How Elliot Hacked the Prison 2023
How Elliot Hacked the PrisonIn Season 1 Episode 6 Elliot is being blackmailed by the ruthless and unrelenting drug dealer.
Malicious Flash pressure how Elliot Hacked the Prison:
Vera, to hack him out of prison. he’s preserving Elliot’s new love interest, Shayla, hostage and has given Elliot till nighttime to hack the prison’s computer device so one can launch him.
Elliot attempts to provide an explanation for to Vera that such a hack can’t be accomplished in a be counted of hours, however alternatively days or even weeks to find a security vulnerability that he can take advantage of. Vera, being the vicious and feeble-minded killer that he is, will now not relent to offer Elliot extra time. As a end result, Elliot has to strive a few less-than-most excellent techniques to try to hack Vera out of jail to shop the lovable Shayla (as you don’t forget, Shayla is likewise his morphine supplier).
In his first try and hack the jail, Elliot has Darlene, his pal and nemesis from f/society, “accidentally” drop infected flash drives out of doors the jail. The approach here is if a person within the jail’s community alternatives one up and inserts it into their pc gadget, with the intention to then inject malware and give Elliot a connection on the out of doors.
As predicted, a dimwitted corrections officer does select one up and inserts it into his computer.
Elliot is able to get a SSH connection to it, however earlier than he is able to do anything, the AV software detects it and disconnects Elliot. Elliot then chides Darlene as a “script-kiddie” for the use of a well-known malware from Rapid9 (a reference to Metasploit’s developer, Rapid7) in place of increase a brand new take advantage of, and Darlene defends herself pronouncing “I simplest had one hour.” (She should have in all likelihood re-encoded it with shellter and it’d have gone past the AV software undetected.)
a few have puzzled whether this approach should paintings. earlier than the disabling of the automatic autorun feature on modern-day running systems, you could have an .exe file at the flash pressure that could routinely execute. On a current OS, autorun is disabled through default.
we would anticipate that this gadget had the autorun feature enabled or, much more likely, Darlene had established the malware on a flash pressure that has been reprogrammed to emulate a USB keyboard. whilst the flash force is established on the device, the working system then recognizes the flash drive as a USB keyboard, giving it get admission to with the rights of the logged in user and then injects its malicious code into the working system. So, this technique may additionally have labored had Darlene re-encoded the malware with Veil-Evasion or shellter Malicious Flash pressure how Elliot Hacked the Prison:.
Hack WPA2
whilst Elliot is touring Vera in jail, he brings his telephone with him, on which he has established a wi-fi scanner app. With that scanner, he can see all of the wireless APs and sees that they are all secured with WPA2. although he is aware of he can crack WPA2, he recognizes that the fast time body he’s working with is inadequate to brute-pressure WPA2 Malicious Flash pressure how Elliot Hacked the Prison:.
in the technique of scanning wireless hotspots and encryption technologies with his cellphone, Elliot sees a Bluetooth connection when a corrections officer’s vehicle power usanear him.
That spurs Elliot into a brand new approach, particularly, hack the Bluetooth and input the prison’s laptop machine through the cop automobile’s devoted mobile connection to the prison!
Hacking a Bluetooth Keyboard Malicious Flash pressure how Elliot Hacked the Prison:
Elliot’s approach here is to spoof the cop automobile’s Bluetooth connection to his keyboard. If he can make the pc accept as true with that his keyboard is honestly the cop’s keyboard, he can manage the cop’s pc and get within the jail’s network. as soon as in the community, he can upload malware to take manipulate of the prison’s digitally-managed systems.
Step 1: allow Bluetooth
earlier than Elliot can do something, he wishes to allow Bluetooth on his Linux hacking device by starting the bluetooth service:
kali > carrier bluetooth start
subsequent, he desires to prompt the Bluetooth device:
kali > hciconfig hci0 up
Then he checks to see if it’s miles sincerely running, as well as its properties, through typing:
kali > hciconfig hci0
Please be aware the “BD cope with” in second line—this is the MAC address of the Bluetooth tool.
Step 2: test for Bluetooth gadgets
the primary factor Elliot does on this hack is to scan for Bluetooth connections.
if you look closely at Elliot’s screen, you can see that he’s the use of hcitool, a integrated Bluetooth configuration device in Kali Linux. although this works, i have had better fulfillment with btscanner, a built-in Bluetooth scanner with a rudimentary GUI. to use it, easy kind Malicious Flash pressure how Elliot Hacked the Prison::
kali > btscanner
Then select “i” to initiate an inquiry experiment. you can see the effects beneath.
using btscanner, we will get a list of all the Bluetooth devices in range. This one right here has a MAC address and a name of “Tyler”—to spoof this tool, we need to spoof the MAC address and name of the device.
that is how Elliot gets the MAC address and name of the Bluetooth device within the cop’s car. remember that Bluetooth is a low-power protocol with a selection of just about 10 meters (despite the fact that with a directional antenna, distances as an awful lot as 100 meters were done Malicious Flash pressure how Elliot Hacked the Prison:).
