1
00:00:00,300 --> 00:00:02,570
Hello everybody and welcome back.

2
00:00:02,570 --> 00:00:07,350
And right now let us see how we can implement our key logger in our back door.

3
00:00:07,410 --> 00:00:13,770
Now in order for us to do that we need to actually specify the key logger in one function so we don't

4
00:00:13,770 --> 00:00:16,260
actually code too much in our back door.

5
00:00:16,710 --> 00:00:23,040
So what we want to do is actually code in our key logger program a function that will call all other

6
00:00:23,040 --> 00:00:24,060
functions.

7
00:00:24,090 --> 00:00:32,770
So if I open my KG pi let me just remove the kg at the 60 and then key logger the pie right here.

8
00:00:32,940 --> 00:00:38,850
We can see that this part right here which is with Kid Baldesarra actually calls the report function

9
00:00:39,390 --> 00:00:45,770
and then the It also calls the keyboard listener at the joint function with actual reasons for our keys

10
00:00:45,780 --> 00:00:46,900
right here.

11
00:00:47,070 --> 00:00:50,220
We also have the en processed keys right here.

12
00:00:50,220 --> 00:00:54,930
So what we want to do is actually make a function that will perform this code right here.

13
00:00:55,470 --> 00:01:00,660
And once we make that function what we will do is basically just call that function from our backdoor

14
00:01:00,900 --> 00:01:11,180
once we import our key logger in our backdoor so just type here for example def and then let's call

15
00:01:11,180 --> 00:01:13,420
it start which is why.

16
00:01:13,460 --> 00:01:15,480
Which is the function that will actually start.

17
00:01:15,500 --> 00:01:21,650
Our key logger in our backdoor so we don't specify anything in that function we just place this code

18
00:01:21,650 --> 00:01:24,140
right here in that function.

19
00:01:24,200 --> 00:01:30,080
Now in our case right now we do not want to call this function anywhere in the key logger code since

20
00:01:30,080 --> 00:01:35,510
we will not run this program will just import this program as a library into our backdoor.

21
00:01:35,750 --> 00:01:39,790
And then we will use available functions from this program in our backdoor.

22
00:01:39,800 --> 00:01:41,690
What we will specify is the program name.

23
00:01:41,840 --> 00:01:43,080
And then dot start.

24
00:01:43,220 --> 00:01:47,700
And this will perform this code right here which will perform these two functions.

25
00:01:47,720 --> 00:01:53,930
So let us see what else we need to change right here in order for this to actually work.

26
00:01:53,930 --> 00:01:54,380
So

27
00:01:58,170 --> 00:02:05,180
we have the file right here so let me just specify it right here.

28
00:02:05,190 --> 00:02:13,980
Now the next thing we want to do is actually hide this key logger that the axes since if we run our

29
00:02:13,980 --> 00:02:15,240
backdoor on desktop.

30
00:02:15,420 --> 00:02:22,820
This key logger that the 60 folder or file will actually be saved somewhere on our desktop.

31
00:02:22,830 --> 00:02:28,130
So what we want to do is actually open this key logger in a different path.

32
00:02:28,140 --> 00:02:36,080
So path can the path will actually be a variable that we specify right here.

33
00:02:36,180 --> 00:02:44,490
So we can use the global path or we can actually code it right here it doesn't even matter.

34
00:02:44,750 --> 00:02:46,670
Path equals.

35
00:02:46,970 --> 00:02:54,880
And then in order to specify the path to the DPP data the same as in our backdoor we need to you import

36
00:02:55,510 --> 00:03:04,490
os right here in order to find the actual the actual ERP data environment.

37
00:03:04,520 --> 00:03:09,950
So what we need to do is use the function called always environments or path will be always thought

38
00:03:10,010 --> 00:03:18,140
environ AP data which is the same that we use in our backdoor which would basically save our key logger

39
00:03:18,140 --> 00:03:20,070
that the extra at the same folder.

40
00:03:20,170 --> 00:03:27,740
And we need the name in order to name it and let's call it key logger not the AKC we'd specify this

41
00:03:28,190 --> 00:03:30,680
in between these double quotes.

42
00:03:30,680 --> 00:03:33,290
So this will be our path.

