Chances are you bought your Raspberry Pi for something useful like a car diagnostics tool or a wireless router. Right now, we’d rather use it for something more fun. Like a device that hijacks any Chromecasts in the area and rickrolls them.
This device, based on a Raspberry Pi and created by analyst Dan Petro, floods any Chromecast in the area with disconnect requests and then begins playing Rick Astely’s ‘Never Gonna Give You Up’. You can see it in action in the video above.
Petro goes into more detail about how he created this device in this video. It’s unclear how or if the vulnerability might get patched, but in the meantime, it’s an entertaining way to mess with your friends. Fortunately, this device still requires that you be within Wi-Fi range of the target Chromecast so, much like the notorious TV-B-Gone, it’s malicious powers are limited largely to pranks and annoyances.
Bishop Fox [YouTube via Engadget]
Comments
4 responses to “Make A Chromecast-Hijacking Rickrolling Device Out Of A Raspberry Pi”
it needs to not display the video information in the top left before the video plays,, otherwise the surprise of the drum roll is just meaningless.
I would argue that it needs to not have the work ‘Rickmote’ on the screen. If there was ever a word to be suspicious of it’s that one..
It’s easier to just rename the rick roll video to TV series titles and wait till they go to play the next episode.
Game.Of.Thrones.S01e01.avi
Game.Of.Thrones.S01e02.avi <- Rick!
From what I could see, it’s not a vulnerability. It would be if you were able to control devices on networks other than your own, but the Chromecast was designed to be controllable by anyone on your local network, which is why I can play a video then my wife can take over and play one without needing me to press buttons on my tablet.
An update announced at Google I/O 2014 is supposed to bring more security (because you won’t need to join a network to control a Chromecast like before) so that may fix that.