1
00:00:00,000 --> 00:00:02,760
‫Instructor: Hi, within this section,

2
00:00:02,760 --> 00:00:06,600
‫we are going to discuss how we can create a Backdoor

3
00:00:06,600 --> 00:00:08,550
‫so that we can get an access

4
00:00:08,550 --> 00:00:12,660
‫to the target device that is a phone or a tablet

5
00:00:12,660 --> 00:00:17,130
‫so that we can discover their files, discover their folders,

6
00:00:17,130 --> 00:00:20,010
‫get full access of the target device

7
00:00:20,010 --> 00:00:24,150
‫like opening their Webcam or camera

8
00:00:24,150 --> 00:00:27,360
‫and accessing their private information.

9
00:00:27,360 --> 00:00:31,080
‫And this is very achievable using Kali Linux.

10
00:00:31,080 --> 00:00:35,250
‫And we are going to see how we can do it with details.

11
00:00:35,250 --> 00:00:38,130
‫However, there is also another issue

12
00:00:38,130 --> 00:00:41,970
‫that we might want to consider before we start.

13
00:00:41,970 --> 00:00:44,010
‫Once we create a backdoor,

14
00:00:44,010 --> 00:00:48,990
‫once we create a malicious file that lets us access

15
00:00:48,990 --> 00:00:53,910
‫to the target computer or device or tablet or phone,

16
00:00:53,910 --> 00:00:58,910
‫it's also wise to think how we can deliver that file,

17
00:00:59,340 --> 00:01:01,530
‫deliver that malicious file

18
00:01:01,530 --> 00:01:06,530
‫to the target person that is using this phone or device.

19
00:01:07,050 --> 00:01:12,050
‫This is very easy to do in devices like computers, laptops

20
00:01:12,960 --> 00:01:15,240
‫because you can just email them

21
00:01:15,240 --> 00:01:17,910
‫and someone can download the EXE file

22
00:01:17,910 --> 00:01:20,610
‫and double click on them and it'll work.

23
00:01:20,610 --> 00:01:24,030
‫But it's not the case for phones, right?

24
00:01:24,030 --> 00:01:27,390
‫So if you're using iOS for example,

25
00:01:27,390 --> 00:01:31,800
‫then I believe you won't remember any time

26
00:01:31,800 --> 00:01:34,920
‫that you downloaded something from the internet

27
00:01:34,920 --> 00:01:37,920
‫and just double clicked on it and played it.

28
00:01:37,920 --> 00:01:42,840
‫Why, because we use App Store to install applications

29
00:01:42,840 --> 00:01:47,730
‫on iOS devices like iPhone or iPad, right?

30
00:01:47,730 --> 00:01:50,520
‫So there is an official App Store

31
00:01:50,520 --> 00:01:53,940
‫and we download the applications from here.

32
00:01:53,940 --> 00:01:58,620
‫So suppose that we manage to create a backdoor, a Trojan

33
00:01:58,620 --> 00:02:01,770
‫or a malicious file for iOS.

34
00:02:01,770 --> 00:02:05,010
‫So how are we going to deliver this?

35
00:02:05,010 --> 00:02:08,250
‫So maybe you are curious about this stuff

36
00:02:08,250 --> 00:02:11,910
‫and you found out about a way to install these files

37
00:02:11,910 --> 00:02:15,360
‫to your iPhone, but most of the users,

38
00:02:15,360 --> 00:02:19,530
‫like 99% of the users won't even know that.

39
00:02:19,530 --> 00:02:22,260
‫And even if they knew, they would get suspicious

40
00:02:22,260 --> 00:02:24,870
‫and they won't install your file.

41
00:02:24,870 --> 00:02:29,250
‫So we can upload it to the App Store, right?

42
00:02:29,250 --> 00:02:32,580
‫So they can download it from the App Store.

43
00:02:32,580 --> 00:02:34,860
‫Yep, it's not possible actually

44
00:02:34,860 --> 00:02:39,860
‫because Apple checks every App Store application

45
00:02:39,870 --> 00:02:41,640
‫before they release it.

46
00:02:41,640 --> 00:02:44,700
‫So when you develop an application for Apple,

47
00:02:44,700 --> 00:02:46,530
‫you upload it to the App Store

48
00:02:46,530 --> 00:02:51,480
‫and you wait for something like two to three business days

49
00:02:51,480 --> 00:02:53,910
‫because they review your application

50
00:02:53,910 --> 00:02:58,500
‫and they see, they look, if you have anything malicious

51
00:02:58,500 --> 00:03:01,020
‫in that application.

