Hacking Bluetooth Like Mr.Robot
Hello, guys so here we have a new topic related to Mr.Robot web series. We going to study how Elliot hacks the system in the web series of Mr.Robot.
If you have seen Mr. Robot 1st season you came to know that in an episode Elliot "THE HERO" hacks the Prison and releases all the prisoners.
You must have seen something but you didn't get what he did in the web series lets get to know bout how he did that hack.
Hack WPA2
While Elliot is visiting Vera in jail, he brings his phone with him, on which he has installed a Wi-Fi scanner app. With that scanner, he can see all the wireless APs and sees that they are all secured with WPA2. Although he knows he can crack WPA2, he recognizes that the short time frame he is working with is inadequate to Bruteforce WPA2.
HACKING A BLUETOOTH KEYBOARD
Elliot's strategy here is to spoof the cop car's Bluetooth connection to his keyboard. If he can make the laptop believe that his keyboard is actually the cop's keyboard, he can control the cop's laptop and get inside the prison's network. Once inside the network, he can upload malware to take control of the prison's digitally-controlled systems.
STEP1: Enable Bluetooth
To do Bluetooth hacking firstly most important is to switch on the Bluetooth service on the Hackers system to activate Bluetooth service on kali type the below command on the termial:
kali>servie bluetooth start
Next step is to activate the Bluetooth device to do so type the command:
kali>hciconfig hci0 up
The next command is to check whether it is working or not properly as well as its properties to do so type:
kali>hciconfig hci0
NOTE: The "BD Address" is the MAC Address of the Bluetooth device.
STEP2: Scan for Bluetooth Devices
In the next scene after enabling the Bluetooth Elliot scans the nearby Bluetooth devices to do that he uses hcitool which is a built-in Bluetooth configuration tool in Kali Linux. Although this works, I have had better success with btscanner, a built-in Bluetooth scanner with a rudimentary GUI. To use it, simply type:
kali > btscanner
Then select "i" to initiate an inquiry scan this will show you the details of the Bluetooth device with name and mac address.
This is how Elliot gets the MAC address and name of the Bluetooth device in the cop's car. Remember that Bluetooth is a low-power protocol with a range of just about 10 meters (although with a directional antenna, distances as much as 100 meters have been achieved).
STEP3: Spoof the MAC Address of the Keyboard
Now Elliot has the name and MAC address of the cop's Bluetooth Keyboard he needs to spoof it by cloning cop's keyboard by this information into his system. Kali Linux as a tool designed to spoof Bluetooth devices called spooftooph. we can use to spoof the cop's keyboard the command will be like this:
kali > spooftooph -i hci0 -a A0:02:DC:11:4F:85 -n Car537
-i designates the device, in this case hci0
-a designates the MAC address we want to spoof
-n designates the name of the device we want to spoof, in this case, "Car537"
To check to see whether we were successful, we can use hciconfig followed by the device and the switch "name" that will list the name of the device.
kali > hciconfig hci0 name
STEP4: Link Bluetooth Device to the Cop's Laptop
Now, here is where reality and Mr. Robotstoryline diverge. Mr. Robot's hacking is very realistic, but even in this show, the director takes some literary license. That's allowed—creative works should be not limited by reality.
For Eliot to now connect to the cop car's laptop, he would need the link-key (this is a key to identify the previously-paired Bluetooth device) that was exchanged between the keyboard and the Bluetooth adapter on the laptop.
He could guess it (unlikely) or crack it, but it won't be as fast as it appeared in the show. Another possibility is that when the system rebooted or the keyboard was disconnected, Elliot could connect to the laptop as it is a clone of the cop's keyboard. In either case, it would take more time than Elliot had in this episode to hack the cop's Bluetooth keyboard.
STEP5: Hack the Prison
In the final step, Elliot uses the cop's hacked computer to upload malware via FTP that will give him control of the prison cell doors. Few people realize that prisons and other industrial systems often referred to as SCADA, are very hackable.
The Stuxnet hack of Iran's uranium enrichment facility was very similar to this. These industrial systems have PLCs that are basically digital controllers. Presumably, this prison had PLCs controlling the prison cell doors (a very reasonable assumption) and Elliot's malware-infected them and gave him control, enabling him to open all the cells, releasing Vera and all the other prisoners.
Don't miss my series on hacking Bluetooth, and make sure to check out my other Mr. Robot's hacks to see more of what Elliot has accomplished. Keep coming back for more, my novice hackers!
