Elliot mentioned that the hospital it department head using virus scans,dated servers,and security softwares which runs on windows 98 and that has a lot of vulnerabilities
by which a hacker can easily enter into the system and gain access.
So here Elliot might be using exploits for the following vulnerabilities to enter into the system and manipulate data.
If you know a particular system or a network of computers using an outdated software then it becomes easy to hack the system.
You can look into the already found vulnerabilities and exploits and use one to get into the network or system.
For this whole process Metasploit is a great tool
This process may look like this
Firstly Scanning the network by using nmap through metasploit.
Now looking for the ports open in the system
And next Lookup for services running on the host systems
By knowing the version on which the services are running,if the service is outdated there must be vulnerabilities and we can look
up for the exploits for the following vulnerabilities in the metasploit framework.
And next performing the required attack if there is a vulnerability.
Elliot uses the popular social engineering technique called phishing to hack sheyla.
Basically in social engineering technique attackers send a phishing link claiming free likes for social media accounts or get a chance to win a free
iphone,you click on the link,go to their website and you provide your credentials there. No matter how hard your password is to crack but the hacker
is still being able to get it because you are the one actually entering by yourself. This way of stealing users credentials is called Phishing.
Phishing is the most popular social engineering attack.
In this scene Tyrell Wellick is infecting the mobile device using an android rat which is a remote access trojan. Basically a trojan is a malware. if a system is compromised
by a remote access trojan the attacker can run any commands and can have access to our system files, which means the attacker can
control the compromised device remotely.
It basically looks like a legitimate software so that victim don't want to delete it.It will look something like system update
which is the one used by tyrell to infect the mobile device in this particular scene.
This hack is very real and works very well.
In this particular scene we can see a person selling cd's which contains Remote access trojan’s in it which i have already mentioned before what a remote access trojan is,
so by using that he can gain remote access when he insert the cd and try to view the contents in the cd,
This attack now a days is mostly done with usb flash drives, These type of usb's are also known as bad usb or rubber ducky
Whenever user plugs this bad usb to the computer the code written
in the bad usb executes immediately after connecting to the computer.
So in this way he gained access to the webcam and files of ollie.
0 Comments