43
00:03:33,290 --> 00:03:35,390
That is where we will save our key logger.

44
00:03:36,170 --> 00:03:42,710
And all we need to do right here is use our global path variables so global path and specify it right

45
00:03:42,710 --> 00:03:43,820
here.

46
00:03:43,820 --> 00:03:50,690
This will open that path every time for the appending and then from our backdoor we can actually open

47
00:03:50,690 --> 00:03:55,550
that path as well and read from that follow Senate contest back to us.

48
00:03:55,550 --> 00:04:00,260
So I believe this should be it right now for our key logger.

49
00:04:00,290 --> 00:04:07,190
Now before I do anything let me just specify this to me for example 10 seconds you can put this here

50
00:04:07,190 --> 00:04:08,000
any number you want.

51
00:04:08,010 --> 00:04:14,780
Basically this is just seconds at where at which point it will write the the contents of the pile for

52
00:04:14,780 --> 00:04:23,400
us so let us actually see how this will work in our backdoor so control or to save.

53
00:04:23,430 --> 00:04:29,610
And right now we need to make sure first of all that our key logger the PVI program is insane directories

54
00:04:29,660 --> 00:04:31,250
everywhere shall not be wide.

55
00:04:31,650 --> 00:04:37,260
Since we will not be able to import it if it is not right now if I just go here now reverse shoulder

56
00:04:37,490 --> 00:04:43,980
why I will go right here and import my key logger.

57
00:04:44,100 --> 00:04:49,830
Now I also need to import threading since I will be running our key logger on a separate thread so we

58
00:04:49,830 --> 00:04:54,630
can actually continue to run our program while our key logger is actually running.

59
00:04:55,470 --> 00:05:04,130
So what I want to do right now is basically go to my ls if statement and let's say the command we use

60
00:05:04,130 --> 00:05:10,400
the same command or not same overly or something different so let us go first of all whoever else if

61
00:05:10,400 --> 00:05:20,050
statement let's go all the way down after the check for the administrator privileges that is code another

62
00:05:20,060 --> 00:05:20,650
all safe.

63
00:05:20,650 --> 00:05:32,710
So else if command and then for example first twelve letters equal to key log start if our user types

64
00:05:32,720 --> 00:05:33,430
this.

65
00:05:33,560 --> 00:05:40,160
Basically what this will do is it will actually let us see what this will do.

66
00:05:40,160 --> 00:05:42,440
So it will

67
00:05:46,650 --> 00:05:47,750
start our key logger.

68
00:05:47,760 --> 00:05:55,740
So in order for us to do that let us just type here the one which was set for thread 1 and what we want

69
00:05:55,740 --> 00:06:02,520
to do is actually specify the function that we want to use and the function that we want to use is basically

70
00:06:02,550 --> 00:06:05,100
our key logger dot start function.

71
00:06:05,100 --> 00:06:09,030
So T1 equals threading not threat.

72
00:06:09,210 --> 00:06:15,420
This is the syntax for using a thread on a separate function and invariant specify the target and the

73
00:06:15,420 --> 00:06:20,230
target is basically the function that you want to run as a separate thread and our function will be

74
00:06:20,230 --> 00:06:26,170
a key logger that start I believe that is how we named it.

75
00:06:26,250 --> 00:06:33,950
So all we have to do right now is actually start that function or part of start of the thread.

76
00:06:34,200 --> 00:06:43,050
Right now we actually started a separate thread which will actually open and we call the keystrokes

77
00:06:43,050 --> 00:06:47,580
and target P.C. so we imported the threading we ported the key logger

78
00:06:51,070 --> 00:06:55,510
and everything should be good to go right now I believe all we have to do is also code the server side

79
00:06:55,510 --> 00:06:56,020
of the code.

80
00:06:56,020 --> 00:06:59,990
So let me just check once again we start our queue logger.

81
00:07:00,190 --> 00:07:06,100
Let me save this and then the key logger so I can see if everything is well then the key logger will

82
00:07:06,100 --> 00:07:14,780
go to the start function right here it will go to the report it will open a file at that path it will

83
00:07:14,780 --> 00:07:21,350
open this file right here which we need to code and specify in our reverse shell as well so we can actually

84
00:07:21,350 --> 00:07:26,990
delete it once because the reverse shell and that is basically it I believe.

