DEF CON 30 - Minh Duong - The Big Rick - How I Rickrolled My High School District, Got Away With It

Рет қаралды 73,334

Күн бұрын

Пікірлер: 136

@boneitch 2 жыл бұрын

I love how the audience is like a mass of proud parents cheering on the next generation. This talk is exactly why I fell in love with hacker culture.

@OmnoWombo Жыл бұрын

best part about it

@Aaron-zu3xn Жыл бұрын

kid may have uncovered a major scandal any teacher downloading cp can control a student's pc and it can't be traced

@SpookySkeleton738 2 жыл бұрын

That wasn't script kiddie stuff, it was, at the very least, script teenager stuff

@mattnsac 2 жыл бұрын

Just the amount of OSINT they did to find default creds elevates to script big doggo. There are professionals that would miss scouring the user manuals to find default creds.

@konkeydonged 2 жыл бұрын

@@mattnsac Shapes finding/using Control1 was very clever/wise; he deserved to see his wish fulfilled for that.

@WackoMcGoose 2 жыл бұрын

Agreed, this is solid Red Team portfolio work here. Combined with due dilligence to document the _how_ of the stunt to prevent it happening again, this kid's going places.

@Max-zr7hr Жыл бұрын

Meow

@illegalcoding Жыл бұрын

"It's just script kiddie stuff" "By the way we found a privilege escalation vulnerability with a mitre CVE number" "Also we wrote a 26 page pentest report" Incredible

@tillorrly1128 2 жыл бұрын

Dude pulled an amazing senior prank that even can help his career. What a legend.

@NithinJune 2 жыл бұрын

If he did it like a year earlier he coulda written about it on his college app rip

@JeremyAndersonBoise Жыл бұрын

You’re hired, Minh

@petergerdes1094 2 жыл бұрын

As fun as the technical stuff is I feel the real amazing thing is a school showing good pedagogical skills and humor in responding to youthful hijinks that didn't hurt anyone. The technical hack is great (congrats) but the more important message is the appropriate way for educators to respond.

@antonliakhovitch8306 2 жыл бұрын

Absolutely. I know my high school would've pursued me to the grave to make sure I didn't get a job or degree.

@WackoMcGoose 2 жыл бұрын

@@antonliakhovitch8306 At least they would've let you live to tell the tale, some high schools I've heard of on the news would literally _disappear_ a student (and their family if they wouldn't accept hush money) that tried to pull a stunt like this.

@takeuchi5760 6 ай бұрын

@@WackoMcGoose What the fuck? these guys running a school or a drug empire

@WackoMcGoose 6 ай бұрын

@@takeuchi5760 These days, they're basically one and the same.

@pecket1767 2 жыл бұрын

This sure ain't script kiddie stuff. This shows talent and is a harmless but high-quality hack with proper research and documentation, clever (despite some being somewhat simple) security circumventions as well as a great sense of humor. Not all hacks needs to involve brutally intense reverse engineering and/or physical hardware hacks. Well done and great talk!

@amyshaw893 2 жыл бұрын

you can tell he's terrified in the talk. well done, i definitely wouldnt have been able to do a talk like that

@konkeydonged 2 жыл бұрын

Most exceptionally intelligent people cannot, especially if they're spending all day every day on computers.

@eeurr1306 Жыл бұрын

@@konkeydonged It took me alot of years to be confident in public speaking

@AronBezzina 2 жыл бұрын

As soon as he said lanschool I couldn’t stop laughing. Around 2008 I was learning IT at school. The IT department put lanschool on every pc over Xmas break. I didn’t like being spied on so I tried to remove it from the pc I was using, I found out u can only remove it with the installer. Lucky a little googling later I found a copy on rapidshare. Sadly, without domain admin I couldn’t run the installer. Oh did I mention I was studying IT😂. Yeah we had VMware on all the pcs, so I could just spin up a vm with xp and install it on there as the teacher. A small regedit later and I was no longer locked down to viewing one classroom. 😂 ah fun times.

@inund8 2 жыл бұрын

The part that got me was when they used Among Us colors to refer to each other in the meeting. I can only imagine these kids saying white sus while planning these. So good.