52
00:03:01,020 --> 00:03:04,050
‫That's not very possible but even if you manage

53
00:03:04,050 --> 00:03:07,440
‫to hide it from the developers of Apple,

54
00:03:07,440 --> 00:03:10,200
‫even if it gets released on the App Store,

55
00:03:10,200 --> 00:03:13,470
‫they will take it down after a couple of days.

56
00:03:13,470 --> 00:03:18,470
‫So maybe you have heard it some kind of Trojans are backed

57
00:03:18,510 --> 00:03:22,620
‫or circulating in the Apple Ecosystem in the past.

58
00:03:22,620 --> 00:03:24,720
‫So how did it happen?

59
00:03:24,720 --> 00:03:29,700
‫So first of all, the restrictions of App Store got stricter

60
00:03:29,700 --> 00:03:34,700
‫and stricter each day, every day once they discovered

61
00:03:34,980 --> 00:03:38,220
‫that there are some certain malwares

62
00:03:38,220 --> 00:03:42,813
‫and there are some certain data leakages through the apps.

63
00:03:43,740 --> 00:03:47,490
‫But there is still some ways theoretically

64
00:03:47,490 --> 00:03:49,500
‫to overcome this problem.

65
00:03:49,500 --> 00:03:51,270
‫For example there is something

66
00:03:51,270 --> 00:03:53,190
‫called Apple Developer Account

67
00:03:53,190 --> 00:03:56,550
‫and you need to have that in order to upload your apps

68
00:03:56,550 --> 00:04:00,810
‫to the App Store and you need to pay $100 every year

69
00:04:00,810 --> 00:04:04,230
‫in order to have an Apple Developer Account.

70
00:04:04,230 --> 00:04:06,180
‫But there is also another thing

71
00:04:06,180 --> 00:04:09,450
‫called Apple Business Developer account,

72
00:04:09,450 --> 00:04:12,780
‫which is $300 per year.

73
00:04:12,780 --> 00:04:15,150
‫And once you get that,

74
00:04:15,150 --> 00:04:19,500
‫actually you're allowed to publish your applications

75
00:04:19,500 --> 00:04:22,680
‫without uploading them to the App Store.

76
00:04:22,680 --> 00:04:27,680
‫So that this is for business-to-business applications.

77
00:04:28,080 --> 00:04:32,040
‫So regular people do not see your application

78
00:04:32,040 --> 00:04:36,600
‫but the people you want to distribute this app to

79
00:04:36,600 --> 00:04:40,110
‫just can download this application around there,

80
00:04:40,110 --> 00:04:42,900
‫run on their iPhones or iPads.

81
00:04:42,900 --> 00:04:45,450
‫So theoretically, it's possible

82
00:04:45,450 --> 00:04:47,910
‫to open a Business Developer account

83
00:04:47,910 --> 00:04:51,420
‫and distribute your app through this way

84
00:04:51,420 --> 00:04:55,200
‫so that people can actually install this

85
00:04:55,200 --> 00:04:58,710
‫in their phones, in their iPads and stuff.

86
00:04:58,710 --> 00:05:02,760
‫But this is costly and it will be noticed

87
00:05:02,760 --> 00:05:05,940
‫in a couple of days and it'll be taken down.

88
00:05:05,940 --> 00:05:09,060
‫So I believe in the past year,

89
00:05:09,060 --> 00:05:12,960
‫a Russian hacker group managed to do this

90
00:05:12,960 --> 00:05:15,750
‫with exactly the business developer account

91
00:05:15,750 --> 00:05:18,390
‫and they got noticed in a couple of days

92
00:05:18,390 --> 00:05:19,980
‫and they got taken down

93
00:05:19,980 --> 00:05:23,730
‫but maybe they had reached their target, I don't know.

94
00:05:23,730 --> 00:05:26,610
‫So it's possible, but it's not applicable

95
00:05:26,610 --> 00:05:29,790
‫to the real-world most of the time.

96
00:05:29,790 --> 00:05:32,490
‫So what I'm going to do instead of this,

97
00:05:32,490 --> 00:05:37,490
‫I'm going to focus on Androids Backdoors

98
00:05:37,590 --> 00:05:41,790
‫because you can actually use under it backdoors

99
00:05:41,790 --> 00:05:44,280
‫in real life examples

100
00:05:44,280 --> 00:05:47,460
‫because even if we have Google Play like this

101
00:05:47,460 --> 00:05:51,630
‫even if we have Google Play to download the applications

102
00:05:51,630 --> 00:05:55,710
‫as an official App Store on Android devices,

103
00:05:55,710 --> 00:05:59,193
‫we also have other services,

104
00:06:00,452 --> 00:06:03,030
‫other ways of downloading applications

105
00:06:03,030 --> 00:06:07,650
‫and installing them on your Android phones as well.

