I thought this was a pretty funny, although risky prank, that took advantage of a zero day vulnerability in Exterity’s IPTV system. Minh Duong, a former student at Township High School District 214, identified this vulnerability and was able to take control of every TV within the district. This allowed him to pull off the “Big Rick” which played Rick Astley’s classic “Never Gonna Give You Up” on every IPTV across the district.
The Exterity IPTV system runs networked Projectors and TVs across the Township School District. The TV players can receive serial commands via a web interface and an SSH server which allows for centralized control. Duong noticed this set-up earlier on in highschool and was able to exploit the vulnerability, but didn’t do much with it initially. He later got the idea for the “Big Rick” as a senior prank.
Duong was very clear that he was lucky that the administration didn’t pursue criminal charges against him for unauthorized access. He notes in the article that people should “never access other systems in an unauthorized manner without permission.” The vulnerability has been reported to the manufacturer, although it’s unclear if this has been fixed.
Author: Becky Bracken
Published: October 14, 2021
Link: https://threatpost.com/rickroll-exterity-iptv-bug/175491/
Leave a Reply
You must be logged in to post a comment.