// MENU // 00:00 - We're doing this in the real world! 00:24 - Back with OccupyTheWeb 01:38 - Overview //The Hacker's Dilemma 03:16 - The Plan//Destroying Evil Corp's Backups 06:10 - High Temperature Destroy Tape Backups? 07:10 - Social Engineering//SMS Spoofing 11:48 - Why This Could Work 13:04 - Comment!//Spoofing Services That Work? 143:53 - Setup//Raspberry Pi with Kali 15:25 - Virtual Machine Setup 16:01 - Netcat//Setting Up Hacking Pi 17:50 - Netcat//Connecting to Hacking Pi 18:43 - Options//Reverse Shell//Rogue WiFi AP 20:01 - Recon with Nmap 22:26 - OTW Real World Hack//Schneider 23:59 - Gaining Access to /etc/passwd 26:01 - After Publishing the Hack Online 28:48 - Scanning for PLCs 30:19 - Modbus CLI//Memory Probing Tool 31:34 - How This Could Be Used in Mr. Robot 32:29 - Cyberwar//SCADA Hacking Overlooked 32:55 - Summary & Notes 34:04 - SCADA Network Cabling 35:41 - SCADA Hacking//Research! 36:11 - The Challenge in Mr Robot 36:39 - Mr. Robot Hacks//Realistic? 37:11 - SCADA Hacking Sim? 38:16 - Resources to Learn SCADA 38:48 - More Mr Robot? Leave a Comment! Disclaimer: This video is for educational purposes only. May it be a warning to all of us. Secure your systems and do not connect unprotected systems to the Internet. In this video we discuss the hacks in Mr Robot Season 1 Episode 5. Which other episodes or technologies do you want us to cover in future videos? Please comment. // OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw // Videos mentioned // Kali Linux install on Raspberry Pi: kzbin.info/www/bejne/hqK1h6Joo850lZo OTW Interview and Scada demo with Sombra_around_tech: kzbin.info/www/bejne/bHKoqHWKfKuEnMU // Previous video // Hack like Mr Robot Ep 1: kzbin.info/www/bejne/aarMhZKNgtGiqck // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZbin: kzbin.info // Occupy The Web social // Twitter: twitter.com/three_cube // Occupy The Web books // Linux Basics for Hackers: amzn.to/3JlAQXe Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh // Other books // The Linux Command Line: amzn.to/3ihGP3j How Linux Works: amzn.to/3qeCHoY // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

YES! Finally, I’ve been waiting for this. Thanks so much guys, very interesting series, these are probably my favorite of your videos.

David you do so much for us! You motivate and educate at the same time. Thank you so much from all of us.

Motivation + education+ entertainment is all about this video

I joined many Hacking channel but your channel is the best and different , your accent is very nice , you aren't filming or playing some role or having scenarios.👍 I hope you success and more money and good memories.

David thank you so much, I've learned a lot from your channel. From NAMIBIA🇳🇦🇳🇦

As an industrial electrician , SCADA is also being used on windmills, hydro damns, and solar panel grids.

Thanks!!! and never stop doing what you greatly do!!!!

I recently took a course called SCADS Systems Security funded by the NSA through 6 different universities. This is a very good basic summary of the offensive capability against PLCs.

Another great one! I found and tried reaching out to that company that showed up last time with their exposed network to inform them. I didn't hear back, so hopefully they know about it!

Thanks For The Video David 🙌🏼

I'm an industrial software developer and all you've been talking about in true, once I built a whole factory system and all i needed is to plug in my laptop to the switcher, i changed the whole PLC code and installed 3 services in the server so simply without even having access to anything

Thank you sir, you are creative in every content you post, thank you again and your guest ❤️

This was next level. Thank you David for the amazing content and sharing this knowledge with the community. It truly makes a difference.

David, it means the world to me that you do this. Please keep it up.

Wow fantastic follow up! This should be a series like mythbusters but for hacking. Thank you for another great video!

I absolutely LOVE these series. Keep them going! I’m a big fan of occupytheweb as well. Very soothing voice, great explanations and the last video of David with occupytheweb made me even buy occupytheweb his book, which was a really good read! Keep the content coming fellows! Now, let me go grab some chips, a coke and lean back and enjoy this amazing video.

