OpenSSH cameo in TV show "Alias" - SSH

This is a discussion on OpenSSH cameo in TV show "Alias" - SSH ; So, I was watching the Alias episode "Cipher" last night. At one point, Dixon is hacking into a computer network with his laptop, and the camera lingers on the screen for a few seconds. This is what appears: http://www.snailbook.com/images/alias-ssh.jpg You ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: OpenSSH cameo in TV show "Alias"

  1. OpenSSH cameo in TV show "Alias"


    So, I was watching the Alias episode "Cipher" last night. At one point,
    Dixon is hacking into a computer network with his laptop, and the camera
    lingers on the screen for a few seconds. This is what appears:

    http://www.snailbook.com/images/alias-ssh.jpg

    You can see:

    - the tail end of some "ifconfig -a" output

    - the text "Starting Password Sequence," presumably inserted for effect

    - part of the initial section of OpenSSH "ssh -v" output, mostly showing
    the key exchange phase

    Too bad it's missing the earlier part which might have identified the
    versions and host OS's involved (though perhaps that's why it's missing).

    I vaguely recall that the movie "Sawfish" also contained some SSH (v1)
    output -- in fact, I think it showed a realistic exploit of some known
    SSH-1 vulnerability, probably the CRC-32 insertion attack.

    --
    Richard Silverman
    res@qoxp.net


  2. Re: OpenSSH cameo in TV show "Alias"

    On 2005-12-03, Richard E. Silverman wrote:
    > I vaguely recall that the movie "Sawfish" also contained some SSH (v1)
    > output -- in fact, I think it showed a realistic exploit of some known
    > SSH-1 vulnerability, probably the CRC-32 insertion attack.


    In one of the Matrix movies has Trinity using nmap and a CRC32 exploit.
    There's screeshots on the nmap home page: http://www.insecure.org/

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

  3. Re: OpenSSH cameo in TV show "Alias"

    >>>>> "DT" == Darren Tucker writes:

    DT> On 2005-12-03, Richard E. Silverman wrote:
    >> I vaguely recall that the movie "Sawfish" also contained some SSH
    >> (v1) output -- in fact, I think it showed a realistic exploit of
    >> some known SSH-1 vulnerability, probably the CRC-32 insertion
    >> attack.


    DT> In one of the Matrix movies has Trinity using nmap and a CRC32
    DT> exploit. There's screeshots on the nmap home page:
    DT> http://www.insecure.org/

    Ah, that's it! I wasn't sure if it were Sawfish or not.

    --
    Richard Silverman
    res@qoxp.net


  4. Re: OpenSSH cameo in TV show "Alias"


    I looked at the pictures of the SSH scene in Matrix Reloaded:

    http://www.insecure.org/nmap/nmap_inthenews.html

    .... and while it's obviously much more realistic than most TV portrayals
    of "hacking," I'm not inclined to give it the props Fyodor does. He
    writes, "... So I was shocked to find that Trinity does it properly in The
    Matrix Reloaded. She whips out Nmap version 2.54BETA25, uses it to find a
    vulnerable SSH server, and then proceeds to exploit it using the SSH1
    CRC32 exploit from 2001."

    But in the end, this doesn't make any sense -- the attack in question
    allows inserting data into an *existing* SSH connection; it does nothing
    to help authenticate a new connection on your own. And the screen shot
    clearly shows the "sshnuke" program creating a new SSH connection, then
    "attempting to exploit SSH1 CRC32." Someone did their homework, but not
    enough.

    Bah, humbug.

    --
    Richard Silverman
    res@qoxp.net


+ Reply to Thread