85
00:07:26,990 --> 00:07:33,380
So let us actually go right here back to our reverse shell and once the user specifies for example

86
00:07:38,990 --> 00:07:48,120
let me just find it specifies Q Before we actually break for Lee out the program we need to type here.

87
00:07:48,140 --> 00:07:52,950
Try deleting so all that remove

88
00:07:55,890 --> 00:08:01,200
the path which was specified right here so path will equal this.

89
00:08:01,500 --> 00:08:04,680
Let me just find this part right here.

90
00:08:07,200 --> 00:08:19,700
Location key logger path score path equals or basically just equals this so paste this path right here.

91
00:08:19,890 --> 00:08:24,930
Then we want to delete this key logger path will be this part right here.

92
00:08:24,930 --> 00:08:31,260
Then we want to actually delete that part in our key logger after we specify the Q options so delete

93
00:08:31,410 --> 00:08:33,780
key logger path

94
00:08:36,760 --> 00:08:38,110
and that's about it.

95
00:08:38,190 --> 00:08:43,820
Except not really sure if you could continue with work.

96
00:08:43,840 --> 00:08:44,500
It should work.

97
00:08:44,530 --> 00:08:48,930
So accept continue and then break out of the program.

98
00:08:49,180 --> 00:08:54,400
So it will try to remove this key logger path or basic level key logger about the Steve from the roaming

99
00:08:54,400 --> 00:08:55,530
folder.

100
00:08:55,540 --> 00:09:01,150
Now if it can delete that path that means that we didn't even start our key logger with our reverse

101
00:09:01,150 --> 00:09:06,450
shell so it will just continue and break out of the loop and basically closed the program.

102
00:09:08,240 --> 00:09:15,690
So all we have to do right now is code another elusive statement which will basically.

103
00:09:16,100 --> 00:09:21,770
With this we only started the key logger and now let's see what we actually have to do in order to get.

104
00:09:22,430 --> 00:09:29,830
Basically in order to read what the key logger has said so we will use something as similar as in the

105
00:09:29,830 --> 00:09:36,910
methods points or key logger dump which has eleven letters I believe equals equals to keep a log the

106
00:09:36,920 --> 00:09:45,780
score dump that we just count one two three six seven eight nine ten eleven So if this if the command

107
00:09:45,780 --> 00:09:55,950
equals two key log dump what we want to do is open basically so fin equals open

108
00:09:59,720 --> 00:10:01,420
all let's call it just have fun.

109
00:10:01,540 --> 00:10:07,800
So event equals open the key logger path.

110
00:10:08,490 --> 00:10:22,270
So we want to open that for reading then basically we want to reliable send underscore send the offender

111
00:10:22,270 --> 00:10:31,790
out read which will send the contents of our of our keystrokes that persuaded two key logger that the

112
00:10:32,120 --> 00:10:32,850
file.

113
00:10:33,110 --> 00:10:38,610
So this might actually work or it might have a bunch of the errors.

114
00:10:38,610 --> 00:10:44,410
I'm not really sure so we will have to check that out what we did.

115
00:10:44,410 --> 00:10:50,280
Code is to remove the key logger so we will first of all see if everything goes well.

116
00:10:50,290 --> 00:10:56,200
So all we have to do right now is actually code the same path read here or same comments right here

117
00:10:56,590 --> 00:11:01,320
in our in our server side of the code.

118
00:11:01,330 --> 00:11:06,860
So let us say this and then onto the server.

119
00:11:06,880 --> 00:11:08,950
The P Y right here.

120
00:11:11,130 --> 00:11:14,790
And let's see what actually has to happen once we type here.

121
00:11:14,790 --> 00:11:16,110
Key log stop start.

122
00:11:16,110 --> 00:11:20,580
And once we type your key log that or underscore dump.

123
00:11:21,150 --> 00:11:27,200
If I just go right here we will code something like Same like this.

124
00:11:27,230 --> 00:11:33,020
So for the clock start since we don't receive anything for the kill OK stop comment let us code the

125
00:11:33,020 --> 00:11:46,640
same the same thing so else if command and first four letters equal to key log on the score start all

126
00:11:46,640 --> 00:11:52,790
we want to do is continue with the program so we don't get actually bugged out at this right here.

