The debut season of Mr Robot has received a nod from the security focused twitters for its attempts at trying to keep things for the most part realistic. In the episodes so far we have seen hacker types communicating using IRC, there are Linux boxes as far as the eye can see and the main character wears a hoodie. Of course it is a television show that has to be entertaining so we have to give them some slack in getting a bit creative. So far they seem to be doing a pretty good job at maintaining a balance between the story and what is technically possible.
Here is a quick overview of some of the tools that have appeared in the show so far.
Wget, Shellshock and John the Ripper
Here this handy tool is used to compromise a system using one of the big vulnerabilities of 2014 the shellshock bug. You can see the commands being sent in the User Agent of the request to the web server, the command in the screen shot is simply
While success was achieved here getting the
/etc/passwd file, without the
/etc/shadow file that contains the password hashes the next line where John the Ripper is launched is never going to work.
In the screen shot from Mr Robot we can see candump, one of the Linux utilities used for viewing the canbus messages.
USB in the car park
Bluetooth Scanner (btscanner)
Metasploit Framework (Meterpreter)
Social Engineer Toolkit (SET)
Netscape Navigator the hackers browser of choice
There you go a bit of fun for the end of the week. If you are after more information on any of the tools explore the included links or try searching. The great thing about all these open source tools is there are lots of tutorials and documentation available.
It is refreshing to see a television show making an effort to not only highlight capabilities of current hacking techniques but trying to stay reasonably close to reality, unlike the nonsense seen in CSI:Cyber. 🙂