The Rickmote is a Python program for Hijacking Chromecasts and playing arbitrary video to their connected TVs. Full details on how the hack works will be provided at the talk "Rickrolling your Neighbors with Google Chromecast" at HOPE X in New York. See you there!
Additionally, this is all streamlined into a Raspberry Pi (pictured above) with details to come soon at BlackHat USA 2014's Tools Arsenal! If you just can't wait and want to try pranking your friends right away, here are the vital ingredients:
- aircrack-ng
- Tkinter python library (python-tk in debian)
- hostapd
- dnsmasq
- Network Manager, specifically nmcli
Download the 3D models for the slick Rickmote 3D printed case here at Thingiverse http://www.thingiverse.com/thing:398100
- Raspberry Pi Model B Revision 2.0
- Samsung 32GB PRO SDHC
- 2.8" Touchscreen Display for Raspberry Pi
- AmazonBasics High-Speed HDMI Cable
- Lithium Ion Polymer Battery - 3.7v 2500mAh
- Motorola Micro USB Charger (5V, 850mA) Model: SPN5504
The Rickmote Controller needs to pull a lot of Wi-Fi shenanigans in order to automate the hack. For best results, you may want to try using Kali Linux as it has the easiest setup for wireless drivers that support injection. Also note that we are actively working on reducing these assumptions! Sorry it's so specific in the meantime.
- Three wireless interfaces.
- wlan0 is a client interface that is set to Managed mode
- mon0 is a monitor mode interface that supports packet injection
- wlan1 is a an AP that is set to Master mode
- wlan1 is an access point to an open AP named "RickmoteController", using hostapd
- wlan1 has an IP of 192.168.75.1, netmask 255.255.255.0
- A working Internet connection, bridged to wlan1
- Tethering to a smart phone tends to be a decent method
- We currently only have support for playing YouTube videos from the real Internet
- It is also worth noting that the current Rickmote de-authenticates every wireless network it sees, and is generally very rude
For more information, try here.
How the procedures work for Hijacking Chromecast:
- 1: Deauth the STA connectivity of Chromecast to the WiFi AP.
- 2: Connect to the AP mode of Chromecast, usually set as "Network Name"
- 3: HTTP POST to set the Chromecast to the AP setup for hijacking purpose
- 4: Find Chromecast using upnp protocol using multicast address (not working certain times)
- 5: Enable the Youtube apps