![]() To set up a custom video stream to play in real-time, Duong needed to broadcast multicast traffic, but only the AvediaStream encoders of AvediaSevers could do that. ![]() Read Next: AV-as-a-Service Requires You To Speak IT’s Language As far as details on those bugs, Duong responsibly did not disclose any details. To gain initial access, Duong said he discovered several default passwords, but also a privilege escalation vulnerability that was present in all of Exterity’s products, giving him root access across all systems. “Thanks to the increased flexibility from the payload, I could also back up and restore receiver settings to the filesystem after the rickroll was over.”ĭuong details how he looped commands to keep displays on and keep the stream running if someone attempted to power off the display or mute it. “This script contained various functions that could execute requests to the web interface locally on the receiver,” Duong wrote. He developed a simple shell script that would serve as a staged payload to be uploaded to reach receiver ahead of time. The high school student said had “complete access” to the IPTV system since freshman year, but waited until April 30 of this year to pull his senior prank.ĭuong writes that he first figured out how to control all projectors at once via the SSH access one each receiver as the command-and-control channel. ![]() The Exterity devices in the network question were AvediaPlayer receivers, AvediaStream encoders and AvediaServer management devices, he wrote. ![]() The hacked displays included anything connected to the network: TVs, projectors and a video wall displaying the lunch menu.Ĭan we PLEASE give it up to the cyber genius of a senior that managed to respectfully prank the entire district by Rick Rolling thousands during passing periods & left a good note for the #Classof2021 □ Bravo & use those smarts to change the world! #seniorprank #d214rickroll /dKZt5PPYlDĪccording to Duong, he responsibly disclosed the vulnerabilities to IPTV vendor Exterity and the school districts IT staff, which helped him avoid any discipline for the hack. Minh Duong, a student of Township High School District 214 in Illinois – the state’s second-largest school district – wrote in a blog that he hijacked every networked display in every school to broadcast “Never Gonna Give You Up” by Rick Astley, which itself has become a popular meme and internet prank. An Illinois high school student is taking credit for hacking into his school’s IPTV system, accessing every display on the network and Rickrolling the entire school district and its 11,000 students.Īlthough a harmless prank, the ease with which a high school student with limited resources was able to fully control the display network should give integrators and their vendors a heightened sense of awareness when it comes to cybersecurity. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |