// MENU // 00:00 - We're doing this in the real world! 00:24 - Back with OccupyTheWeb 01:38 - Overview //The Hacker's Dilemma 03:16 - The Plan//Destroying Evil Corp's Backups 06:10 - High Temperature Destroy Tape Backups? 07:10 - Social Engineering//SMS Spoofing 11:48 - Why This Could Work 13:04 - Comment!//Spoofing Services That Work? 143:53 - Setup//Raspberry Pi with Kali 15:25 - Virtual Machine Setup 16:01 - Netcat//Setting Up Hacking Pi 17:50 - Netcat//Connecting to Hacking Pi 18:43 - Options//Reverse Shell//Rogue WiFi AP 20:01 - Recon with Nmap 22:26 - OTW Real World Hack//Schneider 23:59 - Gaining Access to /etc/passwd 26:01 - After Publishing the Hack Online 28:48 - Scanning for PLCs 30:19 - Modbus CLI//Memory Probing Tool 31:34 - How This Could Be Used in Mr. Robot 32:29 - Cyberwar//SCADA Hacking Overlooked 32:55 - Summary & Notes 34:04 - SCADA Network Cabling 35:41 - SCADA Hacking//Research! 36:11 - The Challenge in Mr Robot 36:39 - Mr. Robot Hacks//Realistic? 37:11 - SCADA Hacking Sim? 38:16 - Resources to Learn SCADA 38:48 - More Mr Robot? Leave a Comment! Disclaimer: This video is for educational purposes only. May it be a warning to all of us. Secure your systems and do not connect unprotected systems to the Internet. In this video we discuss the hacks in Mr Robot Season 1 Episode 5. Which other episodes or technologies do you want us to cover in future videos? Please comment. // OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw // Videos mentioned // Kali Linux install on Raspberry Pi: kzbin.info/www/bejne/hqK1h6Joo850lZo OTW Interview and Scada demo with Sombra_around_tech: kzbin.info/www/bejne/bHKoqHWKfKuEnMU // Previous video // Hack like Mr Robot Ep 1: kzbin.info/www/bejne/aarMhZKNgtGiqck // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZbin: kzbin.info // Occupy The Web social // Twitter: twitter.com/three_cube // Occupy The Web books // Linux Basics for Hackers: amzn.to/3JlAQXe Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh // Other books // The Linux Command Line: amzn.to/3ihGP3j How Linux Works: amzn.to/3qeCHoY // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

David you do so much for us! You motivate and educate at the same time. Thank you so much from all of us.

YES! Finally, I’ve been waiting for this. Thanks so much guys, very interesting series, these are probably my favorite of your videos.

David thank you so much, I've learned a lot from your channel. From NAMIBIA🇳🇦🇳🇦

I joined many Hacking channel but your channel is the best and different , your accent is very nice , you aren't filming or playing some role or having scenarios.👍 I hope you success and more money and good memories.

This was next level. Thank you David for the amazing content and sharing this knowledge with the community. It truly makes a difference.

I absolutely LOVE these series. Keep them going! I’m a big fan of occupytheweb as well. Very soothing voice, great explanations and the last video of David with occupytheweb made me even buy occupytheweb his book, which was a really good read! Keep the content coming fellows! Now, let me go grab some chips, a coke and lean back and enjoy this amazing video.

As an industrial electrician , SCADA is also being used on windmills, hydro damns, and solar panel grids.

Motivation + education+ entertainment is all about this video

Wow, great episodes, 1 & 2. I didn’t know about this Mr Robot series, having cut the cord a long time ago. What a cool way to learn of its existence, through this show. Thanks Occupy the Web. Thanks David. Watching it now on Amazon.

I recently took a course called SCADS Systems Security funded by the NSA through 6 different universities. This is a very good basic summary of the offensive capability against PLCs.

Nice episode. Getting OT to have any security considerations is like herding cats then pulling their teeth. Most of them think vlans/airgaps are enough sadly. To the timeline comment about Mr Robot, I'm pretty sure there were a time or two the naration said about how this might take a while and then the shell popped and he said about how lucky that was. I know the technical director on a bts/commentary track acknowledged it was sped up exactly because no one wants to watch "real" hacking real time.

Much more informative than 2600 "Off the Hook" adio/podcasts out of New York... 2600 is like some college kids let loose in a radio station monkeying around and asking for donations.

Another great one! I found and tried reaching out to that company that showed up last time with their exposed network to inform them. I didn't hear back, so hopefully they know about it!

Thank you sir, you are creative in every content you post, thank you again and your guest ❤️

So much wait for this video 😅 thanks David

Super interesting video ! I would like to suggest the hack in the very fist episode, fist scene: Elliot says that the onion routing protocol is not really anonymous. Could you explain how he could have done it ?

