Surely you’ve ever thought about it: in the movies, usually, when a character is hacking something shows someone typing a handful of characters very fast on a keyboard with colorful graphics and sound effects to make it look like they are doing something amazing. But let’s face it: it is an invented way that serves to give us an idea of ​​what it does, something inexpensive and fast. And nothing real. But there is a movie that went further. One that the hackers truly respected above all else and fell at his feet for his loyalty.

Yes, The Matrix is ​​the first major movie that accurately portrays a hack. Trinity uses a exploit known. And the trilogy managed to inspire an army of netizens over the years.

The movie isn’t necessarily about hackers like it does Hackers or Sneakers (Snoopers, in Spanish), but it may well be the film that most embodies the hacker spirit and the one that has most influenced that culture in the last two decades. Just look at the aesthetics of the film. If you go to cybersecurity conferences like Def Con or Chaos Communication Congress, it’s hard to tell if the hackers are disguised as the Matrix, or if the Wachowski sisters, the minds behind the play, stole the game from them. look. A Def Con spokesperson, in fact, said that Matrix it was a staple on the association’s movie channel in Las Vegas.

But the references to hacking, computers, and appearance cool are just the surface layer of what makes Matrix be such an iconic hacker movie. After all, there are several ways to understand the movie and unravel its meaning. The sequels go further into religious territory, but there are still very explicit cybersecurity references. Matrix Reloaded is “the first major film to accurately portray a hack“as recounted an article by cybersecurity journalist and exhacker Kevin Poulsen. And it’s not just that the film accurately portrays hacking, it actually show Trinity using a real tool commonly used by hackers, “nmap”, and a exploit from real life called “sshnuke”.

In one scene, actress Carrie-Anne Moss pays attention to her mains-connected computer (for plot reasons we won’t reveal). But exactly at the point where the public would normally be treated like an idiot with colored graphics typical of a cybersecurity intrusion, something completely different happens.

Trinity runs “Nmap”.





This image of Matrix it shows a computer screen running a real-life operating system, and it runs programs that actually exist and are used to hack that sort of thing. For example, do you see in the image where it says “starting nmap”? It is probably the most widely used free hacking tool, a sophisticated port scanner that sends packets to a machine, or a network of machines, in an attempt to determine what services are running. An Nmap port scan is a common prelude to an attempted break-in, a way to cloak the joint to find out if any vulnerable services are running.

This is exactly how the fictional Trinity uses it. In a sequence that flashes on the screen for a few seconds, the phosphor green text on the Trinity computer clearly shows that Nmap is running against IP address 10.2.2.2 and finds an open port number 22, correctly identified as the SSH service. used to log into computers remotely.

“I was very excited when I saw it,” explained “Fyodor,” the 25-year-old author of Nmap. “I think compared to previous movies that had some kind of hacker content, it’s a real thing.” But the unexpected wink at the hacker doesn’t end there. Responding to the Nmap output, Trinity opens a program called “sshnuke” that starts “an SSHv1 CRC32 exploit attempt”. Discovered in February 2001 by security analyst Michal Zalewski, the SSH CRC-32 error is a buffer overflow in a piece of code designed to protect against cryptographic attacks in SSH version one. If successful, it grants full remote access to the vulnerable machine.

Of course, the program that Trinity uses is fictional: there is still no “sshnuke”, and the exploits take the user directly to a shell from root, while the desktop version forces the hacker to change the password of root of the system, in this case for “Z1ON0101”. But the movie takes place in the future. Is Zalewski surprised to see unpatched SSH servers running in AD 2199?

Another side note: in the movie dreddWith Karl Urban, the character is also shown to be using a Linux computer and you can see him by running “nmap” when he is searching from which terminal in the building Dredd is accessing the system.

An army of movie-goer hackers

Returning to the Matrix, the film purposely appealed to a generation of hackers which was already blooming. “Hackers had been building their own spaces for decades before the Matrix came out, so the idea of ​​being a part of something that was only there if you were part of the ‘group’ was not new to anyone active in the community prior to 1999. “Emily Crose, a researcher and former NSA analyst, explained in this Vice report. Having access to this hidden information and being part of that clandestine exchange was part of the hacking identity. You had access to that world if you were curious to discover it. That curiosity was the reason Neo took the red pill.

Crose recounted that his generation of hackers “began their careers as outsiders.” obsessed with technology and following his curiosity, his “white rabbit”, like Neo and his companions of the ship Nebuchadnezzar. That is what attracted young hackers from all over the world. In the case of the famous security researcher who goes by the name x0rz, the Matrix literally led him to become a hacker. When he decided to go to a private school in 2004 that offered cybersecurity courses, he said “I was probably there because there was a cool guy in the brochure, very similar to Neo.”