Skip to content

Mr. Robot's Netflix 'n' Hack

0xACAB edited this page Nov 14, 2020 · 232 revisions

WikiActivities and eventsMr. Robot's Netflix 'n' Hack

  • Tagline: Let Mr. Robot teach you how to hack—and how to stop hackers from hacking you!
  • Description: Watch an episode of "Mr. Robot," a TV show dramatizing the lives of rogue hackers in NYC with unparalleled technical accuracy, and then get an introduction to how the tools, techniques, and procedures ("TTPs") shown in the episode work in real life. After we watch an episode of the show, we'll discuss the tools used, get them installed on our laptops, and try them out. When we meet next, we'll show one another what we've learned, and continue with the next episode. By the end of the 10 week first season, you'll have gotten a hands-on tour of various tools in the Kali Linux penetration testing distro, and a better sense of how to separate fiction from reality in contemporary hacking dramas in pop culture. We'll finish by tackling a Mr. Robot themed hacking challenge so you can practice what you've learned, and maybe even join a hacking team.
  • Facilitating: How to facilitate Mr. Robot's Netflix 'n' Hack
  • See also: InfoSec, Mr. Robot Trains the Trainers, 🌐 GeekWire's "Mr. Robot Rewind" series (contains spoilers), Manisso/fsociety, Glossary.

Watch the Mr. Robot trailer to see if this is a show you might enjoy watching and learning from:

Mr. Robot Season 1, extended trailer

  1. 🌐 Season 1
    1. Week 1 (S01E01)
    2. Week 2 (S01E02)
    3. Week 3 (S01E03)
    4. Week 4 (S01E04)
    5. Week 5 (S01E05)
    6. Week 6 (S01E06)
    7. Week 7 (S01E07)
    8. Week 8 (S01E08)
    9. Week 9 (S01E09)
    10. Week 10 (S01E10)
  2. 🌐 Season 2
    1. Week 11 (S02E01)
    2. Week 12 (S02E02)
    3. Week 13 (S02E03)
    4. Week 14 (S02E04)
    5. Week 15 (S02E05)
    6. Week 16 (S02E06)
    7. Week 17 (S02E07)
    8. Week 18 (S02E08)
    9. Week 19 (S02E09)
    10. Week 20 (S02E10)
    11. Week 21 (S02E11)
    12. Week 22 (S02E12)
  3. 🌐 Season 3
    1. Week 23 (S03E01)
    2. Week 24 (S03E02)
    3. Week 25 (S03E03)
    4. Week 26 (S03E04)
    5. Week 27 (S03E05)
    6. Week 28 (S03E06)
    7. Week 29 (S03E07)
    8. Week 30 (S03E08)
    9. Week 31 (S03E09)
    10. Week 32 (S03E10)
  4. 🌐 Season 4
    1. Week 33 (S04E01)
    2. Week 34 (S04E02)
    3. Week 35 (S04E03)
    4. Week 36 (S04E04)
    5. Week 37 (S04E05)
    6. Week 38 (S04E06)
    7. Week 39 (S04E07)
    8. Week 40 (S04E08)
    9. Week 41 (S04E09)
    10. Week 42 (S04E10)
    11. Week 43 (S04E11)
    12. Week 44 (S04E12)
    13. Week 45 (S04E13)

Week 1 (S01E01)

Week 2 (S01E02)

Week 3 (S01E03)

During post-show discussion, we brought up:

  • Cree.py - geolocation OSINT tool
  • TrackIMEI Using a SIM card/IMEI number to track the location of a mobile phone

Week 4 (S01E04)

Week 5 (S01E05)

Week 6 (S01E06)

Week 7 (S01E07)

Week 8 (S01E08)

Week 9 (S01E09)

Week 10 (S01E10)

🚧 TK-TODO

Week 11 (S02E01)

🚧 TK-TODO

Week 12 (S02E02)

🚧 TK-TODO

Week 13 (S02E03)

🚧 TK-TODO

Week 14 (S02E04)

  • "Pirating" (illegally downloading) movies using a BitTorrent client (uTorrent, in this case, but a "better" Free Software client is Deluge):
    Elliot uses uTorrent to download a (fictional) movie.

Week 15 (S02E05)

Week 16 (S02E06)

  • Signal is used to make an encrypted VoIP call.

Week 17 (S02E07)

Week 18 (S02E08)

Week 19 (S02E09)

Week 20 (S02E10)

  • Cantenna (an antenna made out of a can) to boost radio signal (like Wi-Fi network) range.
  • "For impersonating an NYPD officer. All cell carriers have a law enforcement hotline. Instead of hacking the carrier, if the situation's urgent enough, you can just ask them to track a blocked call for you."







