X

This website uses cookies.

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Cookie Policy.

I agree
Learn More
Great Geek Gifts in the Technabob Shop!Get Technabob Daily: Join our Mailing List! | Follow Us: Facebook | Twitter
Awesomer Media Sites: THE AWESOMER | MIGHTYMEGA | 95OCTANE
subscribe to our rss feedsubscribe via e-mailfollow technabob on twittertechnabob facebook fan pageGoogle+follow us in feedly
Follow Us:
Cool Gadgets, Gizmos, Games and Geek Stuff on Technabob

RickMote Controller Hacks Chromecasts, Can Never Give It Up

by Lambert Varias
Advertisement

In case you’re not familiar with Google’s Chromecast, it’s a small device that plugs into any display with an HDMI and a USB port to let you stream videos, apps and more from your laptop or mobile device to the display. Security consultant Dan “AltF4” Petro came up with a Python program that lets you hijack any Chromecast and make it play a YouTube video of your choice.

rickmote-chromecast-controller-by-dan-altf4-petrozoom in

Dan called his program the RickMote Controller, because he chose to have it load Rick Astley’s infamous music video when it hijacks a Chromecast. He installed it on a Raspberry Pi, which he then placed in a custom 3D printed case. Here’s a quick demo of the RickMote Controller:

The program works by taking advantage of Chromecast’s user-friendly setup, which can only be done over Wi-Fi and appears to be very insecure. Like our phones and laptops, Chromecasts can remember a Wi-Fi network’s SSID and password so you won’t have to manually enter them every time you want to use the device. The problem arises when a Chromecast is disconnected from that one Wi-Fi network that it knows.

Instead of waiting to be reconnected with that exact same network or for a prompt from the user, upon disconnection a Chromecast will go back into its insecure user-friendly setup mode and will once again look for anyone that will give it an Internet connection. In theory, this allows you to easily re-enter new network details, like when you change your router or password. But that also gave Dan the opening that he needed. He presented his idea at last year’s ToorCon. You can skip to around 9:13 for a summary of the hack.

In case you didn’t watch the video above, Dan said that in theory, a Chromecast will remain under his program’s control as long as their connection holds, making it a semi-permanent hijacking. As a workaround, Dan suggests that Google modify Chromecast’s network setup mechanism. For example, by adding a button on the device that needs to be pressed before it can connect to a new network, or by making it so that it will only look for networks on startup. Head to Bishop Fox for more on the RickMote controller.

[via Reddit]

Hot Deals in the Technabob Shop:



Comments are closed for posts older than 90 days.

More from Awesomer Media...

That Beer Guy

That Beer Guy

Free Skates are Awesome

Free Skates are Awesome

Ferrari 488 Challenge Ready for Turbocharged Racing Action

Ferrari 488 Challenge Ready for Turbocharged Racing Action

Hyundai’s New i20 WRC Car Is a Real Badass

Hyundai’s New i20 WRC Car Is a Real Badass

Guardians of the Galaxy Vol. 2 (Teaser)

Guardians of the Galaxy Vol. 2 (Teaser)

Citizen Brick Mad Max: Fury Road & Planet of the Apes Minifigs

Citizen Brick Mad Max: Fury Road & Planet of the Apes Minifigs

Advertisement