Disclaimer : small spoiler inside !
I must admit that The Matrix Reloaded marks a milestone in the representation
of computer related technology in movies to the great pleasure of hax0rs and
other computer geeks. If you find that the pretty 3d animations of hackers
taking remote control of computers in a glimpse are fascinating then you'll
probably be very upset by the way Trinity does it this time.
This is one of the very few movies which do not use sophisticated
MovieOses, or that does not trick people into thinking programmers are "coding"
very complex computer programs when they are actually scrolling through
simple HTML code, or those in which the
main character can crack a 128-bit RSA key by guessing the "password" !
(see Independence day, Hackers, Antitrust, s1m0ne, Jurassic Park,
Sword Fish... Ouch the list is endless).
In The Matrix Reloaded, Trinity simply uses a real life exploit.
Instead of pressing a "hack this computer" button, she fires up nmap
on IP 10.2.2.2 (this IP is on the 10.0.0.0/24 address space which is reserved for local networks) and finds out that port 22 (SSH) is open.
Then she launches a program called "sshnuke" that attempts
to exploit the SSHv1 CRC-32 vulnerability. And it succeeds, prompting
for a new root password.
Of course there is no program called sshnuke but the SSHv1 CRC-32
exploit does exist and nmap is a real tool (its author is so proud to see it in a movie).
nmap is a widely used tool written by Fyodor. The man page
says "nmap - Network exploration tool and security scanner".
It uses a large variety of methods from the simple port scan
to the more complex Xmas Tree attack to scan a given machine
or subnet and collect as much information as possible (services
running, operating system etc.).
This is the first step required to perform a hack on a machine :
examine it to build a list of possible attacks.
Obviously Trinity finds out that a SSH service is running and
decides to try to exploit its vulnerability.
That's not all, there is indeed a SSHv1 CRC-32 exploit. It is a
buffer overflow type of vulnerability (boundary condition error)
that can give the attacker root privileges on the target machine
(provided that the ssh daemon is running as root) and
has been discovered on February 8, 2001 by security analyst Michal Zalewski.
You can find a proper bytecode and ssh client on every
good security related web site.
Even if this is only a small technical detail that is
only of little importance relative to the action movie's scenario
the good thing is that it is rather realistic and it doesn't
outrage the hacker and security analyst community by
spreading a wrong image of computing concepts to the masses.
Source : http://www.theregister.co.uk/content/55/30747.html
http://www.insecure.org/nmap/data/nmap_manpage.html
http://www.securityfocus.com/bid/2347