127
00:11:52,790 --> 00:11:58,810
So we will try to receive and with the key logs start option we don't receive anything from ours.

128
00:11:58,890 --> 00:11:59,950
Reverse show.

129
00:12:00,020 --> 00:12:02,200
So it will actually crash our program.

130
00:12:02,420 --> 00:12:07,760
So we want to quote a statement right here which if we specify a key log start it will continue and

131
00:12:07,760 --> 00:12:13,040
it will go back to this shell right here where we can input our next command.

132
00:12:13,190 --> 00:12:24,420
And for the key logger else if command first eleven equals equals key log on the score dump groups that

133
00:12:24,430 --> 00:12:25,570
we just closed this.

134
00:12:25,700 --> 00:12:32,510
We want to reliable or actually we do not even need this part right here since we will actually do it

135
00:12:32,540 --> 00:12:35,810
with this command which is for any other statement right here.

136
00:12:35,810 --> 00:12:45,300
So we do not need to know to code anything for the key log dump let us delete this we don't need it.

137
00:12:45,720 --> 00:12:48,060
So this should be good I believe.

138
00:12:48,060 --> 00:12:54,990
Let us try to compile our reverse shall not let us first double check it once again.

139
00:12:55,000 --> 00:12:58,580
So let we just zoom out since it is easier to navigate through code.

140
00:12:58,590 --> 00:13:03,970
Once the code is in lesser format so let me just see.

141
00:13:04,140 --> 00:13:08,070
We delete the path which is good if it doesn't exist.

142
00:13:08,070 --> 00:13:16,660
We continue with this and then we break out of the program then what we want to do is actually let me

143
00:13:16,850 --> 00:13:19,260
find where the key lock start is.

144
00:13:20,300 --> 00:13:21,550
So here it is.

145
00:13:21,800 --> 00:13:29,210
We start the thread for our key logger that start and we read the contents from that file for key logger

146
00:13:29,230 --> 00:13:35,030
that the underscore dump so let's see if this will work.

147
00:13:35,040 --> 00:13:47,220
So let us just actually compile this with the wine or root wine grape seed Python simpleminded before

148
00:13:47,220 --> 00:13:49,580
scripts by installer.

149
00:13:49,750 --> 00:13:58,130
So let's just use here for example just the reverse shell and then one file.

150
00:13:58,260 --> 00:14:05,730
We do not need the image for now on we will do a full test of our back door later on console.

151
00:14:05,740 --> 00:14:08,430
Now let's see if this will compile well enough.

152
00:14:08,820 --> 00:14:09,930
So what this should do.

153
00:14:13,240 --> 00:14:18,790
Is once you specify the key lock start we don't get anything received back but we should have the key

154
00:14:18,790 --> 00:14:25,630
logger in our AP data roaming folder and everything we type there it should be printed out in the key

155
00:14:25,810 --> 00:14:33,350
logger data folder so we will see how that will work for now let me just plug in my view as we drive

156
00:14:39,270 --> 00:14:48,450
let us go to the device's import our year be dry right here then I want to go to this right here more

157
00:14:48,480 --> 00:14:52,320
my reverse shout to the media route and then carry alive

158
00:14:55,130 --> 00:15:02,340
then once it finishes I can actually unplug my USP drive and run our shell.

159
00:15:02,390 --> 00:15:06,080
Now I'm not really sure why does it take so long to copy the file

160
00:15:10,680 --> 00:15:11,830
it we import it.

161
00:15:11,950 --> 00:15:24,260
So we did imported places computer Calvert live so it can load the cattle alive for some reason now

162
00:15:24,290 --> 00:15:29,060
on let's wait for a few seconds for this.

163
00:15:29,060 --> 00:15:33,380
Maybe it will work out if it doesn't we'll have to compile it once again.

164
00:15:33,410 --> 00:15:36,820
So let me just check this out.

165
00:15:37,500 --> 00:15:38,510
Why doesn't it work.

166
00:15:38,520 --> 00:15:46,280
So we can't even close these programs so let me just close it like this.

