:05:11,040 --> 00:05:11,350
OK.

66
00:05:11,370 --> 00:05:17,040
So the compiling of the program has completed successfully as it says right here and now we've got these

67
00:05:17,040 --> 00:05:24,110
four directories and files on two of our desktop these three which are which are the PI cash the key

68
00:05:24,110 --> 00:05:29,790
logger docs back and the build are something that you can delete right away so you can simply just delete

69
00:05:29,790 --> 00:05:30,520
them.

70
00:05:30,660 --> 00:05:38,530
The only directory that we're interested in is this list directory if we open it up inside of it.

71
00:05:38,530 --> 00:05:44,170
We will have the key logger that EMC which is the compiled version of our key logger.

72
00:05:44,410 --> 00:05:51,820
If we go to the right click and then properties you will see that this actual type of file is application

73
00:05:51,910 --> 00:05:56,120
or dot the AKC which means that it can be run on any windows machine.

74
00:05:56,800 --> 00:05:58,050
If we double click on it

75
00:06:01,920 --> 00:06:05,340
well it seems like nothing will happen and that is good.

76
00:06:05,340 --> 00:06:08,690
That means our program is running silently in the background.

77
00:06:08,880 --> 00:06:14,940
There is nothing being opened and I assure you that our key logger is already ran and it is sniffing

78
00:06:14,940 --> 00:06:15,920
for keystrokes.

79
00:06:15,930 --> 00:06:16,980
How can we check that.

80
00:06:17,130 --> 00:06:22,560
Well let's type something in the command prompt for example hello world.

81
00:06:22,560 --> 00:06:30,870
What are you up to and you will see right away that we get the process manager right here printed up

82
00:06:31,950 --> 00:06:33,450
in order to close this program.

83
00:06:33,450 --> 00:06:38,850
We cannot simply just control C because if we check right here on the desktop we do not have any console

84
00:06:38,850 --> 00:06:40,050
running our file.

85
00:06:40,050 --> 00:06:41,730
So we need to go to the task manager

86
00:06:44,490 --> 00:06:49,740
find a key logger that b y or pardon me not to exceed and simply just close it.

87
00:06:49,740 --> 00:06:56,450
So we want to and task then if we go to the process manager we can see everything that the target has

88
00:06:56,450 --> 00:06:58,820
inputted during the running of the key logger.

89
00:06:58,850 --> 00:07:00,150
So here is the hello world.

90
00:07:00,200 --> 00:07:05,640
What are you up to and then shift task manager which I didn't complete because it already showed it

91
00:07:05,750 --> 00:07:07,970
right here in the start button.

92
00:07:07,970 --> 00:07:11,050
Therefore our key logger works on Windows as well.

93
00:07:11,690 --> 00:07:17,170
But remember what we said we don't really want our process manager to be seen right here on the desktop.

94
00:07:17,180 --> 00:07:22,670
Therefore we can delete it right away and we can compile a different version of our key logger.

95
00:07:22,760 --> 00:07:26,330
So let's delete all of this including this.

96
00:07:26,330 --> 00:07:28,830
We don't need it anymore so let's delete it.

97
00:07:28,910 --> 00:07:36,440
Go to our Kelly Linux and now what we want to do is we want to narrow the key logger that why we want

98
00:07:36,440 --> 00:07:42,800
to put a hash on this path right here which is path equals project process manager and we want to on

99
00:07:42,800 --> 00:07:51,170
hash the path equals OS and viral plus process manager not the deep then control 0 and enter to save

100
00:07:51,290 --> 00:07:54,120
and then control X to exit.

101
00:07:54,290 --> 00:07:55,780
Then we need to do the same process.

102
00:07:55,790 --> 00:07:57,230
So let's do it quick.

103
00:07:57,230 --> 00:07:59,360
We need to import our USP device

104
00:08:03,130 --> 00:08:04,750
started up in our clinics

105
00:08:07,900 --> 00:08:13,560
and then copy the key logger to the USP device

106
00:08:17,610 --> 00:08:19,890
great key logger.

