Yesterday I was watching Mr. Robot, caught my attention the different techniques I saw it, I also found many interesting things.
Ok, we start here,in the episode **Find Episode Name**, when Darlene start using SET (Social Engine Toolkit), which can be found at github and is always in active development.
If you see at the picture, you can see it is darlene using a RAT specifically RATTE Java Applet Attack (Remote Administration Tool Tommy Edition) This tool is placed on a USB with an autorun file
cd Desktop/ ; wget –r –l 0 18.104.22.168
This is nice but when I make a Nmap I take another surprise
sudo nmap –O –Pn 22.214.171.1241 2 3 4 5 6 7 8 9 10 11 12 13 Nmap scan report for 126.96.36.199 Host is up (0.35s latency). Not shown: 999 filtered ports PORT STATE SERVICE 80/tcp open http Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closedport Device type: general purpose Running (JUST GUESSING): FreeBSD 6.X (92%) OS CPE: cpe:/o:freebsd:freebsd:6.2 Aggressive OS guesses: FreeBSD 6.2–RELEASE (92%) No exact OS matches for host (test conditions non–ideal). OS detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 48.00 seconds
They are using FreeBSD 6.2 and only have 80 port open.FreeBSD is very safe but how to use it is very old school, it is not normal to find such servers. When I open the downloaded file i see this.
But when i open the website and take a review of the HTML code i have a surprise.
What other ester eggs we will have Mr. Robot?