Matrix Hacking – A Slice of Reality in a World of Make Believe
It might be all make believe, but the film – The Matrix: Reloaded – has opted for reality in one of its most important scenes, the hacking of the computer that creates the fantasy world in which the film has been set.
“Not since “Wargames” in the early 1980’s has hacking been portrayed in such a realistic fashion,” claims James McGregor, a consultant with the specialist IT security consultancy, DNS.
Trinity, the leather-clad butt-kicking female superhero, who initially gained Neo’s respect in the original film by apparently hacking the IRS database, is the hacker in question.
“Usually, cinema audiences are treated to some ridiculously gratuitous animated multicoloured blobs from a computer monitor while the protagonist gets busy, hacking away with some feverish keyboard tapping that bears little or no relation to what’s actually going on with either the hacking process or, for that matter, the blobs,” explains McGregor. “Occasionally viewers get the odd muttered technical term like “128-bit encryption’ or “DoD level security, but after a short time the hero will sit back and we are to assume that the process is complete, total access has been gained and the plot can move on.
“However, in The Matrix: Reloaded, Trinity gets busy with a command-line interface and kicks off NMAP, a port-scanning piece of freeware. She then correctly identifies an open port and the SSH version 1 service running on it, and runs a further command called “sshnuke”, the output from which is “attempting to exploit SSHv1 CRC32”, a genuine SSH bug discovered in 2001 (the Compensation Attack Detector Vulnerability, no less).
“The exploit works and Trinity gets a root shell, from which she changes the password to Z1ON0101, a choice that mixes numbers and letters in true hax0r tradition.
“The whole process only takes a few seconds, but crucially the bits of software that Trinity uses are real, the methodology she used would work in the real world, and there are no multicoloured blobs in sight,” said McGregor.
Not only can viewers be sure that the method used by Trinity is realistic, but it also conveys a serious message, underlining the need for adequate patching of systems.
“Although it is perhaps unlikely that the SSHv1 CRC32 software vulnerability would not have been patched during the course of around 200 years, it is far more likely that unpatched servers running SSH version 1 are still vulnerable today, just two years after details about the exposure and a released patch have been made available,” comments McGregor.
“So, unless the “machines” get round to patching their server, we will see Trinity logging back in during the final episode of the trilogy, no doubt using the back door she left last time. After uploading some suitably dubious warez and then changing the system’s message of the day to “0wn3d by Tr1n1ty”, she will log off with a final, resolute thud of the “Return” key.”
And all without any multicoloured blobs in sight.
DNS
dns is a security-focused professional services organisation, delivering network security and secure infrastructure through consultancy, systems integration and software development.
Headquartered in Scotland, and operating across the UK and Europe, it provides end-to-end delivery of security and secure infrastructure to a wide range of blue-chip organisations. This ranges from setting strategy and policy, audit and security testing, through design and delivery, to support and management.
dns is a Government CESG CLAS trained, accredited and approved security consultancy. It performs security testing and review assignments for government classified networks, financial houses, banks, telecommunications companies and large corporates across the United Kingdom.
Beyond this, dns has particular technical skills and capability in the construction of highly secure Extranet and hosting environments, from network and host through directory, identity management and secure code development techniques.
dns is a Microsoft Gold Certified Partner for security solutions. Its clients include The Royal Bank of Scotland, Wood MacKenzie, Thus, ScottishPower, Baillie Gifford, the Scottish Parliament, Scottish Enterprise, Deutsche Bank, NatWest, Clifford Chance and BP.
dns also has a managed security service providing e-mail and URL content security management; enterprise vulnerability assessments and continuous reporting; and managed intrusion monitoring and response.