How Hackers Remotely Control Any PC?!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

this tutorial show you exactly what you can do to gain complete control of any computers of any machine and this is crazy i kid you not if you watch carefully to the end you'll see everything that you need to do in order to gain complete control of the computer you're targeting and i know why you're here you want to become mr hackaloy isn't it to be so cool and to be able to just send a link and next thing you know you can completely control the phone or the machine or whichever the case is and yes we'll be learning just that [Music] and remember kids hacking is illegal if you want a hack you want to send laying to anyone to execute the file send it to mr hackaloy because once you send it to mr heckler what i'll do is i'll help you analyze your link so that i can get your ip address i will know your account i'll know what computer you're using and then after which i help you control your computer for free yeah it is completely free of charge i promise you so first thing first you have mr hacker lawyer on the left and what mr hackalone would do would then be to create a malicious file and this file can be in any format that you want it could be a microsoft word document it could be a bat file whichever case is what you want to do is to be able to send this file over to the user and in this case let's say we send it to scriptkittyloy and what scriptcd lloyd will then do is that he will execute onto the file all right and once the file has been executed that will then allow us to complete control over their computer system okay and from there on we'll be able to literally do anything that we want to do to a target machine including remotely controlling the entire laptop or the desktop or the machine whichever case is all right so right in front of us we're in column linux which is our ethical hacking operating system yes so we'll be using this to go after any computers that we want to so the first thing you want to do you can use sudo apt install powershell empire alright so we'll be using empire to be the one to help us attack and gain access to the target machine so as you can see here we have already gotten the latest version next up what you can do is you can do sudo powershell empire followed by servers start of the server and you can see here we have loading default configuration bypasses stages modules and we'll explain a little more as we run through the entire tutorial for you okay there you go server is ready as you can see right here okay once you're ready go ahead and open up a new terminal and enter pseudo powershell empire okay followed by client hit enter on that and we'll begin connecting to the server that we have created earlier all right so you can see over here attempting to connect and now we're in we're connected to localhost and what we can do next is go ahead and enter use listener right followed by http so there are many different options for us when it comes to listener and what happens is once the user clicks the link execute a file that's it we gain remote access into the entire computer system and what we can do here is we can go ahead and say set port all right by say four three two one so you can see here we have all this different information so we have the port number we have the name we have the launcher and so on and so forth go ahead hit enter on that and that's it done we'll set up the port number and we go ahead and enter execute and you can see here listener name http already exists so we can enter say listeners and we can see over here we have a http client server right that is running on http on that and next up what we can do is we can create the malicious file so we use stager all right in this case we can use windows slash as you can see here we have a lot of options we have reverse shell we have macro we have backdoor launcher vbs and so many different options available for us so in this case i can say use launcher underscore bat all right and then we can set the listener all right so in this case http is our listener so once we have that all we got to do is go ahead and enter execute in three two one hit enter and that's it you can see the following launcher.bet return to var lead powershell empire client generated stages launcher.bat and now that we've created a malicious file what we need to do is to be able to host it and send it over target users link so what we can do now is go ahead and open up our apogee service so enter sudo system ctr start apigee 2.service hit enter on that so we started our web server and next thing what we can do now is to go ahead and move that file that we have created into var www.html and before that all right let's go ahead and put a super user do else we'll get a permission denied statement and here we have a target machine which is a windows computer and they're entering the ip address so in the real world you'll be having a domain name followed by whichever part number you're running on and followed by of course the launcher.bat file so with that all i got to do is go ahead and hit enter and that will begin what do you want to do with launcher.bat so i can save as and perhaps i can drop it into the download folder in windows go ahead and click save on that if you go ahead and open up the folder of downloads you can see here we have the launcher file so go ahead and double click on it and that's it it is literally a game over right now as you can see right here we got the following sending agent at 192 168.016 so we are in and we can interact with the hacklin machine now by entering agents and we can see right here we got the following all right so this is the language the ip address the username and all these different details that were received and we are able to further the attack on the target machine so what we can do is use module in this case we can say use powershell followed by slash collection so you can see a lot of different modules available for us target into the machine so collection and then what we can do here is we can target say toasted hit enter on that okay and we can see all the different options is available and we can set say verify crates that will help us check for the username and the password field has been entered by the user so in this case i'll set that to true except what we can do is set the agent or in this case we have one single agent we can target and once we have all this all you got to do right now is execute this module against the target machine and we can begin collecting the username and password field so let's go ahead and enter execute and you want to watch really carefully on the bottom right okay in three two one i hit execute and i jump over into the windows machine watch carefully you can see right here there's a pop-up windows will restart in five minutes to finish installing updates and once i go ahead and click restart all right you can see the following information here are you sure you want to reschedule restarting your pc i enter my username as well as my password i click ok and that's it i jump back over call linux and you can see over here we got the fish credentials right there loi leon young and the password of one two three four five six seven eight next thing i wanna show you over here is we're back to the windows machine and i'm going to go on the remote desktop and click don't allow remote connections to this computer i click apply i click ok on that and i jump back over to call linux and what we can do here now is to be able to use module and i can enter rdp to see whether we can enable rtp here so which means that this gives us remote desktop protocol on a target machine hit enter on that okay and we have the agent enter execute hit enter on that again and oh we got an error module needs to run in elevated contacts don't panic it's okay it's normal all right what we want to do now is to elevate our privileges so what we want to do is to enter use module in this case we want to look out for some kind of bypass perhaps on the usc segment of things so here let's take a look at some of the options that we have all right so we have powershell we're privileged escalation and we have bypass usc hit enter on that okay so we got the following all right we have user agent we have the agent so let's go ahead and set agent to the target agent that we have all right we can all this different information right now let's go ahead and set the listener to all right so in this case we have http listener hit enter on that and once you're ready enter execute go back over to the target machine because task has been executed now and we can see right here sql client configuration utility exe hit yes on that and once we jump back over to call linux we now have a new agent and how do we know that we can enter agents hit enter and you can see the following here there's something really special because we have an asterisk asterisk means that we have elevated permissions elevated contacts so that we can do a lot more things just for example being able to enable remote desktop connection to target server so now what we're going to do is interact with the target agent which has the elevator privilege so hit enter on that and now we use the same module right so here again i'll enter rdp and then we have the powershell management enable rdp hit enter on that and then once you're ready on this go ahead and hit execute and once you do that it has now gone into the target machine and has enabled the rdp so you can see right here all right we have the following enable rdp completed so now let's go ahead and remotely connect to the target server so i can use the x3 rdp and what we want to do now is specify the username that we have collected as well as the password of one two three four five six seven eight and in this case of course the target id address of 192.168.0.1.6 and once you're ready in three two one hit enter on that and you can see the following boom that's it we're in we have full complete control of the entire computer system with great power comes great responsibility what you have seen is just a simple introductory of using empire powershell to help us gain complete control of the system and to run a lot of all this post exploitation attacks against those target systems i hope you learned something valuable and insightful in today's tutorial like share subscribe and turn on notifications so you do not get hacked

Info

Channel: Loi Liang Yang

Views: 251,122

Rating: undefined out of 5

Keywords: hacker, hacking, cracker, cracking, kali linux, kali, metasploit, ethical hacking, ethical hacker, penetration testing, penetration tester, owasp

Id: nj1eb9KEC7s

Channel Id: undefined

Length: 9min 46sec (586 seconds)

Published: Sun Sep 04 2022