@th0m 2 жыл бұрын

Ballsy move. I got suspended from high school for demonstrating the lack of a bios password in one of the mac labs and providing instructions on how to add one. Ended up getting kicked out of graphic design, but they let me stay in CCNA for some reason. Good to hear there are at least some sensible IT departments out there.

@jfbeam 2 жыл бұрын

While I agree they over reacted, they have a legit gripe... what were you doing to even notice the lack of a BIOS password? Are you going to wander through an apartment complex trying every door, and yelling "you should keep this door locked!" into every one that opens? (don't try it. that's "criminal mischief")

@th0m 2 жыл бұрын

@@jfbeam oh wow I left some serious details out of that comment.. Basically I finished all my assignments for the graphic design class I was in, and noticed the computers had a tony hawk game installed but our user accounts did not have the permissions to open it. So I added a *local* admin user to the computer by using singleusermode and ran the game. At the time, all it took to add an admin user was to remove an empty text file indicating first time setup had been finished. Mentioned the vulnerability to an upperclassmen friend in my ccna course who did some work for the school on the side and passed the details on how to implement the password through him. When going to implement the password I guess things got out of his hands and the administration came down on me for gaining admin access to the school's network (which I did not have nor did I intend to pursue). There was no policy strictly against local admin permissions nor any others that really applied. It just took so long to fill the prereqs to get into that class that by the time I was admitted, I had already taught myself the adobe suite - and flew through the assignments. So I tried to use the resources given to me rather than sit idly at a desk for another few months. Not by any means saying what I did was right. Just pretty annoying that in the end they stuck me with something way worse than I actually did, and that I could never get clarification on my single day suspension - my assigned day ended up being a snow day, and I had no idea what to do nor could anyone advise me on what to do about that lol

@NithinJune 2 жыл бұрын

I wonder why they let you stay in CCNA 🙄🙄

@clarkkent1473 2 жыл бұрын

oof

@xXBeefyDjXx 2 жыл бұрын

Agreed, I almost got kicked out of school for demonstrating that not only did the "lanschool" type software not work properly enabling easy bypasses, but USB Boot and no BIOS passwords meant super easy bypasses and more shockingly, a lot of the networked storage and other services had default or NO passwords enabled and some had sensitive data on it! The IT Director blacklisted me from their related training certification classes and even their internships when I did graduate, they told me to sling one when I applied there for a job years later, so clearly remembered me and didn't want me anywhere near them or the networks they were employed to keep secure.

@Mischala 2 жыл бұрын

Watching the news and social media, it's very easy to be really worried about the way the world is going. but, every so often you see a yongling like this guy and you are reminded that every subsequent generation is learning from those before it. I think the zoomers are gonna do alright.

@ChristianHaschek 2 жыл бұрын

glad to see young blood with ethics in the field

@pete3897 2 жыл бұрын

Props to Def Con for making these videos possible

@tamertakato 2 жыл бұрын

I do remember seeing many videos about this online! Big laugh, great talk! And yes, it is very important to have a curious-friendly IT room for Kids to immerse in it.

@Jango1989 2 жыл бұрын

That was great! 🤣🤣 Much better than many security professionals and much better opsec than many APTs! Well done!

@wolfinpdx Жыл бұрын

I'd been saving this for a rainy day. Immediately cheered me up. The kids are alright.

@Richard.Sanchez Жыл бұрын

In the 90's we did a similar thing using a remote host program called Master and Minion. The whole school district was networked together, so we could print stuff on other schools printers, like NSFW ascii art. One kid got caught because he was bragging to some other students about printing stuff at a rival school and he got suspended.

@MikeHarris1984 2 жыл бұрын

the longer I listen to this, the more I am amazed at the incompetence of this IT dept. wow... just freaking wow... Such bad security... Please tell me you expalined to them how you did all this for them to patch and they can secure their stuff. They are wide open to any kind of attach and a full ransomware lockdown to the down the entire district...

