1
00:00:01,370 --> 00:00:02,290
Welcome back.

2
00:00:02,300 --> 00:00:04,550
Let's create the download function.

3
00:00:04,700 --> 00:00:09,770
So in the previous video we created the upload function and we added both parts of the code into the

4
00:00:09,800 --> 00:00:11,920
backdoor and the server.

5
00:00:11,930 --> 00:00:17,330
Now we have to do the same for download but if we think a little bit about it the download function

6
00:00:17,330 --> 00:00:23,420
is read of the same as upload function it's just reverse the part of the code that we coded for the

7
00:00:23,420 --> 00:00:28,520
upload function and replaced in server should now go to the backdoor and the part of the code that recorded

8
00:00:28,610 --> 00:00:31,160
in the back door should now go to the server.

9
00:00:31,310 --> 00:00:35,890
But let's start off with initiating the El Steve statement inside of our server.

10
00:00:35,960 --> 00:00:42,580
So else if the command and then first eight characters because that is how many letters download world

11
00:00:42,590 --> 00:00:51,350
has equals equals to download then what we want to do is we want to perform the download function so

12
00:00:51,350 --> 00:00:59,550
download file from the command and then nine character till the end okay.

13
00:00:59,610 --> 00:01:02,250
So let's go the download function right here.

14
00:01:03,050 --> 00:01:10,200
If I go I can code it right below the upload file so download file takes the file name as parameter

15
00:01:11,670 --> 00:01:12,480
and what we can do.

16
00:01:12,480 --> 00:01:18,720
We can go to our backdoor and copy the download file function straight out of our backdoor so control

17
00:01:18,730 --> 00:01:22,440
C and then paste it right here.

18
00:01:22,440 --> 00:01:28,070
Of course there are a few things that we need to change such as for example instead of s dot sets timeout

19
00:01:28,110 --> 00:01:31,940
we need to specify target date set timeout here.

20
00:01:31,950 --> 00:01:37,430
Also target and here also target.

21
00:01:37,500 --> 00:01:42,690
And let's not forget at the end of the function we need to close the timeout and therefore we need to

22
00:01:42,690 --> 00:01:43,890
set the target.

23
00:01:43,890 --> 00:01:46,690
Once again OK.

24
00:01:46,970 --> 00:01:53,060
So we simply just copied it from the backdoor into our server and now we can do the same thing inside

25
00:01:53,060 --> 00:01:53,970
of our backdoor.

26
00:01:54,800 --> 00:01:55,890
So let's go right here.

27
00:01:55,940 --> 00:02:06,340
First of all at the El Steve statement so elusive command first eight letters are equal to download.

28
00:02:07,160 --> 00:02:10,330
Then what we can do is we can upload the file.

29
00:02:10,760 --> 00:02:16,650
Once again don't get confused by these two being reverse because from our backdoor if the command is

30
00:02:16,690 --> 00:02:25,370
downloads that means we are uploading the file to the server and we're uploading command ninth character

31
00:02:25,440 --> 00:02:27,470
till the end.

32
00:02:27,470 --> 00:02:31,530
Let's create the upload file function right below here.

33
00:02:31,730 --> 00:02:39,020
Def upload file takes file name as parameter and as we did previously we can copy it from the server

34
00:02:39,550 --> 00:02:45,230
let's copy these two lines control C and add them into our backdoor.

35
00:02:45,380 --> 00:02:51,140
Make sure that we change these targets to the s since the S is the actual socket descriptor inside of

36
00:02:51,140 --> 00:02:51,950
our backdoor.

37
00:02:52,970 --> 00:02:55,700
And this should pretty much be everything that we should do.

38
00:02:56,330 --> 00:02:58,240
Let's test and see whether this works.

39
00:02:59,660 --> 00:03:01,640
Let's plug in our speed drive

40
00:03:06,630 --> 00:03:07,840
open do as we drive.

41
00:03:09,390 --> 00:03:15,360
Now we can copy the backdoor to the media slash route slash you it's speed drive.

42
00:03:15,360 --> 00:03:20,070
We already know this entire process so let's look out over you as we drive.

43
00:03:20,070 --> 00:03:25,310
And now we can compile the program inside of our we understand environment.

44
00:03:25,410 --> 00:03:36,020
Copy the backdoor to the desktop and right here we can open up our command prompt go to desktop and

45
00:03:36,260 --> 00:03:38,830
run by installer backdoor.

46
00:03:38,870 --> 00:03:43,180
But why that Deshpande file that dash no console.

47
00:03:43,460 --> 00:03:44,240
Click on enter.

48
00:03:45,830 --> 00:03:46,290
OK.

49
00:03:46,310 --> 00:03:48,080
So it's completed successfully.

50
00:03:48,080 --> 00:03:51,460
Let's close this going to cover this directory.

51
00:03:51,500 --> 00:03:53,990
Copy the backdoor to the desktop.

52
00:03:53,990 --> 00:03:56,470
And now we're going to run our backdoor.

53
00:03:56,540 --> 00:04:00,050
But before we do that we want to go and run server first.

54
00:04:00,290 --> 00:04:08,450
So Python 3 server not be why listening for the incoming connections let's run the backdoor.

55
00:04:08,640 --> 00:04:12,960
We don't get any error so I assume the connection has been established and it has.

56
00:04:12,960 --> 00:04:15,940
So let's run some command just to test and see whether it works.

57
00:04:15,960 --> 00:04:16,980
It does work.

58
00:04:16,980 --> 00:04:21,870
And now we're going to try to download this image right here.

59
00:04:21,930 --> 00:04:23,310
This is an image from Udemy.

60
00:04:23,340 --> 00:04:27,310
So we're going to try to download it and get it on Kelly Linux.

61
00:04:27,380 --> 00:04:27,800
OK.

62
00:04:27,810 --> 00:04:30,290
It is called another image that JPEG.

63
00:04:31,230 --> 00:04:39,050
Let's go and type the command download another image that J Peg click enter.

64
00:04:39,390 --> 00:04:41,470
It seems to not keep an error.

65
00:04:41,490 --> 00:04:45,200
Let's run another command to see whether everything worked and it did.

66
00:04:45,210 --> 00:04:47,730
We can execute the commands afterwards.

67
00:04:47,760 --> 00:04:52,560
And now let's see whether we have the downloaded image inside of our directory.

68
00:04:52,560 --> 00:04:53,850
Here it is.

69
00:04:53,850 --> 00:04:57,360
If I double click on it it will open up inside of my pie chart.

70
00:04:57,450 --> 00:05:02,460
So we successfully downloaded an image from our windows 10 target machine.

71
00:05:02,460 --> 00:05:08,040
Now we have to both upload and download function ready to work and we can upload files to the target

72
00:05:08,040 --> 00:05:12,410
machine and download any file that we want from the target machine.

73
00:05:12,420 --> 00:05:15,050
How cool is that in the next video.

74
00:05:15,120 --> 00:05:21,180
We're going to take a look at how we can actually implement a screen function and take screenshot of

75
00:05:21,240 --> 00:05:23,160
the target's desktop.

76
00:05:23,400 --> 00:05:25,190
That one would be excited to do so.

77
00:05:25,200 --> 00:05:27,960
I hope I'll see you in the next lecture by.