(Review)Mr. Robot — Totseans

(Review)Mr. Robot

bornkillerbornkiller AdministratorIn your girlfriends snatch
edited September 2015 in Spurious Generalities

If you’ve ever used any of the Linux pen test software before, after watching a few episodes of Mr Robot you tend to want to try all of them until your eyes bleed. So thanks for mentioning Mr Robot to me Slarti, it’s because of you I now have blood trails running down my cheeks. :( Oh yah, and sorry, I couldn’t wait for your review, so I did one because I was bored. If I missed anything feel free to add to it.


Mr Robot - <Series

2i2vyGG.jpg

Elliot Alderson (Rami Malek) is a security engineer living in New York. He’s socially withdrawn, suffers from depression and is about as delusional as a roomful of hippies on some really prime acid, but without the pretty colours. His problem solving skills tends to involve overly evaluated thinking and a lot of it seems to revolve around his difficulties in face to face communication. So basically he says fuck all to people but his thoughts just won’t shut-up.

The organisation Elliot works for is a cyber-security company by the name of Allsafe of whom Angela Moss (Portia Doubleday) his BFF also happens to work for. From here the drama basically festers into a world of dragons, sorcery and mages (Just kidding). Seriously though, it becomes a roller coaster ride of an online hacking culture whose main objective is to cut societies ties to corporate and political control. And as an added bonus this ride is full of OMFG’s and WTF’s. Well I thought so, so fuck you!

For me I found Elliot’s character role as kind of likeable in a weird way. He fits that smart hacker guy profile quite well and his mentally dysfunctional mind set ad’s to his persona. Although his reclusive paranoia can become a little annoying sometimes. Like when he stares at a person who tries to converse with him, the time frame it takes for Elliott to respond is like waiting for a webpage to load on dialup. I shit you not! Besides that, all good.

Overtones

Mr Robot tends to open up an online world that many don’t really know of or are ignorant to the fact of. There are those however that are able to relate to it because it has a sense of reality that’s almost believable. It has the overtones of “Anonymous” but there’s no specific reference directed at them, but like I said the overtones are obvious. There’s the mention of the TOR network, Kalilinux, and an assortment of Linux penetration testing software to make the NSA and the FBI stain their pants. It also seems to keep up with current affairs as each episode unfolds like the Ashley Madison hack gets an embarrassing mention for example. Throughout the series there is much more blackhat culture than what I’ve mentioned, I got too much into it and forgot about taking notes.

Overall I really enjoyed the series and if anyone out there is into this type of shit or even curious about it, then I recommend it. If you’re not into the whole techy buzz thingy then I suggest to watch it anyways because you just might learn something from it, or even acquire a new interest.

SxOPPWJ.png

Tools used in Mr. Robot - Compliments of WIRED
DeepSound
If you’re wondering why someone who’d fry his computer’s memory chip in the microwave would be careless enough to store evidence of people he’s hacked on CD-ROMs disguised as CDs, then Elliot’s one step ahead of you. He used DeepSound, an audio converter tool, to hide all of the files on everyone he’s hacked—as well as his own old family photos—within WAV and FLAC audio files. And yes, the real files are encrypted and password protected, as we saw in episode 9. DeepSound is a modern example of steganography, the art of concealing information within plain sight.

ProtonMail
If you assumed Elliot would run his own server or be an early adopter of Pond , episode 8’s revelation that he has a ProtonMail account may have come as a surprise. ProtonMail is a browser-based email service incorporated in Switzerland created by researchers who met at a CERN research facility. (Yes, that CERN: the one where the World Wide Web was born.)
“One of the benefits of ProtonMail is that it’s end-to-end encryption, and it’s in a way that even the owners of ProtonMail can’t see your content, and there’s no IP logging,” says Michael Bazzell, one of the technical advisers on the show. It even lets you set expiration dates for your emails, after which they’ll self-destruct (provided the recipient hasn’t made a copy of them, that is).
ProtonMail is free, though there’s a wait list for invitations to create an account. Beta versions of iOS and Android mobile apps were just announced, and it’s possible to jump the queue with a $29 donation. The next batch will be released Thursday.

