1 00:00:00,720 --> 00:00:06,060 Hello everybody and welcome back to the final part of our key logger and let's implement it finally 2 00:00:06,060 --> 00:00:07,220 into our back door. 3 00:00:08,070 --> 00:00:14,060 So we got the key logger set up as a class and now we can exit from our back door. 4 00:00:14,070 --> 00:00:16,190 There is nothing here that should be changed for now. 5 00:00:16,470 --> 00:00:22,440 So let's go straight into our reverse shell and go down to our shell function right here. 6 00:00:22,440 --> 00:00:27,570 As I mentioned at the beginning of this project we want to make our keel over work similarly to the 7 00:00:27,570 --> 00:00:29,200 interpreter a key logger. 8 00:00:29,370 --> 00:00:30,930 So we are going to have three options. 9 00:00:30,930 --> 00:00:32,970 The first one will be elusive. 10 00:00:33,050 --> 00:00:44,130 Command and then first 12 characters equal equal to key log underscore start then we will start the 11 00:00:44,130 --> 00:00:48,990 key longer than else if comment first. 12 00:00:48,990 --> 00:00:58,350 Eleven characters are equal to key log on the score dump then we will print the keystrokes the screen 13 00:00:58,800 --> 00:01:08,230 and the last option save command first 11 characters are equal equal to kill log underscore stop we 14 00:01:08,320 --> 00:01:09,740 will stop the killing. 15 00:01:10,200 --> 00:01:14,730 So let's start with the first one in case we type the killer underscore start. 16 00:01:14,730 --> 00:01:16,680 That means we want to start the key logger. 17 00:01:16,680 --> 00:01:22,910 Therefore we need to create the key log object and call our key logger class from the key logger file. 18 00:01:23,220 --> 00:01:28,260 But in order for us to call it we first of all need to import it inside of our backdoor. 19 00:01:28,260 --> 00:01:33,630 So let's go all the way down and import key logger in order for you to import it. 20 00:01:33,630 --> 00:01:40,090 Make sure that the key logger is located in the same directory as your back door wants to import it. 21 00:01:40,140 --> 00:01:46,970 Go back to the L Steve statement and call your library with the key logger name as well as call the 22 00:01:46,980 --> 00:01:49,900 class from the library which is key logger. 23 00:01:50,160 --> 00:01:52,690 Now that we initiated the key log object. 24 00:01:52,740 --> 00:01:58,200 Now we can run it on a separate thread so they'll call a threat which will be called DB equals threading 25 00:01:58,530 --> 00:02:10,460 that thread and the target will be key log dot start which remember is the function from our key logger 26 00:02:10,460 --> 00:02:12,860 that starts this entire process. 27 00:02:12,860 --> 00:02:17,210 Here it is we're calling that function on to our thread. 28 00:02:17,210 --> 00:02:26,680 So all we're left to do is to start our thread and we can send to the server with reliable send that 29 00:02:26,710 --> 00:02:28,500 the key logger has been started 30 00:02:33,940 --> 00:02:38,740 so we don't have to code anything inside of our server part of the code will simply just send a message 31 00:02:38,740 --> 00:02:45,610 key logger started and now in case we want to print the keystrokes we need to call the read logs method 32 00:02:45,610 --> 00:02:49,140 from our key logger since that method returns the keystrokes. 33 00:02:49,180 --> 00:02:57,610 We need to store them inside of logs so logs equal key log dot read logs and then all we need to do 34 00:02:57,730 --> 00:03:02,540 is reliable sent those logs. 35 00:03:02,860 --> 00:03:07,750 And the last option is if you want the key logger to stop what we are going to do is we're going to 36 00:03:07,750 --> 00:03:15,810 call the self-destruct methods of key log that self destruct and then we will join the thread that was 37 00:03:15,810 --> 00:03:19,380 running the key logger and we will reliable send 38 00:03:22,590 --> 00:03:27,720 key logger stopped. 39 00:03:29,720 --> 00:03:32,380 Simple as that. 40 00:03:32,480 --> 00:03:38,720 Now it says that we do not have the threading library so let's import it right here import threading 41 00:03:42,750 --> 00:03:46,760 and let's go to our key logger to see whether everything is set correctly. 42 00:03:46,770 --> 00:03:51,300 We first of all want to unhedged this because we are going to test it right now inside of our Windows 43 00:03:51,300 --> 00:03:57,900 environment and we want to hash this one and everything else should be good to go. 44 00:03:57,970 --> 00:04:03,040 Once we stop the key logger we are calling the self-destruct method which will set the flag to equal 45 00:04:03,040 --> 00:04:07,960 to 1 and it will stop the listener as well as remove the process manager of the extreme. 46 00:04:08,920 --> 00:04:16,350 Ok so now that we did that we need to transfer both of these files to the Windows 10 machine in order 47 00:04:16,350 --> 00:04:18,030 to compile them. 48 00:04:18,030 --> 00:04:19,620 So let's do that right away. 49 00:04:19,710 --> 00:04:24,320 We will call our USP drive come to calisthenics. 