There is no way that you keyboard danced for 12 seconds and completed a nmap scan, identified an unpatched target with a remote code execution bug, delivered the payload, pivoted to an account with the permissions you needed, and found the server running the internal application you are looking for.
There’s a scene in NCIS where somebody is losing a “hacker fight” so to turn it around a second person joins in and starts typing on the same keyboard.
“Oh I figured out the default passwords and naming conventions for new employees awhile ago.”
Funnily enough I got my college to change password policies because for a report for one of my classes I wrote about how stupid it was that all new users passwords were First intial + last initial + last four of social security number, with usernames being firstname + lastname + year. Since they had no max number of attempts on logins, and didn’t prompt you to change password on logging in, it took a few minutes to get into anyone’s account once you knew their name. (That school was very incompetent, and they are closed now)
OR
“Give me 20 minutes, I’m on hold with IT. They’ll reset the password and tell me it if I give them an employee ID, dob, and name. Which I see clearly on this guys facebook picture where he has his badge visibile.”
Or a hacking guy trying to brute force for days. Then the “no nonsense” guy goes out for 20 minutes, and comes back with it and refused to answer questions. Oh wait… that’s just XKCD.
Hacking.
There is no way that you keyboard danced for 12 seconds and completed a nmap scan, identified an unpatched target with a remote code execution bug, delivered the payload, pivoted to an account with the permissions you needed, and found the server running the internal application you are looking for.
telnet 127.0.0.1
I’m in!
Ah legacy systems.
All the young kids use ::1
There’s a scene in NCIS where somebody is losing a “hacker fight” so to turn it around a second person joins in and starts typing on the same keyboard.
I’m not exaggerating.
Like there’s suspension of disbelief, and then there’s whatever psychological issue watchers of NCIS suffer from.
Hehe that scene was the one that made me think of this post.
NCIS should just dive into self parody at this point.
It’s really simple, you just search the evil corporation’s hard drive for a file named
EVIDENCE.txt
Realistic hacking scenes would be funny.
“Okay I’m in”
“Wait… how?”
“Oh I figured out the default passwords and naming conventions for new employees awhile ago.”
Funnily enough I got my college to change password policies because for a report for one of my classes I wrote about how stupid it was that all new users passwords were First intial + last initial + last four of social security number, with usernames being firstname + lastname + year. Since they had no max number of attempts on logins, and didn’t prompt you to change password on logging in, it took a few minutes to get into anyone’s account once you knew their name. (That school was very incompetent, and they are closed now)
OR
“Give me 20 minutes, I’m on hold with IT. They’ll reset the password and tell me it if I give them an employee ID, dob, and name. Which I see clearly on this guys facebook picture where he has his badge visibile.”
Or a hacking guy trying to brute force for days. Then the “no nonsense” guy goes out for 20 minutes, and comes back with it and refused to answer questions. Oh wait… that’s just XKCD.
Only Mr Robot
Hey now, War Games had pretty dang realistic hacking!