YouTube / Bishop Fox
Living room trolls, rejoice.
Dan Petro, a security analyst for the Bishop Fox IT consulting firm, built a proof of concept device that's able to hack into any Google Chromecasts nearby to project Rick Astley's "Never Gonna Give You Up," or any other video a prankster might choose.
According to a blog post written by Petro (via TechCrunch), the "Rickmote," which is built on top of the $35 Raspberry Pi single board computer, finds a local Chromecast device, boots it off the network, and then takes over the screen with multimedia of one's choosing.
Petro's 20-minute YouTube video breaks down how the Rickmote works, but to briefly summarize, the device employs an unencrypted command called "deauth," which basically reauthorizes the device from the network. As TechCrunch points out, this isn't a Chromecast bug, but actually a relatively common quirk among Wi-Fi devices.
When the Chromecast receives the "deauth" command, it returns to its configuration mode, leaving it open for a device - in this case, the Rickmote - to configure it. At that point, the Rickmote tells the Chromecast to connect to its own Wi-Fi network, at which point, Google's streaming stick is effectively hacked.
YouTube / Bishop Fox
When the Rickmote and Chromecast are connected, pranksters can send videos or songs of their choosing to Google's HDMI streaming dongle. But it gets worse for the victims: If the hacker leaves the range of the device, there's no way to regain control of the Chromecast.
Unfortunately for Google, this is a rather serious issue with the Chromecast device that's not too easy to fix, as the configuration process is an essential part of the Chromecast experience. We've reached out to Google for comment, and we'll update this story as soon as we learn more.
Petro says he plans on releasing a "step-by-step guide on how to create a Rickmote controller out of a Raspberry Pi," and will offer some details on August 6 at the Black Hat Tools Arsenal USA at the Mandalay Bay resort in Las Vegas. However, hackers and pranksters can already get started building their own devices with the open-source code and set of instructions, which is available at the Bishop Fox GitHub page.
"Once it's ready, using the Rickmote could not be any easier," Petro writes. "To start rick rolling, boot it up and press the big Rickroll button. One click is all it takes - and Rick Astley runs wild!"