50 00:04:24,780 --> 00:04:33,040 Let's open it up let's copy both the back door and the key logger to our USP drive so let's navigate 51 00:04:33,040 --> 00:04:39,040 first to the PI term project and then backdoor copy key logger Look P wide media route and then you 52 00:04:39,080 --> 00:04:46,720 speed drive and then copy backdoor dot P. wide to media route and then you add speed drive click enter 53 00:04:47,170 --> 00:04:54,390 and now we can unplug our USP and compile these two programs. 54 00:04:55,110 --> 00:04:55,520 OK. 55 00:04:55,630 --> 00:05:01,940 So open up your USP drive on your Windows machine find the backdoor. 56 00:05:01,970 --> 00:05:02,840 Here it is. 57 00:05:02,840 --> 00:05:06,120 Find the key logger. 58 00:05:06,190 --> 00:05:11,580 Here it is and now we can compile the backdoor. 59 00:05:11,590 --> 00:05:15,680 The crucial part is to have the key logger in the same directory as backdoor. 60 00:05:15,700 --> 00:05:17,440 Otherwise this will not work. 61 00:05:17,440 --> 00:05:26,040 Let's open up our command prompt navigate to the desktop directory and then find Stoller backdoor dash 62 00:05:26,080 --> 00:05:31,270 dash one file dash dash no console click enter. 63 00:05:31,400 --> 00:05:35,760 This will compile the program for us so let let's start the server while this is working. 64 00:05:35,810 --> 00:05:44,080 We will go right here well let's start the server from the regular clinics terminal and not started 65 00:05:44,080 --> 00:05:45,100 from the pie chart. 66 00:05:45,100 --> 00:05:46,570 This one should be better. 67 00:05:46,650 --> 00:05:50,550 Let's lower this and Python 3. 68 00:05:50,600 --> 00:05:56,930 Server not be why it will listen for the incoming connections and right now if this is finished we can 69 00:05:56,930 --> 00:06:03,140 run our backdoor double click. 70 00:06:03,380 --> 00:06:08,660 We don't get any error so let's see whether we receive the connection and we did target connected from 71 00:06:08,660 --> 00:06:10,590 this IP address and from this port. 72 00:06:10,730 --> 00:06:18,830 If we run regular commands such as we might work if I simply just type Kellogg underscore start it will 73 00:06:18,830 --> 00:06:21,650 send us the message key logger started. 74 00:06:21,650 --> 00:06:31,790 Now if we type something on Windows 10 machine let type I am 10 years old press enter and if we for 75 00:06:31,790 --> 00:06:38,090 example want to read those keystrokes we can type Kellogg underscored dump and it will print us right 76 00:06:38,090 --> 00:06:38,420 here. 77 00:06:38,420 --> 00:06:41,420 Everything's stored in the process manager dot the. 78 00:06:42,170 --> 00:06:44,750 And here is I am 10 years old. 79 00:06:44,750 --> 00:06:49,520 Now the reason why we have all of the previous things is because we test the rookie longer before and 80 00:06:49,520 --> 00:06:53,050 we created the process manager to see even before we did that. 81 00:06:53,060 --> 00:06:56,660 That's why it has previous things stored as well. 82 00:06:56,660 --> 00:07:02,890 If we type something else such as for example hello from another site 83 00:07:06,220 --> 00:07:08,770 and we type Kellogg underscored dump again 84 00:07:11,690 --> 00:07:15,240 we'll get printed everything as well as the new thing that we typed. 85 00:07:15,340 --> 00:07:17,590 Hello from another site. 86 00:07:17,920 --> 00:07:24,820 Now let's test the final option which is Kellogg underscore stop press your enter. 87 00:07:24,820 --> 00:07:30,730 We get the message key logger stopped and now let's see whether the process manager Dr the 60 is indeed 88 00:07:30,760 --> 00:07:31,860 deleted. 89 00:07:32,050 --> 00:07:39,340 If you go to the AP data and then roaming and type there we no longer have process manager that to exceed 90 00:07:39,760 --> 00:07:40,570 right here. 91 00:07:40,570 --> 00:07:45,760 It has been deleted by our self destruct function from our key logger. 92 00:07:45,760 --> 00:07:51,760 But if you want to you can see we just thought again and everything will work the same we can type. 93 00:07:51,760 --> 00:07:55,950 This is my second time running. 94 00:07:56,170 --> 00:08:03,460 And if you simply just print those keystrokes you will have everything printed out as well as the process 95 00:08:03,460 --> 00:08:05,830 manager that takes the will be created. 96 00:08:05,830 --> 00:08:11,450 Once again let us close this killing stop. 97 00:08:11,590 --> 00:08:15,400 Let's quit the show so everything works correctly. 98 00:08:15,400 --> 00:08:17,160 We implemented our key logger. 99 00:08:17,200 --> 00:08:23,440 All we are left to do is one final option and that is to add the persistence to our back door. 100 00:08:23,530 --> 00:08:28,780 After that we have officially finished our backdoor and we can get straight into creating the command 101 00:08:28,780 --> 00:08:33,000 and control center which will be able to control multiple targets at once. 102 00:08:33,170 --> 00:08:33,460 OK. 103 00:08:33,490 --> 00:08:37,270 So thank you for watching and I will see you in the next lecture by.