DO COMMENT IF YOU NEED MORE TOPIC LIKE THIS OR ANY TOPIC YOU WANT TO LEARN DEEP
If you have seen Mr. Robot 1st season you came to know that in an episode Elliot "THE HERO" hacks the Prison and releases all the prisoners.
You must have seen something but you didn't get what he did in the web series lets get to know bout how he did that hack.
Hack WPA2
While Elliot is visiting Vera in jail, he brings his phone with him, on which he has installed a Wi-Fi scanner app. With that scanner, he can see all the wireless APs and sees that they are all secured with WPA2. Although he knows he can crack WPA2, he recognizes that the short time frame he is working with is inadequate to Bruteforce WPA2.
HACKING A BLUETOOTH KEYBOARD
Elliot's strategy here is to spoof the cop car's Bluetooth connection to his keyboard. If he can make the laptop believe that his keyboard is actually the cop's keyboard, he can control the cop's laptop and get inside the prison's network. Once inside the network, he can upload malware to take control of the prison's digitally-controlled systems.
LET'S BEGIN WITH THE BLUETOOTH HACKING PART
STEP1: Enable Bluetooth
To do Bluetooth hacking firstly most important is to switch on the Bluetooth service on the Hackers system to activate Bluetooth service on kali type the below command on the termial:
kali>servie bluetooth start
Next step is to activate the Bluetooth device to do so type the command:
kali>hciconfig hci0 up
The next command is to check whether it is working or not properly as well as its properties to do so type:
kali>hciconfig hci0
NOTE: The "BD Address" is the MAC Address of the Bluetooth device.
STEP2: Scan for Bluetooth Devices
In the next scene after enabling the Bluetooth Elliot scans the nearby Bluetooth devices to do that he uses hcitool which is a built-in Bluetooth configuration tool in Kali Linux. Although this works, I have had better success with btscanner, a built-in Bluetooth scanner with a rudimentary GUI. To use it, simply type:
kali > btscanner
Then select "i" to initiate an inquiry scan this will show you the details of the Bluetooth device with name and mac address.
This is how Elliot gets the MAC address and name of the Bluetooth device in the cop's car. Remember that Bluetooth is a low-power protocol with a range of just about 10 meters (although with a directional antenna, distances as much as 100 meters have been achieved).
STEP3: Spoof the MAC Address of the Keyboard
Now Elliot has the name and MAC address of the cop's Bluetooth Keyboard he needs to spoof it by cloning cop's keyboard by this information into his system. Kali Linux as a tool designed to spoof Bluetooth devices called spooftooph. we can use to spoof the cop's keyboard the command will be like this:
kali > spooftooph -i hci0 -a A0:02:DC:11:4F:85 -n Car537
-i designates the device, in this case hci0
-a designates the MAC address we want to spoof
-n designates the name of the device we want to spoof, in this case, "Car537"
To check to see whether we were successful, we can use hciconfig followed by the device and the switch "name" that will list the name of the device.
kali > hciconfig hci0 name
STEP4: Link Bluetooth Device to the Cop's Laptop
Now, here is where reality and Mr. Robotstoryline diverge. Mr. Robot's hacking is very realistic, but even in this show, the director takes some literary license. That's allowed—creative works should be not limited by reality.
For Eliot to now connect to the cop car's laptop, he would need the link-key (this is a key to identify the previously-paired Bluetooth device) that was exchanged between the keyboard and the Bluetooth adapter on the laptop.
He could guess it (unlikely) or crack it, but it won't be as fast as it appeared in the show. Another possibility is that when the system rebooted or the keyboard was disconnected, Elliot could connect to the laptop as it is a clone of the cop's keyboard. In either case, it would take more time than Elliot had in this episode to hack the cop's Bluetooth keyboard.
STEP5: Hack the Prison
In the final step, Elliot uses the cop's hacked computer to upload malware via FTP that will give him control of the prison cell doors. Few people realize that prisons and other industrial systems often referred to as SCADA, are very hackable.
The Stuxnet hack of Iran's uranium enrichment facility was very similar to this. These industrial systems have PLCs that are basically digital controllers. Presumably, this prison had PLCs controlling the prison cell doors (a very reasonable assumption) and Elliot's malware-infected them and gave him control, enabling him to open all the cells, releasing Vera and all the other prisoners.
Don't miss my series on hacking Bluetooth, and make sure to check out my other Mr. Robot's hacks to see more of what Elliot has accomplished. Keep coming back for more, my novice hackers!
DO COMMENT IF YOU NEED MORE TOPIC LIKE THIS OR ANY TOPIC YOU WANT TO LEARN DEEP
Comments
Post a Comment