Hacking has made a scar in every business and often symbolizes the downfall of an organisation. This is so serious that it is used as the main theme for Sam Esmail’s TV series Mr. Robot, a show that gives the impression that we are really not alone in the auspices of the World Wide Web. It made us aware that someone from somewhere is watching our every move and is just waiting for a chance to do his thing.
As more television shows adopt a real life take on their storylines, this one television show has really made a mark into every real-world IT experts and professionals especially IT Services Australia. The show employs tactics and scenarios that happened or can possibly happen in the real world. But how did they get it so right? And what real-life hacking tools are they using to make the show more realistic? Let’s delve into the world of Mr. Robot to find out.
Mr. Robot is known to add a real taste of what hacking is like. And with that, they employed some tools which are commonly used by hackers in real life. Here are a few:
Wget, Shellshock, and John the Ripper
Wget is a free software package used to make HTTP, HTTPS, and FTP requests. The most popular usage of this tool is downloading a web page source or grabbing files from a web server via a terminal. This tool has been used to compromise systems through the use of vulnerabilities such as the shellshock bug in 2014. It is using open-source password-cracking software called John the Ripper.
Social Engineer Toolkit (SET)
SET is a social engineering framework that eases the process of setting up social engineering. Via its menu system, users can initiate email-based spear phishing attacks, fake websites, wireless access points and SMS spoofing.
btscanner was also used to snoop targets for Bluetooth capabilities. The tool then attempts to gather as much information as possible from the device without the need to pair. The tool is included in the Kali Linux distribution.
The show was also notorious because of its accurate depictions of the real-life security and hacking scenarios. From the computer codes to the realistic use of social engineering tactics, to the lingos used by the characters, Mr. Robot is spot-on with every hacking and security stuff – with the InfoSec community giving a thumbs up.
Let’s take a look at some of the hacking scenarios the show has realistically depicted:
The Café Hack
In the first season’s first episode, protagonist Elliot hacked a café owner’s Tor network using the café’s lightning-speed Wi-Fi and discovered some child pornography website and stashes of pictures. He then proceeded to tip the police and stormed the café to catch the paedophile.
Although the hacking part was pretty sick, the cops storming a place with just a tip is highly unlikely for them. The lingo used was pretty accurate also, thereby establishing Elliot as a legit security expert.
E-Corp. DDOS Attack
Later in the first episode, a major DDOS attack struck AllSafe, Elliot’s employer. The attack was all just a diversion for a bigger attack as the fsociety hackers secretly planted a rootkit in the system to steal data from AllSafe’s client, E-Corp. Elliot successfully stops the attack but keeps the rootkit open, allowing the hackers to maintain their presence in the system.
This part of the episode is considered by some as the most realistic hack of all. DDoS attacks can do massive damage to an organisation, but an attack that carries other hidden agenda is a major threat to organisations if not analysed completely.
Smart Home hack
Season 2’s pilot episode has made hacking a mini horror movie in a scene where a smart home was hacked by fsociety. The hack caused all the electronics in the apartment to go crazy.
Although a hack-like this is purely unbelievable, it’s still possible. According to IT Security Services Australia, there are several studies that support this act and that there are already experiments done to test this theory. One such test is conducted at the University of Michigan where researchers were able to hack doors and fire alarms through Samsung’s SmartThings platform. It truly shows that everything that is connected to the Internet is susceptible to hacking.
Writer’s note: I am in no such way promoting or providing information about hacking. This is only just an analysis. Hacking will still depend on how it’s been used – whether if it’s for the good or for someone else’s gain.