Giving up your Wi-Fi password may give you more control than you think. Because of the way Chromecast and other IoT devices communicate with each other, anyone on the same Wi-Fi network as your device can do what they want. With a script titled "Cast All the Things," we can hijack a Chromecast to play almost any kind of media with a single command in the terminal.
Internet of Things (IoT) devices are known to compromise security, making them particularly easy to attack. A perfect example is the Chromecast, which can be effectively misused by any device on the same local network that knows how to talk to it.
Media devices, such as a Chromecast, are controlled by simple application programming interfaces (APIs) that are controlled by messages from a user's smartphone. These are usually sent to the Chromecast because the user is running a mobile application with an interface to control the device. In most cases, these messages do not require a password to run, so Chromecast responds the same way if you send commands directly-without using the official app.
IoT Devices Use Vulnerable Messages for Communication [1
9659005] IoT devices are everywhere and many of them use lightweight messaging standards such as MQTT to communicate over Wi-Fi. This standard is similar to Twitter for Wi-Fi, short, simple, pre-formatted messages that can be easily transferred between devices on a mesh network. A mesh network allows groups of IoT devices to forward messages to each other, so that all devices are connected to the Internet, even if only one device in the cluster is connected to a Wi-Fi network.
During this communication standard Security is often neglected to facilitate device configuration. For more serious problems, such as hard-coded passwords that can not be changed, botnets are a real threat. Shortcuts when setting up message authentication; The lack of planning for using devices in shared network environments has made IoT security a real problem.
] Everything for Command Line Control
For anyone looking for a scriptable, easy to use If you're looking for an easy-to-install and easy-to-control way to control Chromecast devices, the community has an answer. Cast All The Things provides access to the Chromecast API from the command line so that you are located between the mobile front-end application and the device being controlled. The project was designed to extend the functionality of the Chromecast long ago, where Google is officially comfortable with its support. The project runs on Python and works on almost any operating system.
The use of CATT for a hacker is in its ease of use and scalability. It's not possible to order every Chromecast in a large network to play a video simultaneously with the normal application, as this is not behavior that Google wants to support.
CATT Connects a Single Hacker to a Laptop The same network in a large office could cause hundreds of Chromecasts to simultaneously download and play a distracting video at full volume, creating chaos and confusion at a crucial moment.
CATT can also act as an "out-of-band" or difficult to track to communicate with another person by using Chromecast to broadcast messages. These can be either open, as in subtitles, or obscured, such as repeatedly changing programming for specific topics.
What you need
To follow this guide, you need a computer that has Python installed. In addition, you must be on the same network as the device you are targeting. This can be a Wi-Fi network or an Ethernet network. This will not work on a guest network if the guest network does not allow scanning or communication with other hosts, such as in a Starbucks Wi-Fi network.
You also need a Chromecast device to control the controls. such as Chromecast Ultra or Chromecast (3rd Generation). This works against all Chromecast models because they use the same basic API calls. If you've connected a Chromecast device to the same network as your computer, you can download CATT and all its dependencies.
Chromecast Ultra Available at Amazon | Best Buy | Google | Walmart
Installing CATT is incredibly easy, assuming you have Python installed. If so, just run the following command in a terminal window. You may want to spend some time reading the GitHub page to learn more about how the tool works.
pip install catt
Pip installs all dependencies and configures CATT for you. After the installation is complete, you can type catt –help for a list of all command-line utilities to better understand the script's features. Unfortunately, there is no manual entry for CATT, so the amusing "man catt" command is currently discontinued.
Use: catt [OPTIONS] COMMAND [ARGS] ... options: --delete-cache Empties the Chromecast discovery cache. -d, --device NAME Select the Chromecast device. --help View and exit this message. commands: Add Adds a video to the queue. cast Send a video to a Chromecast for playback. cast_site Turn any website into a Chromecast. ffwd prefilts a video by TIME duration. info Displays complete information about the currently playing video. Pause Pause a video. play Resume a video after it is paused. Restore the Chromecast to its saved state. Rewind Rewind a video at the TIME duration. Save Save the current status of the Chromecast for later use. scan Scan the local network and view all Chromecasts and their IPs. Search Find the video in the TIME position. Skip to the next video in the queue (if available). status Displays some information about the currently playing video. Stops the playback. Volume Adjust the volume to LVL [0-100]. Volume control Decrease the volume by one DELTA increment. volumeup Increase the volume by one DELTA increment. write_config Enter the name of the default Chromecast device in the configuration file.
Step 2: Scanning the Network for Chromecasts
CATT makes it easier for us to scan the network ourselves. While it's possible to perform a Nmap scan over the network, CATT's feature is already set up to detect Chromecast devices on the local network.
