Some interesting moments from the Snowden film

From the collection of WTF moments, not to undermine the new film by Oliver Stone – Snowden. In the early part of the movie there is an interesting unix terminal session scene which is worth a closer look.

snownden-08The scene where the CIA instructor Corbyn O’Brian assigns the task to his students:

“We are gonna start with an aptitude test, each of you is gonna build a COVER(?) communications network in your home city. You are gonna deploy it, backup your site, destroy it and restore it again.  The point of this exercise is to keep our infrastructure up and running securely. The average test time is five hours. If you take more than eight, you will fail”


root@localhost:~ # nmap -p1433 --script=ptest.nse

– scanning mysql port 1433 where ? no host given or ip range..
– ptest.nse must be some uber pentest nmap script :)

root@localhost:~ # tar cvfg sqlfiles.tar.tb2 /dbdump

– Created a bzipped tarball with .tb2 extension of /dbdump directory :)

root@localhost:~ # sudo nmap -sP

– Why  doing an nmap ping scan via sudo if we are root anyway ?
– no stdout ?

  root@localhost:~ # tar --extract --file=sqlfiles.tar.bz2 /dbdump

– Now what the fsck is this command supposed to do ?

 root@localhost:~ # bash

– I wonder what this script does :) Only a blurred set of strings is visible. Strange way of starting a script but hey. this is NSA..


In the background we can see the following browser agents:

 Gecko/20100101 Firefox/33.0 gray
 MSIE 7.0; Windows NT ...

– From when is  Firefox 33 ?   – Answer: October 2014
– The timestamps in the terminal however shows 2005 (screen further below)


Entering the CIA instructor and checking the test results …


 root@localhost:~# cd backup  
 root@localhost:~# ls -aril

– What is the CIA instructor looking for ?
– explanation -a(all) -r(recursive) -i (print inodes per file) -l (long list format)
– we get a strange looking result

 2271953 -rw-r--r-- 1  psx   root 1056  2005/06/21 10:
 ./dump496 2005/06/21 10:14:25:
 212602 212602 .
 212603 202603 ..
 212604  drwxr-xr-x 9 local  root 2912  2005/06/21 10:
 212605  drwxr-xr-x 3 local  root 3264  2005/06/21 10:

– Shouldn’t  directories under unix have 4096 size ? I don’t get it :)
– Maybe its some uber Unix clone the guys in CIA use …


Now some time passes and we finally get to the scene where the NSA files are stolen :)

snownden-05– Using Windows 7 EXPORER.EXE to copy files to a SD card inserted into a reader slot in a keyboard ??
– I thought there was more to it …. but I guess the simplest things always work the best.

snownden-06 – I see windows … more windows …. yuk..  People already discuss this on IMDB under Goofs

Its not a bad movie and I just wanted to comment on some technical aspects shown.


About astr0baby

Please run Adblock or similar... we have been told to do so since Carl Sagan wrote the Contact .
This entry was posted in Uncategorized. Bookmark the permalink.

6 Responses to Some interesting moments from the Snowden film

  1. Aniko says:

    Thank you for this post :) I just watched the movie and googled “snowden sudo when root” and found this haha

  2. brite says:

    I found my way here by googling this bogus command “” only one person had enough interest to discuss these commands ^^ I gave up hacking ages ago and now I’m as technically dumb as your neighborhood’s strolling cat, but seeing a black screen leaves me nostalgic.
    Enjoyable post, you’ll excel your field with such curiosity.

  3. koosha says:

    I believe the `-r` switch on `ls` is for “reverse”, and `-R` for “recursive”. Usually useful when sorting by size or date, but on it’s own…?

    `-i` in this context seems useless to me. Maybe a hardcoded-in-my-fingers-habit by the instructor, just the way I always add `-l`.

  4. Alex says:

    I came here to find the solution of the aptitude test, I thought you will teach us to create covert communication network, may be not destroying method but at least backup method but you also explained those shitty commands :(

    • astr0baby says:

      I guess its intentional to show bogus stuff (because they could get sued if somebody used this as an argument in court – hey I saw it in the movies ..) … and yes those are truly shitty commands ;)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.