107
00:08:20,850 --> 00:08:26,490
Well not S.D. we want to copy it the key logger to the media route and then the USP drive.

108
00:08:26,880 --> 00:08:28,650
We want to plug Rivers be drive

109
00:08:33,840 --> 00:08:34,590
open it up

110
00:08:40,660 --> 00:08:46,770
find a key logger here at this open the command prompt in order to compile it

111
00:08:50,160 --> 00:08:55,020
navigate to the directory where the killer areas and run the same command as before which is defined

112
00:08:55,090 --> 00:09:05,190
taller than the name of the file KG P Y dash dash one file dash dash no console click on enter it will

113
00:09:05,190 --> 00:09:11,760
perform the same process of compilation of the program as before and then we should have our final version

114
00:09:12,000 --> 00:09:13,320
for now.

115
00:09:13,320 --> 00:09:17,700
Keep in mind this is for now we are going to upgrade this key largo later on but for now this should

116
00:09:17,700 --> 00:09:18,970
be more than enough.

117
00:09:19,140 --> 00:09:23,280
And let's see whether we manage to hide our process manager dot the external file.

118
00:09:23,680 --> 00:09:29,820
OK so it has completed successfully let us lower this.

119
00:09:29,940 --> 00:09:33,510
We can delete the key logger as well as these three files.

120
00:09:33,510 --> 00:09:36,220
Remember we don't really need them so we can delete them.

121
00:09:36,310 --> 00:09:40,630
We only need this base it to the screen and run it

122
00:09:44,260 --> 00:09:46,330
once again nothing is being opened.

123
00:09:46,330 --> 00:09:48,190
We can only see the file.

124
00:09:48,340 --> 00:09:54,900
The program being friend inside of our task manager right here and now if we start typing something

125
00:09:55,290 --> 00:09:59,090
for example today is a good day.

126
00:09:59,710 --> 00:10:11,150
And then enter and for example let's go to Internet Explorer and let's visit PayPal dot com

127
00:10:16,980 --> 00:10:30,010
go to the log in and would type email test at gmail dot com next and then password can be password 1

128
00:10:30,030 --> 00:10:33,150
2 3 whoops I think I pressed for.

129
00:10:33,150 --> 00:10:35,500
Doesn't even matter click on log in.

130
00:10:35,570 --> 00:10:39,500
Of course that account does not exist but if we close our key logger

131
00:10:42,640 --> 00:10:49,750
and navigate to the directory where the process manager dotting the Is and remember it is in the directory

132
00:10:49,810 --> 00:10:56,740
of seed slash users slash the name of your account and then see the ADP data to change directory to

133
00:10:56,740 --> 00:11:03,040
the AP data and then see the roaming and if you type there inside of that directory you will have process

134
00:11:03,040 --> 00:11:09,730
manager to see in order to print the contents of this file we can use the type command in our command

135
00:11:09,760 --> 00:11:14,820
prompt so type process manager dot the AKC and press enter.

136
00:11:15,070 --> 00:11:20,090
And here is everything that fits input it into the keyboard while the killer grip was running.

137
00:11:20,230 --> 00:11:26,380
Today's a good day that I typed PayPal in order to find the PayPal then type the email address which

138
00:11:26,380 --> 00:11:33,220
is test and use shift in order to create the add character gmail dot com and the password was password

139
00:11:33,340 --> 00:11:34,330
1 2 3 4.

140
00:11:35,140 --> 00:11:41,020
OK so our key logger works correctly and we managed to hide the process manager.

141
00:11:41,020 --> 00:11:46,300
With this we finish up this project of creating key logger and in the next project which is probably

142
00:11:46,300 --> 00:11:52,480
going to be our biggest project we are going to create a backdoor with multiple different functions

143
00:11:52,480 --> 00:11:58,660
such as for example running key logger capturing screenshots executing commands and so on and so on.

144
00:11:58,810 --> 00:12:04,560
So that would be our biggest project and let's get straight into it inside of our next section.

145
00:12:04,610 --> 00:12:05,370
See you there.

146
00:12:05,540 --> 00:12:05,790
By.