106
00:06:07,650 --> 00:06:12,650
‫So even if we know about creating iOS backdoors,

107
00:06:12,780 --> 00:06:15,840
‫we won't even use them in real life.

108
00:06:15,840 --> 00:06:20,100
‫But if you know how to create backdoors for Android

109
00:06:20,100 --> 00:06:24,240
‫in a perfect way, then you will be able to practice it

110
00:06:24,240 --> 00:06:29,240
‫of course, within legal boundaries in real life as well.

111
00:06:29,310 --> 00:06:32,970
‫So that is the reason why we are going to do this.

112
00:06:32,970 --> 00:06:36,240
‫So of course, Google Play is a way

113
00:06:36,240 --> 00:06:38,430
‫of distributing your app as well

114
00:06:38,430 --> 00:06:42,210
‫but it'll get noticed and taken down eventually.

115
00:06:42,210 --> 00:06:44,280
‫So what we are going to focus on

116
00:06:44,280 --> 00:06:46,320
‫instead creating our backdoors

117
00:06:46,320 --> 00:06:51,320
‫and distributing them via emails or WhatsApp

118
00:06:51,600 --> 00:06:55,140
‫or any other measures because the people,

119
00:06:55,140 --> 00:06:58,320
‫the users of Android can actually click

120
00:06:58,320 --> 00:07:01,470
‫on the APK that is the final product

121
00:07:01,470 --> 00:07:03,120
‫of an Android development

122
00:07:03,120 --> 00:07:07,230
‫and run it on their own iPhones, or not iPhones,

123
00:07:07,230 --> 00:07:11,460
‫Samsung or any other Android phones or tablets.

124
00:07:11,460 --> 00:07:16,170
‫All they had to do is actually allow the unknown sources

125
00:07:16,170 --> 00:07:18,180
‫to be installed their phones

126
00:07:18,180 --> 00:07:23,180
‫and once they click on this APK file,

127
00:07:23,370 --> 00:07:27,090
‫the phone will ask them if they want to install this or not,

128
00:07:27,090 --> 00:07:29,730
‫or if they want to allow this or not.

129
00:07:29,730 --> 00:07:32,070
‫If they allow it, it will be installed.

130
00:07:32,070 --> 00:07:36,150
‫And luckily most of the Android users actually allow this

131
00:07:36,150 --> 00:07:40,080
‫because they want to download the other files.

132
00:07:40,080 --> 00:07:45,080
‫Other sources just not depend on only the Google Play.

133
00:07:45,150 --> 00:07:48,180
‫So this is an advantage for us.

134
00:07:48,180 --> 00:07:51,420
‫So if you're going to test this on your own Android phone

135
00:07:51,420 --> 00:07:52,920
‫or Android tablet,

136
00:07:52,920 --> 00:07:56,370
‫make sure you open this unknown sources as well

137
00:07:56,370 --> 00:07:57,960
‫from the settings.

138
00:07:57,960 --> 00:08:00,390
‫I'm going to show you how to do that

139
00:08:00,390 --> 00:08:03,780
‫during the lectures as well, don't worry, okay?

140
00:08:03,780 --> 00:08:07,800
‫And the reason that we are going to start with this is

141
00:08:07,800 --> 00:08:11,250
‫to practice the Kali Linux a little bit,

142
00:08:11,250 --> 00:08:14,730
‫learn about Android terms a little bit

143
00:08:14,730 --> 00:08:17,370
‫so that we can move onto the real thing

144
00:08:17,370 --> 00:08:19,350
‫where we're learning about programming

145
00:08:19,350 --> 00:08:21,210
‫and reverse engineering,

146
00:08:21,210 --> 00:08:24,300
‫the app manipulation and everything.

147
00:08:24,300 --> 00:08:29,250
‫So if you have experience on this APK files

148
00:08:29,250 --> 00:08:33,810
‫or kind of creating backdoors for Android before

149
00:08:33,810 --> 00:08:35,670
‫just be patient with me

150
00:08:35,670 --> 00:08:39,630
‫after the section we are gonna get so much real.

151
00:08:39,630 --> 00:08:42,180
‫So make sure you run your Kali Linux

152
00:08:42,180 --> 00:08:44,643
‫and meet me in the next lecture.