167
00:15:46,300 --> 00:15:49,840
Let's see if I go to media

168
00:15:53,380 --> 00:15:54,290
right here.

169
00:15:55,130 --> 00:15:57,120
Zoom in this a little bit.

170
00:15:57,390 --> 00:16:04,660
Will remove this reverse shell so I will go to the root python programs reverse and novel compile my

171
00:16:04,660 --> 00:16:05,810
program once again.

172
00:16:05,980 --> 00:16:12,370
But I need to delete this build delete the reverse shells pack letters from the same format for compiling

173
00:16:12,370 --> 00:16:14,670
our reverse shell.

174
00:16:14,780 --> 00:16:16,070
Now let us try to copy it.

175
00:16:16,100 --> 00:16:24,130
Once again power Kelly will be drive not pretty sure why it doesn't work.

176
00:16:24,130 --> 00:16:26,690
So it completed successfully.

177
00:16:27,100 --> 00:16:34,320
We go to this where our reversal is and we move the reversal to media route Ruth Kelly life OK so it

178
00:16:34,320 --> 00:16:41,440
corporate IT GOOD RIGHT NOW LET US unplug the U.S. B drive so we can use it on our windows that machine.

179
00:16:41,570 --> 00:16:47,400
All I want to do right now is run my server cannot assign requested IP address.

180
00:16:47,520 --> 00:16:49,380
This could be a problem or a problem.

181
00:16:49,380 --> 00:16:55,450
So we might actually need to compile it once again since our IP address is not not no longer the dot

182
00:16:55,460 --> 00:16:57,510
one of nine as in the previous video.

183
00:16:57,510 --> 00:16:59,240
It is actually not one but seven.

184
00:16:59,580 --> 00:17:04,980
So make sure to check that before you actually compile the program your IP address if it is not static

185
00:17:07,230 --> 00:17:07,980
could have changed.

186
00:17:07,980 --> 00:17:12,570
So what we need to do right now is do the same is in the reverse shell as well.

187
00:17:13,320 --> 00:17:20,010
So let me just delete all of these files from the previous compilation so let me just nano remote shell

188
00:17:20,460 --> 00:17:25,410
and change my IP address once again now sorry about this.

189
00:17:25,410 --> 00:17:32,610
Since we compile it three times I thought I had the same IP address but I apparently didn't have it.

190
00:17:32,640 --> 00:17:41,520
So I will need to compile it once again plug in my USP drive.

191
00:17:43,460 --> 00:17:50,240
And right now everything should be good to go and we should be able to run the program finally or we

192
00:17:50,240 --> 00:17:53,530
will get another error and we will need two things to fix something else.

193
00:17:53,540 --> 00:17:58,160
But that is the part of the coding that is why this is actually the advance section since we actually

194
00:17:58,160 --> 00:18:01,700
code ourselves and not use tools from other people.

195
00:18:01,700 --> 00:18:04,440
So let us move the reverse shell to media.

196
00:18:04,430 --> 00:18:07,210
Ruth Kelly live it.

197
00:18:07,210 --> 00:18:09,660
Copy the program.

198
00:18:09,680 --> 00:18:11,620
We clear this from the server.

199
00:18:11,960 --> 00:18:17,130
Listening for income in connection so we specify the good IP address which is our IP address.

200
00:18:17,240 --> 00:18:25,790
And right now all we want to do is run the reverse shell that you see we get failed to execute reverse

201
00:18:25,790 --> 00:18:26,580
shell.

202
00:18:26,630 --> 00:18:28,170
So not really sure.

203
00:18:28,190 --> 00:18:30,720
Why do we get that.

204
00:18:30,880 --> 00:18:35,820
That means something is wrong with our reverse shell in our code.

205
00:18:35,830 --> 00:18:37,900
So let us see where is our mistake.

206
00:18:38,770 --> 00:18:40,760
So this part right here.

207
00:18:41,570 --> 00:18:42,880
I can just find it.

208
00:18:42,880 --> 00:18:49,670
This part right here where we continue should be actually good key logger part path.

209
00:18:50,520 --> 00:18:53,420
So everything should be good to go.

210
00:18:53,460 --> 00:19:00,150
Key logger path equals is environ a BP data plus key logger that extend this path right here should

211
00:19:00,150 --> 00:19:01,810
also be good.

