Over the years the most famous hacking tool that has made it into the movies is Nmap. When producers of a movie actually try to put a dose of reality into the computer hacking scenes Nmap will often flash up on the screen. AFAIK Trinity was the first in the Matrix. Nmap has also appeared in Elysium, The Bourne Ultimatum, Die Hard 4 and many others.
$199 ENROLLS YOU INTO OUR SELF PACED COURSE – LFS264 – OPNFV FUNDAMENTALS!
The debut season of Mr Robot has received a nod from the security focused twitters for its attempts at trying to keep things for the most part realistic. In the episodes so far we have seen hacker types communicating using IRC, there are Linux boxes as far as the eye can see and the main character wears a hoodie. Of course it is a television show that has to be entertaining so we have to give them some slack in getting a bit creative. So far they seem to be doing a pretty good job at maintaining a balance between the story and what is technically possible.
Here is a quick overview of some of the tools that have appeared in the show so far.
In multiple scenes we can see references to the Kali Linux
distribution, a complete operating system that has been packaged with configured and ready to use penetration testing (hacking) tools. If you are interested in learning about network security, get a copy of this and start playing! ** Only in your lab network of course! Breaking into computers you do not own is illegal in most parts of the world **.
Wget, Shellshock and John the Ripper
Wget is a terminal program to make HTTP requests, a popular use case is to simply download the source of a web page or grab a file from a web server in a terminal.Here this handy tool is used to compromise a system using one of the big vulnerabilities of 2014 the shellshock bug. You can see the commands being sent in the User Agent of the request to the web server, the command in the screen shot is simply
ENROLL TODAY IN THE SELF PACED COURSE – LFS263 – ONAP FUNDAMENTALS FOR $199!
While success was achieved here getting the
/etc/passwd file, without the
/etc/shadow file that contains the password hashes the next line where John the Ripper is launched is never going to work.
USB in the car park
We see in this scene one of the few Windows desktops shown – during this scene a security guard inserts a USB drive found in the car park into his system infecting his Windows XP machine with malware. Leaving infected USB flash drives in the car park of the target organization is a well known trick
to get code onto a system where network access is limited. In this instance the malware is caught by AVAST anti-virus.
Bluetooth Scanner (btscanner)
is used here to probe the targets phones for bluetooth capabilities. The tool attempts to extract as much information as possible from a Bluetooth device without having to pair. The btscanner program is included in the Kali Linux distribution and we can see from the title bar of the window that it is the operating system being used here.
$299 REGISTERS YOU FOR OUR NEWEST SELF PACED COURSE! LFD201 – INTRODUCTION TO OPEN SOURCE DEVELOPMENT, GIT, AND LINUX!
In this screenshot bluesniff
can be seen, this is another tool for attacking bluetooth enabled devices. In this screen shot the actual plan here is to perform a man in the middle attack against the targets bluetooth keyboard. With keyboard access the next move is to drop a Meterpreter shell onto the system for access to the target network.
Metasploit Framework (Meterpreter)
In this shot we can see a few lines from a Meterpreter
shell. Anyone who has used this tool knows a little bit of Meterpreter goes a long way
so there was no need for an extensive shot of this powerful tool. Part of the Metasploit penetration testing framework by Rapid7
, a Meterpreter shell gives an attacker full control of the target system as well as the ability to move around the network.
Social Engineer Toolkit (SET)
The Social Engineer Toolkit Social Engineer Toolkit
or SET is a framework that makes setting up social engineering attacks easier. Email based spear phishing attacks, fake websites and wireless access points can all be launched through its menu system. In this case they are using the SMS spoofing module.
REGISTER TODAY FOR YOUR KUBERNETES FOR DEVELOPERS (LFD259) COURSE AND CKAD CERTIFICATION TODAY!
$499! $299 now!!
Netscape Navigator the hackers browser of choice
Windows 95 and Netscape Navigator are mentioned when the lead character is thinking about his first steps as a hacker. In the screen shot you can see the source being viewed… careful if you see someone viewing the source they are no doubt a dangerous hacker. The humble web browser is actually a very useful tool for an attacker whether they are launching web application attacks or researching LinkedIn for social engineering attacks
There you go a bit of fun for the end of the week. If you are after more information on any of the tools explore the included links or try searching. The great thing about all these open source tools is there are lots of tutorials and documentation available.
To learn Linux, hit the link below and enroll now.
$299 WILL ENROLL YOU IN OUR SELF PACED COURSE – LFS205 – ADMINISTERING LINUX ON AZURE!
© 2014 Hacker Target Pty Ltd
Source: Exploring the Hacker Tools of Mr Robot | HackerTarget.com
BUNDLE CLOUD FOUNDRY FOR DEVELOPERS COURSE(LFD232) AND THE CFCD CERTIFICATION FOR $499!