Step three: Spoof the MAC address of the Keyboard
Now that Elliot has the call and MAC address of the cop’s keyboard, he’ll need to spoof it by cloning the cop’s keyboard with this data. Kali Linux has a tool designed to spoof Bluetooth gadgets called spooftooph. we can use it to spoof the keyboard with a command similar to this:
kali > spooftooph -i hci0 -a A0:02:DC:11:4F:85 -n Car537 Malicious Flash pressure how Elliot Hacked the Prison:
-i designates the device, in this situation hci0
-a designates the MAC cope with we need to spoof Malicious Flash pressure how Elliot Hacked the Prison:
-n designates the name of the tool we want to spoof, in this example “Car537”
If we do it proper, our Bluetooth device will spoof the MAC cope with and call of the cop’s laptop-Bluetooth device.
to test to look whether or not we were successful, we can use hciconfig accompanied through the tool and the transfer “name” in an effort to list the name of the device. remember, this is our Bluetooth tool that we are trying emulate with the cop vehicle’s Bluetooth device. If we’re a hit, it’s going to have the same MAC deal with and call of the cop’s Bluetooth tool Malicious Flash pressure how Elliot Hacked the Prison:.
kali > hciconfig hci0 call
Now, we have a Bluetooth tool that could be a best similar to the cop vehicle’s Bluetooth keyboard!
Step 4: link Bluetooth device to the Cop’s computer
Now, here is in which truth and the Mr. robotic story line diverge. Mr. robot’s hacking could be very practical, but even on this display, the director takes some literary license. this is allowed—innovative works have to be not limited by using truth.
For Eliot to now connect to the cop vehicle’s laptop, he could need the hyperlink-key (this is a key to perceive the previously-paired Bluetooth tool) that was exchanged among the keyboard and the Bluetooth adapter at the pc Malicious Flash pressure how Elliot Hacked the Prison:.
He ought to bet it (not likely) or crack it, however it might not be as rapid as it regarded in the show. another possibility is that when the device rebooted or the keyboard was disconnected, Elliot ought to connect to the laptop as it is a a dead ringer for the cop’s keyboard. In either case, it’d take greater time than Elliot had on this episode to hack the cop’s Bluetooth keyboard.
Step 5: Hack the prison
in the very last step, Elliot uses the cop’s hacked laptop to add malware via FTP to be able to give him manipulate of the prison mobile doorways. Few humans recognize that prisons and different industrial structures, often called SCADA, are very hackable (see my series on SCADA hacking here Malicious Flash pressure how Elliot Hacked the Prison:).
The Stuxnet hack of Iran’s uranium enrichment facility become very just like this. these industrial system have p.c’s (programmable logic controllers) which can be basically digital controllers. possibly, this prison had p.c’s controlling the jail cell doorways (a completely reasonable assumption) and Elliot’s malware inflamed them and gave him manipulate, allowing him to open all of the cells, liberating Vera and all of the other prisoners.
the subsequent contains spoilers of the 6th episode of the first season of usa community’s Mr. robotic, which airs at 10pm EST on Wednesdays Malicious Flash pressure how Elliot Hacked the Prison:.
Mr. robot continues to impress.
Now six episodes into its debut season, both critics and viewers have persisted to reward the united states network rookie hacker drama for its correct portrayal of cyber crime and safety. Wednesday night’s episode, “courageous visitor” (eps.1.5_br4ve-trave1er.asf) changed into no exclusive How Elliot Hacked the Prison. In truth, it turned into arguably the best illustration of the painstaking efforts the show’s director, Sam Esmail, and his legion of cyber crime consultants go through to create an actual hacker tv series. I spoke with Mr. robotic’s technical representative and cyber crime protection professional, Michael Bazzell to explain the various hacks we see on display screen in “brave traveler Malicious Flash pressure how Elliot Hacked the Prison:.”