212
00:19:01,830 --> 00:19:07,600
So let me just find what else we coded which doesn't really work.

213
00:19:07,700 --> 00:19:14,110
Now it could be this path right here that we need to specify something differently.

214
00:19:15,270 --> 00:19:17,580
So let's see what we actually need to specify.

215
00:19:17,640 --> 00:19:20,210
So let me just go right here.

216
00:19:20,340 --> 00:19:23,760
Sometimes the order of the libraries could be a problem.

217
00:19:23,760 --> 00:19:30,750
So let me just try to put to import threading first and then import the keel over.

218
00:19:30,780 --> 00:19:37,770
Now this might not have anything to do with us but it is always a good thing to try we tried to connect

219
00:19:37,770 --> 00:19:40,120
to the good IP address.

220
00:19:40,210 --> 00:19:46,930
OK then we specify everything right here.

221
00:19:46,930 --> 00:19:49,830
Key logger start the one threading the thread.

222
00:19:49,900 --> 00:19:52,930
Then we use the function key logger about start.

223
00:19:52,930 --> 00:19:55,960
So let this code a simple program that will actually

224
00:19:58,460 --> 00:20:00,310
import key logger

225
00:20:03,640 --> 00:20:06,890
so key error a BP data.

226
00:20:06,890 --> 00:20:15,690
So why is this a key error path equals or is environ plus key logger that the XY

227
00:20:19,320 --> 00:20:26,970
so we need to run this in vendor's system so let me just see right here we imported the OS we import

228
00:20:26,970 --> 00:20:27,770
the threading

229
00:20:35,180 --> 00:20:40,130
we use the key logger but start to use this function right here.

230
00:20:40,190 --> 00:20:43,760
So everything should be good to go.

231
00:20:43,970 --> 00:20:45,890
So let's do something like this.

232
00:20:46,070 --> 00:20:49,070
We will just test out the key logger for a second.

233
00:20:49,070 --> 00:21:03,150
So now no test that P why we use user in Python we import or a key logger can import threading.

234
00:21:03,890 --> 00:21:17,080
Import os import py input and what we want to do right now is actually only run this so key logger that

235
00:21:17,360 --> 00:21:17,930
start

236
00:21:20,820 --> 00:21:23,380
let us see if I compile this.

237
00:21:23,560 --> 00:21:27,950
So let me first remove this right here.

238
00:21:27,950 --> 00:21:36,500
If I compile the program which is testable by so let me just find the same recommended before for the

239
00:21:36,500 --> 00:21:42,920
compilation and I will compile instead of diverse show I will compile test of pipe which will actually

240
00:21:42,920 --> 00:21:49,460
perform a test just on our key logger and we will see if it actually is something that is wrong with

241
00:21:49,460 --> 00:21:53,050
the key logger itself or is it something that's wrong with the backdoor.

242
00:21:53,040 --> 00:21:55,730
Now this is how you can check if your program is working.

243
00:21:55,730 --> 00:21:58,400
So as you go right here.

244
00:22:04,100 --> 00:22:13,090
We go to the test remove test to be acceding to media road kill alive.

245
00:22:13,550 --> 00:22:16,830
We unplug the U.S. a drone.

246
00:22:18,840 --> 00:22:20,910
Let us now run the test to see

247
00:22:24,660 --> 00:22:27,770
so actually something is wrong with the key logger itself.

248
00:22:27,780 --> 00:22:30,720
So let us see what is actually wrong.

249
00:22:30,720 --> 00:22:39,540
So nano tester by perhaps nanoscale logger that by so let's see what we need to import in order for

250
00:22:39,540 --> 00:22:41,320
this to actually work.

251
00:22:43,330 --> 00:22:49,750
So what I will have to do is actually check out this error in the by myself and then so we don't waste

252
00:22:49,750 --> 00:22:52,370
time I will tell you what the error was in the next video.

253
00:22:53,140 --> 00:22:57,100
So hope you enjoyed this and I hope I see you in the next one where we will actually see what is wrong

254
00:22:57,100 --> 00:22:58,430
with our program.

255
00:22:58,680 --> 00:22:58,900
But.