@Lilly24244 2 жыл бұрын

I've found it's less incompetence most of the time and more unwillingness. Often times people in the IT crowd overestimate their abilities because most people have no clue how computers work. And if they're already good enough, why get better?

@bigbooduh 2 жыл бұрын

Lmao @ " Good Morning Big Rick Engineers" 😂 🤣

@ManifestedMadness 9 ай бұрын

The real crime wasn't hacking, but continual and repeated use of comic sans

@lezlienewlands1337 2 жыл бұрын

Nicely done! And the best part is they didn't get all mad about it and really listened.

@simpledog42 Жыл бұрын

best defcon video, pure skill, wholesome content, i love this.

@VHAEHD 2 жыл бұрын

from there we see a lot of techniques used in the presentation where the neglect of security by some schools is very large, almost all of them leave the password as default.

@athorom5172 Жыл бұрын

I hear a bunch of grown ups hearing a hackers wet dream and giggling kicking their feet

@JohnDlugosz 2 жыл бұрын

18:30 "well throughout and through" makes my head hurt.

@ActionScripter Жыл бұрын

It seems their security practices are similar to their proofreading practices.

@Henry4711LP Жыл бұрын

This is beyond awesome! I’m more than impressed that you even did a full report! Congrats, nice Rick roll😉

@aziztcf 2 жыл бұрын

Such a cool kid! Way more ethical than I was too!

@maxdutiel 2 жыл бұрын

8:19 Genetec Security Center 14:28 in my district it is a bit easier to do this if you are at the school itself. We have been slowly transitioning from Rauland Telecenter ICS systems to U systems. Now, idk where they put the servers for the TCUs, but i do know what the host name of the main IIS server that controls them is. Now here is the fun part. They evidently decided to put a trunk between the CUCM and the TCU. Now when they did that, they didnt include any class of service distinctions. So that means any classroom phone can dial the rauland paging code, and then the CUCM contacts the TCU, and then you are paging live. And then, you could transfer, conference, park, or just put the call on hold, and the CUCM would put the hold music on the connection. That also means that you can transfer the call away, and from there the possibilities are endless.

@Lilly24244 2 жыл бұрын

Now imagine (and definitely just imagine!) putting everyone on hold to Eduard Khil and calmly announcing to them that they've moved back one place in line every minute. уσυ αяє иσ. 5 ιи ℓιиє. α яєρяєѕєитαтινє ωιℓℓ ѕρєαк тσ уσυ ѕнσятℓу,

@JustPlainRob Жыл бұрын

My high school had PowerPoint presentations running all day on the classroom TVs, which were run from a computer in the library's back room. I found a way to privilege escalate an account and access where those files were stored on a network drive, and made some... creative but harmless edits. Guess they didn't think it was as funny. Instead of a DEFCON talk I got suspended for a couple weeks and banned from touching any district computers.

@vitolapinta 2 жыл бұрын

I remember watching those videos of the hack. Good talk on the subject, well done

@boneitch 2 жыл бұрын

Yes. This sparks joy.

@MikeHarris1984 2 жыл бұрын

This kid has a future in IT security!

@muadeeb Жыл бұрын

I do not often give a thumb to a video, but this fine member of the community deserves more than one 👍from each of us. Well done.

@quinnlintott406 2 жыл бұрын

This made me tear up a little.

@Nooptema Жыл бұрын

Rolling meadow. A place with a name like that was asking to get Rick Rolled.

@t1mmy13 2 жыл бұрын

This guy is an instant legend

@linuxguy1199 Жыл бұрын

This was probably one of the best talks ever.

@jmrumble 2 жыл бұрын

I once got a stern talking to by my computer teacher for after several rounds of him disabling my ability to use the browser to listen to music with increasing difficulty and me figuring out how to re-enable it. To his credit, once he knew why I was doing it, he whitelisted Pandora for me. I hated the screen freeze "feature" though. Ours was a program called SynchronEyes.

@doublenikkel 2 жыл бұрын

My man really using Comic Sans

@MikeHarris1984 2 жыл бұрын

wow, the district security dept is horrible... allowing the install of the chrome RDP to begin with!?!? wow...