USB Drives And Script Kiddies
The sixth episode of Mr. robot’s first season focuses on Elliot’s try to hack Vera out of jail in order to shop Shayla How Elliot Hacked the Prison. A scene early on inside the episode suggests Darlene dropping USB flash dives in the jail’s automobile parking space, with the hopes of someone picking one up and plugging it into a prison pc so Elliot can benefit access to the prison’s community Malicious Flash pressure how Elliot Hacked the Prison:.
uncaptioned
Gallery: locating Mr. robot’s Many Easter Eggs
10 pics
View gallery
PROMOTED
“this is a common tactic in both penetration trying out and real-international assaults,” stated Bazzell. “these small portable drives are able to preserving numerous gigabytes of facts. a fragment of that is all this is had to infect a computer.”
He introduced that this works due to the fact when human beings see a discarded USB drive,
they follow value to it and in lots of cases—both in an try and discover the force’s proprietor or for their own personal use—will plug it right into a pc. The prison protect does precisely this Malicious Flash pressure how Elliot Hacked the Prison:.
“some other big subject is the opportunity that those drives are not real garage gadgets but are small gadgets that appear like general flash drives instead possess a chip interior that acts as a USB keyboard,” stated Bazzell.
usually called a “rubber ducky,” this sort of device can skip security protocols due to the fact a pc will check in it as a USB keyboard when it is plugged in. as soon as related, the tool reads from a pre-programmed script. This script consists of commands that could consist of instructions to do a spread of nefarious matters including copy passwords, shop documents, add files or delete information Malicious Flash pressure how Elliot Hacked the Prison:.
“Plugging those unknown gadgets into any computer is foolish,” stated Bazzell. “If a right make the most is mounted, it can compromise the laptop that is connected which can make the complete network open to hacking attempts.”
In Mr. robot, but, the prison’s antivirus software detects and stops the assault. The exploit fails due to the fact Darlene didn’t have sufficient time to create an exploit from scratch and alternatively downloaded a known assault How Elliot Hacked the Prison. this is why Elliot calls Darlene a “Script Kiddie,” that’s a reference to folks that don’t recognize the way to write exploits and simply down load them Malicious Flash pressure how Elliot Hacked the Prison:.
Bazzell pressured that this scene illustrates two important instructions. the primary is that each one structures have to be updated often with the intention to hit upon recognised attacks like the one Darlene used. the second one is that no one must even plug an unknown USB pressure right into a pc.
(photograph by: David Giesbrecht/america community)
(picture with the aid of: David Giesbrecht/america network)
wi-fi Sniffing And Bluetooth Keyboards Malicious Flash pressure how Elliot Hacked the Prison:
Later within the episode, Elliot makes use of his cellphone to perceive the wireless community security used on the prison and discovers that WPA2 encryption is enabled, because of this that the community is especially cozy. in step with Bazzell, at the same time as a gadget with WPA2 encryption enabled is not completely hack-proof, it’d take months to break into that sort of gadget—if in any respect viable.
however at the same time as facing defeat, Elliot spots a new Bluetooth connection within the community while a patrol vehicle drives up this is the usage of a Bluetooth related keyboard. each Bluetooth device has a MAC cope with, that is a completely unique hardware identification wide variety.
Elliot uses a diffusion of Linux application to learn the MAC cope with of the Bluetooth keyboard and he “spoofs” this identity to his very own Bluetooth keyboard dongle. This permits him to transmit from his Bluetooth device to the pc in the squad vehicle and the computer believes that the keystrokes are coming from the authorized keyboard that it had previously been paired with.
“The extra vulnerability on this scene is the patrol laptop,” stated Bazzell. “in this scene, the pc within the car isn’t a stand-by myself device used handiest for phrase processing. it is networked through static, constantly on, cellular information connection. this is nearly usually the case Malicious Flash pressure how Elliot Hacked the Prison:.”
this means that with the aid of getting access to the pc in the automobile along with his Bluetooth keyboard,
Elliot additionally gains get right of entry to to the prison’s community. as soon as on top of things of the computer, Elliot opens a command spark off, connects to his FTP server that consists of the make the most, and downloads the exploit to the patrol computer, which begins an attack towards the network that laptop is hooked up to.
The take advantage of that Elliot launches via the patrol car’s laptop infects the whole jail community and allows him to control the digital locks on all of the prison cell doors.
“current jails and prisons depend on electronic locks managed within a laptop network. these manipulate boards are often linked to the identical switches that join to conventional computers,” stated Bazzell Malicious Flash pressure how Elliot Hacked the Prison:.
Many authorities buildings, specially older structures, have a unmarried network room wherein all the community wiring meets.
“This lets in for many diverse attacks,” harassed Bazzell. “If the pc machine is the usage of the identical switches and IP address task because the electronic locks, there’s an opportunity for disaster Malicious Flash pressure how Elliot Hacked the Prison:.”
