1
00:00:00,550 --> 00:00:01,610
Welcome back.

2
00:00:01,630 --> 00:00:07,300
And now we come to one of the more exciting parts about our backdoor and that is the ability of the

3
00:00:07,330 --> 00:00:14,070
backdoor to take screenshots of the target's desktop so for this we are going to need to use an additional

4
00:00:14,070 --> 00:00:19,170
library which we are going to import later on but first thing let's start with the part of the code

5
00:00:19,260 --> 00:00:20,990
of our server.

6
00:00:21,030 --> 00:00:27,780
So as usual for each and every function and each and every option of our backdoor we are going to add

7
00:00:27,870 --> 00:00:35,460
an else if statement so else if the command and first 10 characters because screenshot has 10 letters

8
00:00:36,750 --> 00:00:39,000
if they are equal to the screenshot

9
00:00:41,550 --> 00:00:49,410
then what we want to do is believe it or not is the same thing that we did with download file function.

10
00:00:49,530 --> 00:00:57,680
So let's go to the download file function cooperate entirely and paste it right here.

11
00:00:57,780 --> 00:01:00,470
Now before you change the things that we need to change.

12
00:01:00,960 --> 00:01:02,640
Let me explain this.

13
00:01:02,880 --> 00:01:07,620
The reason why we're using the same part of the code is because really the only thing that our server

14
00:01:07,620 --> 00:01:11,640
is doing is downloading an image from the target machine.

15
00:01:11,730 --> 00:01:16,320
The target machine is the one that is going to take the screenshot and there the code with the current

16
00:01:16,350 --> 00:01:20,240
screenshot but here from our server we only want to download an image.

17
00:01:20,280 --> 00:01:26,100
Therefore we use the same code as we use for the download file option but there are certain things that

18
00:01:26,100 --> 00:01:27,590
we need to change right here.

19
00:01:27,660 --> 00:01:34,380
First of all this file name does not exist and we need to make sure that we can capture multiple images

20
00:01:34,410 --> 00:01:36,540
and not name it the same way.

21
00:01:37,080 --> 00:01:38,390
So how can we do that.

22
00:01:38,400 --> 00:01:40,170
Well we can add something like this.

23
00:01:40,260 --> 00:01:47,500
We can call it screenshot and we can add % D.

24
00:01:47,610 --> 00:01:54,180
This percentage will be switched with the count variable.

25
00:01:54,180 --> 00:01:57,240
Now you might be asking well we don't even have a count variable.

26
00:01:57,570 --> 00:02:00,690
Well we're going to define it at the beginning of our function.

27
00:02:00,690 --> 00:02:07,000
So at the beginning of target communication set count to be equal to zero.

28
00:02:07,050 --> 00:02:13,610
What this will do is the first time that we actually take screenshot it will save it a screenshot zero.

29
00:02:13,770 --> 00:02:18,840
Then if we try to take the screenshot the second time it will save it a screenshot 1 and so on and so

30
00:02:18,840 --> 00:02:19,080
on.

31
00:02:19,410 --> 00:02:24,180
But in order for you to do that at the end of this screenshot part of the program we need to increase

32
00:02:24,240 --> 00:02:28,500
the count variable by 1 right.

33
00:02:28,530 --> 00:02:33,750
And one more thing that we're going to do is we're going to increase the timeout from one second to

34
00:02:33,750 --> 00:02:39,450
three seconds and that is the best time that I use for screenshot part of the code.

35
00:02:39,540 --> 00:02:44,110
We are setting it to be longer just to make sure that our program doesn't fail.

36
00:02:44,410 --> 00:02:45,040
OK.

37
00:02:45,210 --> 00:02:46,920
Everything else can remain the same.

38
00:02:46,920 --> 00:02:48,510
There is nothing really to change about this.

39
00:02:48,510 --> 00:02:52,830
We can proceed to the part of the code of our back door.

40
00:02:53,040 --> 00:02:58,500
So as I mentioned at the beginning of this video we need to import an additional library which is going

41
00:02:58,500 --> 00:03:03,140
to be called by our to go.

42
00:03:03,820 --> 00:03:04,450
OK.

