What really happened in The Matrix: Reloaded?

A warning to those who haven’t yet seen the movie: The following article contains spoilers.

As those who have seen the movie already know, one of the main characters, Trinity, crudely but delicately hacks into a power plant. As the sequence of events passes rather quickly, it is not apparent what actually happens. So, let's go through it:

1) Trinity gets access to a computer console.
2) She looks for a vulnerable server using the Nmap utility (a special tool developed to seek vulnerabilities).
3) She hacks into it using the fictitious sshnuke utility.
4) Finally, she logs into the server as root, and powers off the grid. Voilá!

So what is so interesting here?

The fact is, that the Nmap tool for scanning the hosts really exists, as does the SSH1 CRC32 exploit used by the sshnuke tool. Note, however, that the sshnuke tool itself is not real. The second interesting fact is that there are several old SSH-servers still around today that manifest this vulnerability.

Reactions worldwide are intriguing too. This seems to be the first movie to actually use real tools and methods to show hacking, and this has generated a great deal of discussion. One comment I read questioned whether vulnerable SSH servers would still be around in the year 2800. This was of course erroneous, given that the Matrix world is a simulation of late 20th and early 21st century - apparently an extremely good one.

Why should we pay attention to this part of the movie? Because SSH should be updated regularly. Those users with valid maintenance agreements have received the updates already years ago and are secure. However, the message is clear to users without maintenance agreements, running old SSH servers on their networks: Upgrade your SSH servers before your power grid gets haX0r3d!

More information about the hack in the movie

Discussion about the movie and the hack

CERT advisory

F-Secure statements regarding several SSH1 vulnerabilities


Author: Pasi Takala, Product Manager


Begin | Back