Posted: . At: 11:23 PM. This was 10 years ago. Post ID: 7703
Page permalink. WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
These cookies expire two weeks after they are set.

Elysium film showing real UNIX commands in a blockbuster movie.

rhost root shell on an Elysium computer.
rhost root shell on an Elysium computer.

The movie Elysium showcased some awesome UNIX shell commands. The rhost command was one, there is a more detailed show here: http://i.imgur.com/niqfmy5.png. The nmap port scanning utility is used to port scan Matt Damon`s brain before the data is copied from his neural storage to the Elysium computer system. I cannot see the full command; but is a real usage of this useful port scanning utility and shows that Hollywood are actually using real computer commands in their movies. But why are such advanced computers still running a master and slave IDE hard drive system instead of SATA III or something even better? That was a strange scene in the movie, but I guess that they have very advanced IDE drives on Elysium and the transfer rate has been increased over the old technology. But why would you be using such an outdated tech in the year 2154?

nmap scan performed on an Elysium computer.
nmap scan performed on an Elysium computer.

Part of the visible nmap command is the -sV parameter, this is used to probe open ports to determine service. He is probing open ports to see what is running on that port. That is a very useful part of penetration testing. You want to be able to probe the system and see if there are any open ports. Then scan those open ports to see what is running. Then you must find out what version the software is. This allows the attacker to do some research and look for zero day vulnerabilities that could affect the software. Below is an example scan using nmap. This is scanning an old Ubuntu machine for open ports.

homer@hal9000:~$ sudo nmap -o -P0 -sS 192.168.78.130
 
Starting Nmap 6.40 ( http://nmap.org ) at 2014-09-06 22:48 EST
Nmap scan report for 192.168.78.130
Host is up (0.00032s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
443/tcp  open  https
444/tcp  open  snpp
9876/tcp open  sd
MAC Address: 00:0C:29:5E:53:4E (VMware)
 
Nmap done: 1 IP address (1 host up) scanned in 34.42 seconds

Here is a simpler way to scan for open ports.

homer@hal9000:~$ sudo nmap -sS 192.168.78.130
 
Starting Nmap 6.40 ( http://nmap.org ) at 2014-09-06 23:02 EST
Nmap scan report for 192.168.78.130
Host is up (0.00033s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
443/tcp  open  https
444/tcp  open  snpp
9876/tcp open  sd
MAC Address: 00:0C:29:5E:53:4E (VMware)
 
Nmap done: 1 IP address (1 host up) scanned in 24.64 seconds

Below is an example of how to scan for the operating system that the target machine is running. The scan confirms that the machine is running GNU/Linux and a 64bit kernel.

homer@hal9000:~$ sudo nmap -O 192.168.78.130
 
Starting Nmap 6.40 ( http://nmap.org ) at 2014-09-06 23:05 EST
Nmap scan report for 192.168.78.130
Host is up (0.00039s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
443/tcp  open  https
444/tcp  open  snpp
9876/tcp open  sd
MAC Address: 00:0C:29:5E:53:4E (VMware)
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=6.40%E=4%D=9/6%OT=22%CT=1%CU=44282%PV=Y%DS=1%DC=D%G=Y%M=000C29%TM
OS:=540B0702%P=x86_64-pc-linux-gnu)SEQ(SP=106%GCD=1%ISR=10A%TI=Z%CI=I%II=I%
OS:TS=8)SEQ(SP=106%GCD=1%ISR=10B%TI=Z%CI=RD%TS=8)OPS(O1=M5B4ST11NW9%O2=M5B4
OS:ST11NW9%O3=M5B4NNT11NW9%O4=M5B4ST11NW9%O5=M5B4ST11NW9%O6=M5B4ST11)WIN(W1
OS:=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890)ECN(R=Y%DF=Y%T=40%W=3908%O
OS:=M5B4NNSNW9%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N
OS:)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=
OS:S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF
OS:=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=
OS:G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)
 
Network Distance: 1 hop
 
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 107.60 seconds

Below I am using the sudo nmap -A -T4 -P0 192.168.78.130 command to perform a more in-depth scan of my system.

Starting Nmap 6.40 ( http://nmap.org ) at 2014-09-06 23:11 EST
Nmap scan report for 192.168.78.130
Host is up (0.00028s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE VERSION
22/tcp   open  ssh     OpenSSH 5.9p1 Debian 5ubuntu1.4 (Ubuntu Linux; protocol 2.0)
443/tcp  open  https?
444/tcp  open  snpp?
9876/tcp open  sd?
MAC Address: 00:0C:29:5E:53:4E (VMware)
OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
No OS matches for host
Network Distance: 1 hop
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
 
TRACEROUTE
HOP RTT     ADDRESS
1   0.28 ms 192.168.78.130
 
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 227.20 seconds

This scan shows the open ports as well as some information about the operating system it is running.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.