He developed a simple shell script that would serve as a staged payload to be uploaded to reach receiver ahead of time.
The high school student said had “complete access” to the IPTV system since freshman year, but waited until April 30 of this year to pull his senior prank.ĭuong writes that he first figured out how to control all projectors at once via the SSH access one each receiver as the command-and-control channel. The Exterity devices in the network question were AvediaPlayer receivers, AvediaStream encoders and AvediaServer management devices, he wrote. The hacked displays included anything connected to the network: TVs, projectors and a video wall displaying the lunch menu.Īccording to Duong, he responsibly disclosed the vulnerabilities to IPTV vendor Exterity and the school districts IT staff, which helped him avoid any discipline for the hack. Minh Duong, a student of Township High School District 214 in Illinois – the state’s second-largest school district – wrote in a blog that he hijacked every networked display in every school to broadcast “Never Gonna Give You Up” by Rick Astley, which itself has become a popular meme and internet prank. That’s the lesson an Illinois high school district learned when a student hacked into his school’s IPTV system, accessing every display on the network and Rickrolling the entire school district and its 11,000 students.Īlthough a harmless prank, the ease with which a high school student with limited resources was able to fully control the display network should give technology managers a heightened sense of awareness when it comes to the cybersecurity of their audio and video networks. At the very least, change the default passwords. If you have ever thought about the many IoT devices that live on networks at your organization, you should seriously look into the security of those products and segment those networks.