So much wait for this video 😅 thanks David

Thanks!

Very love the series of hacking with this guy explaining mr robot and demonstrate it in real life. Hope you guys keep up this good work

These are my fav YT vids, please keep 'em going :D

Dude, this is the only video that works. Thanks for posting!

I'm still reading his book for basics for Linux but I really enjoy it and have already learned how to do all basic and intermediate stuff on the bash console. It's tons of fun and I actually almost found an admin job at Siemens!

I was super excited for this video, then bummed when got pushed back but it was worth the wait!! love and appreicate everything you guys do!!!

Nice episode. Getting OT to have any security considerations is like herding cats then pulling their teeth. Most of them think vlans/airgaps are enough sadly. To the timeline comment about Mr Robot, I'm pretty sure there were a time or two the naration said about how this might take a while and then the shell popped and he said about how lucky that was. I know the technical director on a bts/commentary track acknowledged it was sped up exactly because no one wants to watch "real" hacking real time.

Great episode, I love OTW's stuff, great info! Ty

I'm a big fan of OTW, thanks for this David !

LOT'S OF LOVE FROM INDIA♥️

that edit at 29:20 was way too good haha

Using the terminal multiplexer like "screen" could help mitigate those disconnect 30:00 issues since you could re-attach later without breaking the running commands.

I'd love the get Occupy the web's opinion on the bank hack in season 4. Love the videos David!

Oh snap!! I have that book, Linux Basic for hackers, and currently reading!!!! Love it everytime I read it!!! Recommend it!!!

Loved it! I'd like to see that one that he checks himself out from the hospital. Cheers!

Wow, I was expecting this episode so much !

Interesting to hear from a SCADA/ICS professional's perspective!

Long last guess youtube really verified the he'll out of this vedios to finally let this be able to post I watched the whole series of Mr robot waiting for this vedio 😂

Oh man I've been waiting for this for so long!

Amazing Video like always. I love this format! As an idea for the next video maybe explain the sms hack in season 4. If its too awesome for KZbin maybe you can explain it on your website OTW.

David you are doing what is expected from a guru like you.. FABULOS!! may be the show has not considered that netcat has been replaced with ncat ... "Ncat is a feature-packed networking utility which reads and writes data across networks from the command line. Ncat was written for the Nmap Project as a much-improved reimplementation of the venerable Netcat. " taken from nmap project site

OTW is amazing!!!, Thank you david, this channel is gold !!

Super interesting video ! I would like to suggest the hack in the very fist episode, fist scene: Elliot says that the onion routing protocol is not really anonymous. Could you explain how he could have done it ?

Damn. The piping of commands rocks✊✊

Much more informative than 2600 "Off the Hook" adio/podcasts out of New York... 2600 is like some college kids let loose in a radio station monkeying around and asking for donations.

This is why you firewall the utility subnet. In my previous job, we created a VRF utility and firewalled off the system so that only a handful of techs that work on HVAC, lighting control, etc have access to this. And their workstation / laptop was constantly scanned for vulnerabilities.

Careful. Driving traffic off youtube towards content that isn't allowed on youtube seems like a dark grey area. Cheers Mate!

Wow, some rich information in this one! Thanks OTW and David!

I love this, you are realy motivate me to learn it, I appreciate it. Hacking is very interesting topic. Thank you so much!!

I've been spoofing calls from the Nokia days, I'm glad it's still chugging along!

Man this shit is addictive, Love this series on one of my favorite TV shows.

Thx a lot this is something i wanted to learn from long time !!! WE WANT MORE OTW VIDEOS !!

Waw been such a while.... Love to the content...

Love Your content and also love you thank you for giving so so much knowledge ❤️❤️❤️

We want more Hack like Mr.robot videos and also david you are awesome

The "hello friend" moment at the beginning was awesome .... you both did your "homework". ^^ Entertaining and educational, thanks to the both of you!

It's exciting to see OTW working, how he do the his magic...how he thinks..., helped us understand how the real life of a penetration tester is. Amazing!

I've been waiting for this one!

I love this serij,plz continue and made part 3,4,5,......as much as u can😁

I wish I were smart enough to do this stuff. It amazes me.

very informative occupy the web💯 waiting to join the simulation lab

Can you please do a technical talk on how to open (suspected) malicious links safely and what you can learn from opening them.

