The Big Rick: How I Rickrolled My High School District and Got Away With It

Presented at DEF CON 30 (2022), Aug. 13, 2022, 3 p.m. (20 minutes)

What happens when you have networked projectors, misconfigured devices, and a bored high school student looking for the perfect senior prank? You get a massive rickroll spanning six high schools and over 11,000 students at one of the largest school districts in suburban Chicago. This talk will go over the coordination required to execute a hack of this scale and the logistics of commanding a botnet of IoT systems. It will also describe the operational security measures taken so that *you* can evade detection, avoid punishment, and successfully walk at graduation.

Presenters:

• Minh Duong - Student at University of Illinois at Urbana-Champaign
  Minh Duong is an undergraduate studying Computer Science at the University of Illinois at Urbana-Champaign. Over the summer, he worked as an application security intern for Trail of Bits, focusing on compositor security and the Wayland protocol. In his free time, he plays CTFs with SIGPwny, UIUC's cybersecurity club. This will be his first time at DEF CON.

Links:

• https://forum.defcon.org/node/241934
• https://infocon.org/cons/DEF CON/DEF CON 30/DEF CON 30 video and slides/DEF CON 30 - Minh Duong - The Big Rick - How I Rickrolled My High School District and Got Away With It.mp4
• https://infocon.org/cons/DEF CON/DEF CON 30/DEF CON 30 video and slides/DEF CON 30 - Minh Duong - The Big Rick - How I Rickrolled My High School District and Got Away With It.srt (subtitles)
• https://www.youtube.com/watch?v=3PAauAy-Fb4

Similar Presentations:

• Still Hacking Anyway (SHA2017) / Responsible Disclosure; How to make your school a safer place.: Story of a 15 year old hacker in collaboration with his school
• ToorCon San Diego 14 (2012) / Building the Next Generation of Computer Security Professionals
• SAINTCON 2019 / Students who Hack (and other Technology Misuses), What the Law Requires, Student Discipline and School Responses