@Gunbudder Жыл бұрын

i remember reading about this after it went down! there was a similar hack that happened at my university where someone took control of all projectors on the school's intranet and made them play some video. the kid that did it eventually came forward to claim credit, was expelled, and then google hired him. not sure what happened to him after that lol.

@lonnymoore2622 2 жыл бұрын

that was awesome . nice work and awesome talk .

@CharlesVanNoland 2 жыл бұрын

So good. I have faith in the future.

@Fazal828 9 ай бұрын

Something we have all wanted to do! Legendary kid

@W1ldTangent Жыл бұрын

Oh LANschool... we had fun times abusing that back in the day... sounds like it hasn't evolved much 😂

@austiniscoolduh 2 жыл бұрын

Im so jealous of this upcoming generation who get to have programming or comp sci classes...

@coshiro1 Жыл бұрын

You can't hack into technology that your school is too broke to have 🤣🤣

@Firebolt4 Жыл бұрын

Better than D211's "prank" which was an email with goatsee sent to everyone lol

@MikeHarris1984 2 жыл бұрын

Holy crap, you exploited some serious security concerns here! Your district really needs to lock down their ports/firewalls/network/access/etc... basicly wide open. How are they not under a ransomware attack right now?!?!? holy crap this is insane. And the Lanschool keystroke logging all students/teachers, that is a massive privacy issue!!!! I work for a fortune 500 financial firm and own the entire PAM service stack and securing of all privilege accounts/systems. We ONLY keylog when a user is going through an encrypted session with a prodction server using a privilaged account. And there are notices telling the user this that while in the PAM session, they are fully being recorded and keystroke logged. just to do this on all students, just because? That is wrong...

@Axodus Жыл бұрын

Yeah, what if they log into personal accounts such as E-mail and Google?? That's an easy jump-off point to obtaining access to every account that person has for most people, complete lack of security with no care to the ramifications.

@hazyproduct1692 Жыл бұрын

programs like lanschool are very popular in schools. especially GoGuardian. You think they care about privacy? I've seen teachers remotely controlling computers that are in use and laughing about it.

@wittycommentator 2 жыл бұрын

Absolute legend

@NickRenwick Жыл бұрын

What a boy. Love this.

@RelentlessOldMan Жыл бұрын

Love it, this was really entertaining, great job!

@sharonshaju1872 2 жыл бұрын

This was a red team engagement

@mineton1293 2 жыл бұрын

Haha, I heard about this from someone who works for the manufacturer of EPIC. WHY MAKE THE PASSWORD PASSWORD!?

@jetfuel_ 2 жыл бұрын

What an absolute champ

@Gameonprobro Жыл бұрын

Their password is "password" how creative 😂😂🤣🤣

@zedekai9456 Жыл бұрын

What a great talk!

@jrr851 2 жыл бұрын

Great talk.

@taiquangong9912 Жыл бұрын

Right on!

@bashtinator Жыл бұрын

The white hats we needed!

@konkeydonged 2 жыл бұрын

Just started and 30 sec; I'm to tech wizard by any measure, but that QR code must go to the Rick Astley song. Not going to check!

@error.418 2 жыл бұрын

you can read a QR code without running it. it's not a rick roll, it's a link to a video showing the prank and teachers/students reacting to it.

@konkeydonged 2 жыл бұрын

@@error.418 I want to believe you. However, what you said is potentially a clever way of social engineering me to scan the QR code (assuring me it's safe and getting me to believe that you're teaching/helping me...only to try and get me rick-rolled. ;)) I'm not at all tech savvy but my trust level is nil. I refuse to take any chance in being rick-rolled here.

@error.418 2 жыл бұрын

@@konkeydonged you need a QR code scanner that you know doesn't just automatically visit a thing. test it on known safe stuff. then read this QR code and you'll see the KZbin short URL come up. You can then Google the ID in the URL which will give you search results showing that what it leads to without visiting it. You can do all this yourself with zero trust.

@konkeydonged 2 жыл бұрын

@@error.418 "You can do all this yourself with zero trust" In theory one could...but I can't. XD Respect if you aren't trolling, but this *is* a comment section about DefCon and rick-rolling...