Thank you David. Great content. Maybe you can show up the Mac OS hack (episode before last in season 4) if not mistaken. Where Elliot hack the other Elliot Mac OS machine.

Excellent and interesting series of videos. 👍😁

Bro I really do appreciate you for this help, Thanks! I subscribed and Liked the video.

Hey david, At 7:57 stranger said use textbelt for manually usage by api but here in india and almost half of the asia has banned taxtbelt and i think there is no alternative for it, it is but almost are paids. Then how it will possible.

David this is awesome!! How about you have OTW explain every singe hack in the series, and make the videos a little big longer please just like they were in the beginning other than that keep rocking it kings ♥

David Did You Prefer Kali Or Parrot OS ?

What an awesome video series.

Thank you for this informative and educational video!

YES! 😂 It's finally here

I’ve done HVAC controls for 15 years. Modbus almost is never used for HVAC. Modbus is a protocol widely used in electrical/power monitoring systems. BACnet ( Building Automation Control net ) is the most widely used protocol in the HVAC industry.

David sir please make a video on scammer calls and how to deal with them with our hacking skills to protect ourself and our whole family from this scammers and fraudents please

Great series, love any video with OTW! Question, I am assuming your access RPI and attack RPI were on the same network for the demo. How would the netcat connection be handled with the attack RPI being behind NAT in the building in the real world?

Really enjoyed this

For anyone looking to send SMS... the textbelt method is needlessly complicated GIVEN that you cannot spoof the sender. Since you can’t spoof the sender, you might as well just use something like Google Voice or TextNow (I think is what it’s called). Granted, you may lose some anonymity - but even using textbelt you have to give them your payment info so it’s not that anonymous either. If Textbelt could spoof a number, it’d be a different story. But if you’re just looking for a phone number that your target doesn’t recognize, there are countless simple apps you can use. Burner is another one.

It's finally here 😀

Enjoying the video, you might want to blur his phone number in the ams spoofing section if thats not a fake 🙈

Regards connecting to the Pi from externally; one could still use the option of creating a WiFi access point on the planted RPi, then have a second, battery-powered RPi sitting in range, say in a hedge or something, with a satellite router attached. Two hops instead of one, and the battery would last long enough for them to pull off the hack.

Yes, magnetism is affected by temperature. Even without destroying the tapes you can cause bit degradation and loss at higher temps.

Great video and very informative. Thanks David for great content.

book coming out in the winter, cool. I'm in Australia, its Winter here, we getting it now!

i'm still in the middle of my front-end aspirations; however, eventually, i'd love to branch off into this realm (ethical, of course) in the future. 💜

this is soo high quality!

How can I buy the "Linux Basic For Hackers" and "Getting Started Becoming a Master Hacker" books from Bangladesh. I wanna buy the books.

Love these videos ❤️❤️

Thank you, love your content.

Another Great video! Worth waiting for. Thanks David And MasterOTW you guys make learning so much fun. Forever a follower to you both!

Thank you for this video! This is priceless! I am just wondering if the pi is inside Steel mountain network and you want to netcat into it it sill needs to be connected to the internet?

It worked! Tank you sir.

Just love these videos! Can't wait for the next in the series

Thanks David , So what is the recommend the book recommended by OTW for learning about scada ?

Very thanks david 🌹

yes it works brother ! many thanks

Thank you for these videos!

This is awesome stuff love watching these videos. Currently a sys admin wish I had the energy to dive deeper in CyberSec, just don't have the energy. So will continue watching the videos for now.

Thanks a lot David for the amazing content that you always post. Can you make a video for the scene in Ron’s coffee of Mr. Robot? Thanks again

i was working in back office accounts receivable for a phone company and i was in charge of keeping written documentation for paper backup of records and they used iron mountain

David, a link to buy raspberry pi would be great. There isn't one in your amazon store. Thank you!

Hi David thanks for the awesome channel, do you perhaps have the link to his courses?

Would be quite interesting to hear how to better protect ourselves from cvv penetration. If you guys could go into as much depth as possible. Alot of us would love to hear from your expertise.

Let's go To bad it's only 40min I guess the episode in Mr robot is around 40min so that's good enough but still haha amazing content