43
00:03:04,560 --> 00:03:08,310
This is the library that we are going to use in order to capture this screenshot.

44
00:03:08,310 --> 00:03:10,420
So just we don't have this red underlined.

45
00:03:10,440 --> 00:03:15,630
Let's insulate using our Pip even though we're not going to compile it and run it its sovereign inside

46
00:03:15,630 --> 00:03:17,220
our clinics.

47
00:03:17,220 --> 00:03:23,700
But let's just install it so we don't get these random errors just because we don't have the library

48
00:03:23,700 --> 00:03:26,330
inside of our virtual environment.

49
00:03:26,340 --> 00:03:26,670
OK.

50
00:03:26,910 --> 00:03:33,270
So it will take some time to install seems like it is a large library.

51
00:03:33,390 --> 00:03:37,180
Therefore we are going to wait for it to finish.

52
00:03:37,230 --> 00:03:40,070
Now let's go the part that will take the screenshot.

53
00:03:40,080 --> 00:03:40,410
OK.

54
00:03:41,160 --> 00:03:49,370
So let's go all the way down and let's add the else if statement so else if command first 10 characters

55
00:03:51,020 --> 00:03:52,910
are equal equal to screenshot

56
00:03:56,030 --> 00:04:01,670
then what we want to do is we will call the screenshot function that we going to code in just a few

57
00:04:01,670 --> 00:04:11,270
seconds and after it we want to upload the file which will be called screen let us call it screen.

58
00:04:12,150 --> 00:04:16,710
And since this will take a P and G screenshot let's call it screen dot P G.

59
00:04:17,730 --> 00:04:18,210
OK.

60
00:04:18,240 --> 00:04:23,480
Before we continue with the rest of the code from this ls this statement let's create the screenshot

61
00:04:23,490 --> 00:04:24,960
function.

62
00:04:24,960 --> 00:04:28,110
We can do it right here below the upload file.

63
00:04:28,790 --> 00:04:30,000
So let's define it first.

64
00:04:30,030 --> 00:04:35,490
Define screenshot and this function has only two lines of code

65
00:04:38,520 --> 00:04:39,900
which we are going to write like this.

66
00:04:39,900 --> 00:04:47,240
So let's create the variable called my screenshot and it will be equal to pi out to gooey

67
00:04:50,140 --> 00:04:52,650
dot screenshot.

68
00:04:53,230 --> 00:04:56,900
And that is actually all we need to do to take a screenshot.

69
00:04:56,920 --> 00:05:01,060
The rest of the code is actually saving that screenshot with a name that we want.

70
00:05:01,090 --> 00:05:05,110
So my screenshot not safe.

71
00:05:05,620 --> 00:05:13,030
And we will save it with the same name that is specified below which is screen that BMG as you can see

72
00:05:13,030 --> 00:05:13,890
right here.

73
00:05:13,930 --> 00:05:19,930
We save the screenshot under the name screen but P G and in our elusive statement right after we take

74
00:05:19,930 --> 00:05:25,720
this screenshot we use the upload file function in order to send that image and right after it we want

75
00:05:25,720 --> 00:05:27,040
to delete that image.

76
00:05:27,070 --> 00:05:33,100
Now the reason why we are deleting that image so that our target doesn't really notice an image of their

77
00:05:33,100 --> 00:05:33,910
own desktop.

78
00:05:34,340 --> 00:05:34,680
OK.

79
00:05:35,110 --> 00:05:39,880
So we will always dot remove and we will remove screen dot and Jeep.

80
00:05:41,050 --> 00:05:41,480
OK.

81
00:05:41,500 --> 00:05:43,920
So this should be everything that we need to do.

82
00:05:43,960 --> 00:05:50,170
We are using the remove function from the OS library to remove a file in our case the screenshot.

83
00:05:50,170 --> 00:05:55,930
And right now we can test this program and see whether this works OK.

84
00:05:56,090 --> 00:06:06,170
So let's import our USP drive open up our U.S. B drive on clinics and then copy backdoor to the slash

85
00:06:06,170 --> 00:06:10,810
media slash route and then do its B drive unplugged.