@98f5 2 жыл бұрын

I remember hacking my highschool. Good times good times. This looks so much funner. We still had 10 base t when i was that afe

@nicholashowland3809 2 жыл бұрын

If you build a flat network your going to have a bad time mkaaay

@uirwi9142 2 жыл бұрын

Fantastic!

@rebmcr 2 жыл бұрын

DEF CON: The Next Generation

@sandwich2473 Жыл бұрын

Gosh dang fantastic

@padnoob6998 Жыл бұрын

What a legend👍

@BinaryCounter Жыл бұрын

What a legend

@armageddon7432 Жыл бұрын

he didnt condone rickrolling BUT he didnt say anything about ringing the dinkster

@NaoPb Жыл бұрын

Nice one!

@enc4p 2 жыл бұрын

What a mad lad

@gothikia 2 жыл бұрын

This is SO RAD!

@hwhw4414 Жыл бұрын

Lol grand theft auto... I already know how to do this

@Garthritis Жыл бұрын

As a AV guy who works on Epic, Front Row, and Voica I approve. Our schools at least know better than to use the fucking pws from the manual lol. Some of that probably was on Audio Enhancements though as they tend to be hands on when setting up their Epic Systems. Now they know better.

@nickcliff Жыл бұрын

That was a amazing prank

@NithinJune 2 жыл бұрын

14:00 this is hilarious 😂😂😂😂😂😂

@JonathanPoczatek 2 жыл бұрын

HELLL YEAH DUDE

@noahhastings6145 Жыл бұрын

Oh this kid! Neat!

@hwhw4414 Жыл бұрын

Art... get it

@amahlaka 2 жыл бұрын

Legend

@mittfh Жыл бұрын

The phrase "Security holes" is woefully insufficient for the IT systems at that District - more like a Grand Canyon sized chasm! Hopefully the administration server (timetables, assessments, staff and student contact details etc) had at least a modicum of security and regular backups to external media, otherwise someone with malicious intent could have wreaked havoc; and the District have now improved the security of *EVERYTHING* connecting to their network...

@randominternetbro6562 2 жыл бұрын

Yeah I hacked the school security cameras at my school and wrote up documentation for how to fix everything just for fun. I didn't even screw around with anything. Turns out some moron other student saw what I was doing and stole *my* access, before screwing up all the cameras, setting all of their hostnames to slurs, and leaving all of their connections and logs out in the open. When I saw these log files, I just downloaded them and, a week later, when IT finally noticed and they called me in, I handed them over to the administration on a flash drive. They threatened me with expulsion and criminal charges, so I just gave them all of my documentation, log files, etc on that drive. I can't believe they actually trusted that I put the files all on there. I should've given them my BadUSB and taken everything hahaha

@AtmosPres Жыл бұрын

I would’ve done this by now if our school actually had a proper network, right now I can only hack into the TVs one at a time with permission.

@Bros112 Жыл бұрын

❤

@pesoen Жыл бұрын

i stopped giving them hints, tips and tricks, and have just begun scanning networks as soon as i access them. every time i give them a hint on how to secure something i found, i would just receive back a "thanks, we will look into this as soon as possible" and nothing would happen. i even exploited some stuff once to get them to see that it was an issue, and still no response, other than locking the user i was logged in as out of the network(had been sick for a month straight, so i doubted he would come back anyway, and he used a macbook, so not a real nerd anyway) now i just passively gather what i can, see what i can do with it, and just have fun from time to time, slowly turning more and more grey hat since nothing is done with the info they are given. i even had access to a payment system at one time, and changed all prices in the machines to around 5 cents instead of the couple dollars each item cost, and made all known barcodes read as 2 cents(since some items had a barcode, and there was a list of barcodes for food) and even then, they did not lock the entryway(despite being told EXACTLY what i did to gain access) or even punish anyone.. an it guy was around talking about the importance of security, but i almost slept through it since they obviously don't care about it, but do care about pretending to care. Wish i could have done something like this though.. would have been great fun.