Oh snap!! I have that book, Linux Basic for hackers, and currently reading!!!! Love it everytime I read it!!! Recommend it!!!

PLC, modbus etc. is familiar to many Industrial Electricians going way back before we were snubbed by the data only side of our trade... gfy

Amazing Video like always. I love this format! As an idea for the next video maybe explain the sms hack in season 4. If its too awesome for KZbin maybe you can explain it on your website OTW.

Can you please do a technical talk on how to open (suspected) malicious links safely and what you can learn from opening them.

that edit at 29:20 was way too good haha

Great episode, I love OTW's stuff, great info! Ty

Thank you David. Great content. Maybe you can show up the Mac OS hack (episode before last in season 4) if not mistaken. Where Elliot hack the other Elliot Mac OS machine.

Long last guess youtube really verified the he'll out of this vedios to finally let this be able to post I watched the whole series of Mr robot waiting for this vedio 😂

Very love the series of hacking with this guy explaining mr robot and demonstrate it in real life. Hope you guys keep up this good work

I'm a big fan of OTW, thanks for this David !

I love this, you are realy motivate me to learn it, I appreciate it. Hacking is very interesting topic. Thank you so much!!

David, it means the world to me that you do this. Please keep it up.

I was super excited for this video, then bummed when got pushed back but it was worth the wait!! love and appreicate everything you guys do!!!

Loved it! I'd like to see that one that he checks himself out from the hospital. Cheers!

I've been spoofing calls from the Nokia days, I'm glad it's still chugging along!

Interesting to hear from a SCADA/ICS professional's perspective!

I read both of the books. Awesome enjoyed reading. Fell in love with the way it's been written. Nothing bored.

Dude, this is the only video that works. Thanks for posting!

I do believe you can spoof numbers but you have to run your own server for that. PBX phone system.

Great series, love any video with OTW! Question, I am assuming your access RPI and attack RPI were on the same network for the demo. How would the netcat connection be handled with the attack RPI being behind NAT in the building in the real world?

David this is awesome!! How about you have OTW explain every singe hack in the series, and make the videos a little big longer please just like they were in the beginning other than that keep rocking it kings ♥

I’ve done HVAC controls for 15 years. Modbus almost is never used for HVAC. Modbus is a protocol widely used in electrical/power monitoring systems. BACnet ( Building Automation Control net ) is the most widely used protocol in the HVAC industry.

Enjoying the video, you might want to blur his phone number in the ams spoofing section if thats not a fake 🙈

I wish I were smart enough to do this stuff. It amazes me.

Would be quite interesting to hear how to better protect ourselves from cvv penetration. If you guys could go into as much depth as possible. Alot of us would love to hear from your expertise.

Hey David I would like mr.Robot to take me through the courses of ethical hacking from scratch because I love it more than everything.

Love Your content and also love you thank you for giving so so much knowledge ❤️❤️❤️

Thanks For The Video David 🙌🏼

Thank you for this video! This is priceless! I am just wondering if the pi is inside Steel mountain network and you want to netcat into it it sill needs to be connected to the internet?

Thanks a lot David for the amazing content that you always post. Can you make a video for the scene in Ron’s coffee of Mr. Robot? Thanks again

Wow, I was expecting this episode so much !

David, a link to buy raspberry pi would be great. There isn't one in your amazon store. Thank you!

The "hello friend" moment at the beginning was awesome .... you both did your "homework". ^^ Entertaining and educational, thanks to the both of you!

Waw been such a while.... Love to the content...

OTW is amazing!!!, Thank you david, this channel is gold !!

Thx a lot this is something i wanted to learn from long time !!! WE WANT MORE OTW VIDEOS !!

very informative occupy the web💯 waiting to join the simulation lab

Wow, some rich information in this one! Thanks OTW and David!

So funny I'm a union HVAC worker and have seen a definite rise in SCADA raspberry pi. Most are definitely network connected too for remote control over the system which could b detrimental to something like a hospital

It's exciting to see OTW working, how he do the his magic...how he thinks..., helped us understand how the real life of a penetration tester is. Amazing!

This is awesome stuff love watching these videos. Currently a sys admin wish I had the energy to dive deeper in CyberSec, just don't have the energy. So will continue watching the videos for now.

I was wondering about sms spoofing and how its done, literally two days ago and you posted this lol ( out of curiosity btw lol )

We want more Hack like Mr.robot videos and also david you are awesome

For anyone looking to send SMS... the textbelt method is needlessly complicated GIVEN that you cannot spoof the sender. Since you can’t spoof the sender, you might as well just use something like Google Voice or TextNow (I think is what it’s called). Granted, you may lose some anonymity - but even using textbelt you have to give them your payment info so it’s not that anonymous either. If Textbelt could spoof a number, it’d be a different story. But if you’re just looking for a phone number that your target doesn’t recognize, there are countless simple apps you can use. Burner is another one.