  • "Can you ping that phone for a current location?" Probably referring to a so-called "SMS ping," one type of invisible-to-the-user Short Message Service (cell phone txt message) message more broadly known as "silent SMS".




    • Reverse address search features provided by Spokeo and other free/freemium data brokers

Week 21 (S02E11)

Week 22 (S02E12)

  • 33 Thomas Street in Manhattan, the site of the NSA's "Project X," aka Titanpointe, an illegal domestic spying hub
    • Field of Vision: Project X, a documentary short narrated by Rami Malek and Michelle Williams produced by Loura Poitras and Henrik Moltke

Week 23 (S03E01)

  • Elliot and Darlene visit "the only hackerspace with a fiber connection"
  • The number "1984" are painted on the wall, a common reference to George Orwell's 1949 novel of the same name warning about a dystopian future society where electronic surveillance controls people's lives and their thoughts; is this the name of the fictional hackerspace?
    • Hackerspaces.org is a crowd-sourced directory of information about hackerspaces around the world.
  • At the hackerspace, they find "a CTF tournament. Capture The Flag, it's like the hacker olympics. Teams around the world compete to solve challenges: reverse engineering, protocol exploitation, forensics."
    • Most CTFs happen virtually, not in large party venues like those depicted on the show.
    • CTFTime.org is among the most prolific continually-updated directories of public CTF competitions.
    • awesome-ctf provides a listing of "awesome" tools and resources for CTF competitions and competitors.
  • Darlene learns that "we're fucked. All the machines are taken. They're in the middle of a final round of the qualifier for a CTF." A few moments later, we learn that the CTF they're competing is the famous DEF CON CTF:
  • "The backdoor had a hardcoded C2 domain pointing to a listener on Tyrell's machine. All I have to do is hack the registrar and change the name server configs. Once I hijack the domain, I can shut down their access before the dark army notices."
    • C2 is an abbreviation for Command and Control, a generic term describing infrastructure used to send instructions and receive telemetry from targeted and/or compromised devices.
    • A "registrar" refers to an organization, usually a company, responsible for reserving domain names with a given top-level domain registry, which is also usually a company.
    • The registrar is responsible for asserting the correct IP addresses of the reserved domain's own name servers; if these are changed to attacker-controlled name servers, the attacker can direct any requests for the reserved Internet name to whatever IP addresses they like.
    • rwwwshell, the classic "reverse World Wide Web shell,"
    • shred is a secure file deletion utility that helps prevent forensic recovery by overwriting the file data itself instead of simply unlinking the file from the filesystem like the simpler rm command does
  • Using the New York State Police (NYSP) National Crime Information Center (NCIC) portal to lookup the vehicle identification number (VIN) of the FBI car:
  • Shodan.io, "the search engine for Power Plants" and other connected devices

Week 24 (S03E02)

Week 25 (S03E03)

Week 26 (S03E04)

Week 27 (S03E05)

Week 28 (S03E06)

Week 29 (S03E07)

Week 30 (S03E08)

Week 31 (S03E09)

  • Using the Volatility memory forensics framework: Several terminal windows show the Volatility framework being used.
    Closeup of Elliot using Volatility, :robot: screenshot 📷
  • Elliot crafts shellcode to be executed via Python(?) by discovering a vulnerability through fuzzing using American Fuzzy Lop (AFL) and inspecting the crashing program with the GNU Debugger (gdb): Elliot using American Fuzzy Lop (AFL) fuzzer and the GNU Debugger.
    Closeup of a GDB session depicting a program crash (segfault).
    Exploit shellcode being written.
  • Dark Army Command and Control (C2) operator station loads Elliot's exploit:
    Screenshot of the Dark Army's C2 user interface.
  • Elliot logs in to a server with a new SSH key (ssh-add) to view the keystrokes, and thus username and password, of the compromised Dark Army operator: Elliot adds an SSH key identity and views the loot.
    The password of the Dark Army operator is revealed in a cleverly named file.

Week 32 (S03E10)

Week 33 (S04E01)

Week 34 (S04E02)

Week 35 (S04E03)

Week 36 (S04E04)

  • Darlene and Elliot use Signal to communicate with one another.
    Still of a TV DVR showing Signal on screen during an episode of Mr. Robot.

Week 37 (S04E05)

Week 38 (S04E06)

Week 39 (S04E07)

Week 40 (S04E08)

Week 41 (S04E09)

Week 42 (S04E10)

Week 43 (S04E11)

Week 44 (S04E12)

Week 45 (S04E13)

Clone this wiki locally