Raspberry Pi
A Raspberry Pi is that tiny and delightfully inexpensive computer that helps you learn programming and build your own digital toys. Turns out, it can also be used to gain remote access to HVAC systems. On the show, Elliot’s plot was to gain access using the Pi and then raise the temperature in Evil Corp’s storage room where tape backups are stored, thus destroying the records of much of the consumer debt in the world.

Tastic RFID Thief
Fsociety wouldn’t even think of trying to penetrate the most secure facility in the country without a plan for stealing badge information from employees. Luckily, when visiting Steel Mountain, fSociety member Mobley was armed with Bishop Fox’s Tastic RFID Thief, a long-range radio frequency identification (RFID) reader that saves your score on a microSD card as a text file so you can clone the badge later. It’s completely portable and fits neatly into a messenger bag or a briefcase.

RSA SecurID
Two-factor authentication can definitely foil your average fraudster’s plans. Like 25,000 actual organizations worldwide, Allsafe, the cybersecurity firm where Elliot works, uses RSA SecurID. RSA SecurID’s two-factor authentication adds a layer of security to a company’s protected resources by requiring users to not only enter their RSA SecurID pin, but a one-time password generated within the app—which lasts only 60 seconds. This is why Elliot needed a multi-faceted plan to get ahold of Gideon’s phone in episode 8. First he texted him large MMS files to try to drain some of his boss’ battery, then he snagged the phone to enter that temporary authentication code at the end of the password with nary a second to spare. He certainly raised suspicion from Gideon with the clever ruse, but at least he got the job done.

Kali Linux
Kali Linux, BackTrack’s Linux’s successor, is a Debian-based version of Linux that’s specifically built for penetration testing and security auditing and is used in multiple episodes of Mr. Robot. It’s free, open source, and pre-installed with hundreds of pen testing programs, so it’s perfect for cracking Wi-Fi passwords, bypassing anti-virus software, and testing security vulnerabilities on your network. Many of the tools used in Mr. Robot are utilized within Kali. “That’s the benefit of Kali is that all the tools are built in,” says Bazzell. “It’s got a distribution system with everything you need.”

John the Ripper
John the Ripperis a tool that Elliot used in the second episode of the show to crack Tyrell’s password. Its primary purpose is to detect weak Unix passwords, but it can crack weak passwords with several thousand (or even several million) attempts per second. John the Ripper is available within the Kali Linux platform.

Metasploit and Meterpreter
Episode 6 features Rapid7’s Metasploit Framework. Metasploit is an exploit development and delivery system that allows users to create and execute exploits, typically for penetration testing. It saves hackers time because they don’t have to learn a new tool each time they want to run an exploit. Meterpreter is just one of several hundred payloads that can be used within Metasploit. It resides entirely in memory and writes nothing to disk, but can give an attacker control of their target’s system and parts of the network. It’s often used within Kali Linux on a virtual machine in Windows, or on Windows itself.
Social-Engineer Toolkit

TrustedSec’s Social-Engineer Toolkit is an open-source pen testing framework designed specifically for simulating social engineering attacks, such as phishing, spear phishing, credential harvesting, and more. Elliot used SMS spoofing from within SET, a module that’s unavailable on the newer versions, but Mr. Robot tech adviser Michael Bazzell said that it’s possible for users to add that package back in within the new version.

FlexiSPY
This list would be remiss without the inclusion of a tool used by one of the show’s less sympathetic characters. In the third episode of Mr. Robot, Tyrell Wellick secretly installs mobile monitoring software on a lover’s Android phone. After gaining root privilege by using SuperSU, he installs FlexiSPY, a tool that lets you monitor other people’s device activities with an online portal. FlexiSPY doesn’t recover past data, but can show you anything still stored on their phone’s memory or SIM card, as well as any future. It also hides SuperSU as part of its installation. Sneaky sneaky.

Tool list sauce: http://www.wired.com/2015/08/peek-inside-mr-robots-toolbox/

Comments

Sign In or Register to comment.