86
00:06:10,820 --> 00:06:16,760
B is B drive and I know that this process is getting repetitive but you have to do this after every

87
00:06:16,760 --> 00:06:20,510
video so we can test each and every function of our back door.

88
00:06:23,130 --> 00:06:24,810
Let's go right here.

89
00:06:24,810 --> 00:06:28,110
Open up the speed drive.

90
00:06:28,110 --> 00:06:30,440
Copy the backdoor.

91
00:06:30,570 --> 00:06:32,990
And before we actually compile it this time.

92
00:06:33,120 --> 00:06:36,430
Remember that we have a library that we do not have installed.

93
00:06:36,480 --> 00:06:44,230
Therefore we need to keep three installed by our two goofy press here enter.

94
00:06:44,490 --> 00:06:46,470
It will install the library for us.

95
00:06:46,560 --> 00:06:49,780
In my case the requirement is already satisfied for you.

96
00:06:49,860 --> 00:06:58,700
It will install the library and after it we can compile the program by installer backdoor.

97
00:06:58,990 --> 00:07:03,170
That's why there dash one file dash dash no console

98
00:07:09,350 --> 00:07:16,810
let's run our server in our clinic's machine open up the terminal cleared the screen.

99
00:07:16,820 --> 00:07:22,600
Python 3 server dot B why listening for the incoming connections.

100
00:07:22,610 --> 00:07:28,850
The compiling of the program finished and now we can run it let's run it from the D directory so double

101
00:07:28,850 --> 00:07:33,300
quick we get no error so everything seems to work correctly.

102
00:07:33,380 --> 00:07:36,260
And right now let's try the screenshot comment.

103
00:07:36,290 --> 00:07:40,520
If I type screenshot it will take a second or two

104
00:07:43,290 --> 00:07:43,760
if I type.

105
00:07:43,760 --> 00:07:44,340
Who am I.

106
00:07:44,850 --> 00:07:50,990
We can execute the commands right after it and if I go to my directory right here we get screenshot

107
00:07:51,000 --> 00:07:53,820
zero inside of our patron directory.

108
00:07:53,850 --> 00:08:00,960
Now let's double click on the screenshot zero and it seems that it didn't save it as the PMG and that

109
00:08:00,960 --> 00:08:08,700
could be because right here inside of our server we can add that being G or we can simply just go like

110
00:08:08,700 --> 00:08:18,630
this to the home then to the pie chart projects backdoor and we can open the image of ourselves.

111
00:08:18,700 --> 00:08:18,960
OK.

112
00:08:19,000 --> 00:08:20,040
So here it is.

113
00:08:20,230 --> 00:08:24,790
We opened the screenshot and it managed to take the screenshot of the target's desktop.

114
00:08:24,820 --> 00:08:29,970
Now the reason why we're seeing color Linux is because the clinics is being run on the target's desktop

115
00:08:29,980 --> 00:08:32,280
therefore we see clinics.

116
00:08:32,380 --> 00:08:33,580
If I lower the screen

117
00:08:37,340 --> 00:08:38,130
that's large.

118
00:08:38,130 --> 00:08:47,140
This just so I can open the pie chart and I type screenshot fonts again.

119
00:08:47,160 --> 00:08:52,500
Let's take a look right now we want to see whether the previous one was overwritten and also whether

120
00:08:52,500 --> 00:08:56,770
it took the second screenshot as we can see there is screenshot 0 which is still there.

121
00:08:56,790 --> 00:09:02,580
It is not being overwritten and there is screenshot 1 and here's the second screenshot that we managed

122
00:09:02,580 --> 00:09:04,110
to take on Target's desktop.

123
00:09:04,680 --> 00:09:07,420
So our function works really well.

124
00:09:07,560 --> 00:09:08,640
Great.

125
00:09:08,700 --> 00:09:14,190
Now what we are left to do is we are left to implement a key logger in next video and also after it

126
00:09:14,220 --> 00:09:19,020
we need to implement the persistence and our backdoor is officially finished.

127
00:09:19,240 --> 00:09:25,380
So without further ado let's go straight into implementing key logger in the next video.

128
00:09:25,380 --> 00:09:26,170
See you there.

129
00:09:26,220 --> 00:09:26,460
By.