WEBVTT Kind: captions Language: en 00:00:12.160 --> 00:00:15.920 hello and welcome back to this  cyber security awareness course   00:00:16.880 --> 00:00:22.320 in this video we're going to demonstrate how  cracked applications and programs can actually   00:00:22.320 --> 00:00:28.720 harm your devices so for this demonstration  i've prepared these two programs over here   00:00:28.720 --> 00:00:35.200 the first one says original program and the second  one says cracked program and i've got this window   00:00:35.200 --> 00:00:43.680 over here now this window is going to represent  the attacker's machine so if we go ahead and open   00:00:43.680 --> 00:00:50.320 up the original program we can see over here  that it is asking us for an activation key and   00:00:50.320 --> 00:00:56.320 without this activation key we're never going to  be able to use this program so in this particular   00:00:56.320 --> 00:01:04.240 case people tend to go ahead and download cracked  applications or a cracked version of this program   00:01:05.360 --> 00:01:11.840 now i'm going to show you what can actually  happen if you open up correct applications   00:01:12.400 --> 00:01:17.600 so on the attacker's machine i'm just going to  type in this command now you don't have to worry   00:01:17.600 --> 00:01:24.880 about what this command means because we only care  about the final result so if i go ahead and open   00:01:24.880 --> 00:01:31.920 up the correct application we can see that it says  welcome to this program your program is activated   00:01:32.480 --> 00:01:39.920 we were able to bypass the activation screen but  in return on the attacker's machine we can see   00:01:39.920 --> 00:01:47.680 that we have an open session so what does an open  session mean well for example i can type sys info   00:01:48.480 --> 00:01:56.240 and i can see every single detail about your  device i can see that it is running on windows   00:01:56.240 --> 00:02:04.080 10 and it tells me the build it tells me that  it is an x64 architecture it tells me that the   00:02:04.080 --> 00:02:12.240 original language is english united states and it  also tells me the computer name i can do something   00:02:12.240 --> 00:02:21.840 else like open up a reverse shell on this machine  so by opening this reverse shell i can navigate   00:02:22.400 --> 00:02:30.000 inside every single directory on this machine  so for example let us navigate to the desktop 00:02:32.320 --> 00:02:42.880 so if i go to the users and then if i  type in the user which is windows 10 pro   00:02:44.880 --> 00:02:53.600 1 and if i type dir i can see every single  directory for this particular user i can   00:02:53.600 --> 00:03:00.400 see the desktop the contacts the downloads the  documents favorites and every single directory   00:03:00.400 --> 00:03:07.440 so let's go ahead and navigate to the desktop and  for example on the desktop i was able to find a   00:03:07.440 --> 00:03:15.440 text file that says data.txt now this could be  any file where you type your important passwords   00:03:15.440 --> 00:03:23.120 important credentials or something so i can  do something like opening up this text file   00:03:24.000 --> 00:03:31.440 and i can see over here that it has some saved  credentials test at test and the password says   00:03:31.440 --> 00:03:38.960 hello world one two three now this is really  dangerous because when you download programs from   00:03:38.960 --> 00:03:48.000 unauthorized and unoriginal sources you could end  up having this scenario on your device so this was   00:03:48.000 --> 00:03:54.240 just a simple demonstration of what could actually  happen when you download cracked applications   00:03:54.240 --> 00:04:01.840 or untrusted applications i hope that you like  this video and i'll see you in the next video