For tapes to melt you need at least 110C no central heating does that unless your in a crematorium 😂And tape storage is indeed done at a certain humidity. Too dry and it crumbles over time, too humid and fungi make their way in and causes “bit rot”, just like good cigars. But only long term take storage is done climate controlled. At IBM we had offside tape vaults and only the back part was a humidor and customers were charged for that. The non humidor controlled area was far bigger because tapes in roulation aren’t at risk from fungi as much because they are in motion too often for spores to settle.

I am installing a new system that uses modbus and a 485 to ethernet adapter so I can get data from the end device over my IP network...this now has me thinking how an outsider could get in to start my generators or even worse...Good firewall protection on my network but more so good physical security at my remote locations that are not manned.

Everytime I try doing something like HTBA or THM I just get so bored and uninterested. I really wanna learn hacking but Idk why everytime I try those sites I get kind of bored. I don't know if it's because I get stuck and don't know what to do or if it's because it's not the "real stuff"

David i want to learn from OTW about the hacking but getting scared to fill the personal details inside the site.

David Did You Prefer Kali Or Parrot OS ?

Can you create a course for us related to hacking basic to advance

I believe 160 degrees Fahrenheit would be needed to damage tape backups......

should make a vid on spoofing with your own smsc server

Anyone can learn how to use Kali and the commands. Building your own hardware and writing payloads onto Raspberry and Arduino boards is far more satisfying than using tools built by someone else. Although some programs for password cracks, vulnerability tests and recon are useful.

Develpment in security technology is moving fast. Nowadays, SCADA systems or Smart IoT devices, which can be anything from a temperature sensor, a smart fridge, electricity meter or a switch for a light bulb or any other electric device, are being directly connected wirelessly, mostly over either WiFi or LPWAN technologies like for example LoRaWAN or NB-IoT or sigfox. Which means the wired modbus speaking device is extended to a wireless network, which enlarges the attack surface enormously. You don't even have to physically insert a raspberry pi into the wired network anymore. Wifi is pretty secure nowadays. A lot of LPWAN technologies are not. There is work being done in this domain to encrypt these wireless systems but it still is not enforced by law in most countries to encrypt these connections. There is also technology which can detect physical tampering of such devices or systems via a kind of radar system, which creates a rf fingerprint, which is unique to the device and thus can directly be used to create a unique key for encryption. The physical device itself becomes the key! Tampering it destroys the key. Also security education is growing. There is universities offering IT-security as a major now.

Hey David, I recently discovered your videos and I'm absolutely hooked - they're brilliant! Thank you so much for these fascinating videos, you've inspired me to change my career!

Excellent and interesting series of videos. 👍😁

Im starting to think that OTW is the hacking consultant for Mr Robot! lol

I want to hear this guy say "Obviously, you're not a golfer" because he sounds just like Jeff Bridges

Surely once you're in the network, you can use whatever software or controls the actual staff would use... so you'd just need to get a copy of the controlmonitoring software right ?

Let's go To bad it's only 40min I guess the episode in Mr robot is around 40min so that's good enough but still haha amazing content

You explain that companies provided spoofing id services. The real question is.... how do those companies spoof ids?

Regards connecting to the Pi from externally; one could still use the option of creating a WiFi access point on the planted RPi, then have a second, battery-powered RPi sitting in range, say in a hedge or something, with a satellite router attached. Two hops instead of one, and the battery would last long enough for them to pull off the hack.

Please , please please we want more episodes 😭😭😭

this is soo high quality!

Hi David thanks for the awesome channel, do you perhaps have the link to his courses?

I've been waiting for this one!

Hey David where's the EP 3?

YES! 😂 It's finally here

Great video and very informative. Thanks David for great content.

You still can spoof senders with EU services ;) Use specific name or even phone number, but if someone will call that number then it will be as none existing.

Great series. I've been sharing them with my kids to get them involve. Regarding "uptime | cat /etc/passwd" , if i remember correctly, /etc/passwd is world readable.

It's finally here 😀

Hey! Who stores their data on tape anymore?

It worked! Tank you sir.

Why not just use a texting app then? It's the same thing and way less complicated right?

Cheers Mate.

Thanks David , So what is the recommend the book recommended by OTW for learning about scada ?

Dude which laptop you used to programming?

If you use a backtrack version of Kali the Social Engineering Toolkit still has SMS Spoofing

Hey david, At 7:57 stranger said use textbelt for manually usage by api but here in india and almost half of the asia has banned taxtbelt and i think there is no alternative for it, it is but almost are paids. Then how it will possible.

Great reviews! One of the overlooked points of accessing the Raspberry Pi remotely, that would require an open port on the firewall, correct? It's been a while since watching that episode. I don't remember how they accessed the Pi.

Man that show was addictive i hated for it to end.

yes it works brother ! many thanks