A time honored tradition in many US high schools is for students in their final year to do some kind of prank as part of their senior year. As it turns out, some pranks or more interesting from a hacker perspective, than others.
At the at the DEFCON 30 security conference in Las Vegas, Minh Duong outlined how he, along with a team of friends, was able to gain control of the presentation and public address systems in his local high school district outside of Chicago and Rickrolled it. A Rickroll is when a loop of Rick Astley’s 1987 song ‘never going to give you up’ is played to annoy a user.
Duong explained that his high school has approximately 2000 students and is part of a larger school district in suburban Chicago, which has six high schools in total.
“Like any hacker wannabe, I started running scans against my school network,” Duong said.
Duong discovered all kinds of things connected to the school network that he could access including printers, voice over IP phones, switches, security cameras and the school’s IPTV presentation system which is used to show announcements. In his senior year, Duong along with his friends decided that Rickrolling his high school would make for a great senior prank and they dubbed their effort – Operation Big Rick.
Inside Operation Big Rick
During his presentation, Duong outlined a litany of device misconfigurations across his local school and his school district’s IT system that enabled him and his friends to gain access to services they have no business accessing.
Duong discovered that all the systems in his school were running the LanSchool application to give teachers control over the computers in a given classroom. That application was not properly secured with adequate passwords, enabling Duong to get access.
By chaining access through several different systems, in attempt to stay hidden, the teenage hackers decided to load the Rickroll screen onto the IPTV system to run at a certain time. Adding further insult to injury, the high school hackers disabled the ability for infrared remotes within classrooms to shutoff any screen.
While re-examining the local high school network, one of Duong’s friend was able to discover that there was unfettered access to the school’s public address and bell system, which was also connected to every other high school in the district.
“It turns out the district did change the default password, but they used the example password from the manual,” Duong said. “It was a massive success and both the IPTV systems and bell system Rickrolls worked.”
Lessons Learned by the High School
Duong and his friends just wanted to execute a prank and didn’t intend to be malicious. To that end, they anonymously sent out a 26 page penetration report to the school, that identified all the areas of weakness that needed to be improved.
The school district took kindly to the report and asked the high school hackers for more information and promised not to take legal action.
“It was a pretty big relief for all of us,” Duong said. “I’m sure many of you have heard stories, where students report vulnerabilities about their school and it does not end well for them.”