You must do this without using CATT Calculate the network range of the network you are in, look for open port 8008 devices, and find out details about the device type. All these things are integrated into CATT. To discover all nearby Chromecasts, you can enter the following command:
Scan Chromecasts ... 192.168.0.91 - Probe Team CIC - Google Inc. Chromecast Ultra
This is where CATT found a device and showed us its IP address, network name and device type. We can use this IP address or the name of the device to indicate which device we want to control if there are more than one.
Because there is only one device on this network, we do not need to specify the following commands because CATT sends them by default:
Step 3: Send an image to the screen
Images such as GIFs pop up Show a Chromecast display very easily. To view the most common image formats, including animated GIFs (looped), you can run the following command:
catt cast ./mygif.gif[196590244TouchPoint4:CastaRemoteYouTubeVideotothescreen
Among a YouTube-like site To cast hosted video, you can run the following command:
catt Cast "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
This tool supports many, many other sites besides video content and there is a list of popular video sites that this tool can support. See the complete list of sites (some of which are quite uncomfortable).
This feature allows you to either host your own videos that you want to play on YouTube and play them with the script or actually stream the file directly from your computer.
Now let's put a message on the media that we transmit from our laptop. This means that we are able to communicate on two levels, with the content of the video being played and with subtitles that are clearly visible during video playback.
For this we need an SRT file that we can run in Nano. In a terminal window, type the following to create a subtitle file:
Then paste the following into the text file. You can change the text, but the dot shows how the format works. Above you have a 0 where it all starts. Then you have a number for each text block, a time code for the duration of the ad, and then the text to be displayed.
0 00: 00: 01.530 -> 00: 00: 03.629 HERE IS A TEXT 1 00: 00: 03.629 -> 00: 00: 07.819 OH WOW LOOK AT THIS GREAT TEXT 2 00: 00: 07,819 -> 00: 00: 08,740 It's so huge and big OH 3 00: 00: 08.740 -> 00: 00: 13.370 SOME MORE SAMPLE TEXT HERE BUT 4 00: 00: 13.370 -> 00: 00: 14.660 there is no need to scream 5 00: 00: 14.660 -> 00: 00: 17.699 Never use Priceline 6 00: 00: 17.699 -> 00: 00: 22.720 More text for testing 7 00: 00: 22.720 -> 00: 00: 26.300 Here is a sample text 8th 00: 00: 26.300 -> 00: 00: 30.000 Please pay me a credit card
When you are finished creating your text file, enter Ctrl-x and then and to save and close the file.
Now, we should have a demo.srt file that should be converted along with a local video. It's easy to fill a local video. Just enter the file path after typing catt cast and the video should play. To specify that subtitles are desired, we add the flag -s . In the following format, replace "/yourvideo.mp4" with the location of your video file.
catt cast -s ./Demo.srt ./yourvideo.mp4[19659023 ... lokale Datei yourvideo.mp4 wird geladen ... Untertitel verwenden /Users/skickar/Desktop/Demo.srt Yourvideo.mp4 auf "Probe Team CIC" spielen ... Um die lokale Datei zu liefern, drücken Sie zum Abschluss die Taste Strg + C. 192.168.0.91 - - [21/Jan/2019 07:00:41] "GET /? Loaded_from_catt HTTP / 1.1" 200 - video / mp4 - 786.90 MB 192.168.0.91 - - [21/Jan/2019 07:00:41] "GET //var/folders/n1/l_2ynlx91lv57t122lq8lkyh0000gn/T/tmpxxljn3ds.vtt HTTP / 1.1" 200 - text / vtt; charset = utf-8 - 1.69 KB
You should see your video and subtitle message play! I changed my sample text a bit before it was played.
If you want to spend less time By specifying different Chromecast devices you can also use aliases set up and add a configuration file. You can create a configuration file by creating a catt.cfg file in the following location:
nano ~ / .config / catt / catt.cfg
You can add devices to this configuration in the following format. Under Options, you can add the default device that you want to use if you do not specify another device when you run Catt.
Under "Aliases", you can assign nicknames to the devices you want to use by using this name when the script runs.
[options] device = chromecast_one [aliases] one = chromecast_one two = chromecast_two
Step 6: Converting a Website to the Screen
Finally, we can throw any website directly onto the screen. The Chromecast captures web sites with a resolution of 1280 x 720 pixels and displays them on the screen. While this is useful for casting existing websites, we can also use it to design our own content, put it in a web interface and then just throw it on the screen!
Sometimes we may want to create something completely wrong and splashing On the screen and by setting up a web URL, we can even host a web server on our own laptop and display what we choose directly on the user interface.
The command that should do this in this example The zero-byte home page is as follows:
catt cast_site https://null-byte.wonderhowto.com
casting https: // null- byte.wonderhowto.com on "Probe Team CIC" ..
This tool is useful for hackers who want to control Chromecast devices they do not own, but it is obviously very useful for anyone who owns a Chromecast. With easy control of Chromecast devices over Wi-Fi, you can set custom triggers to trigger actions on any display with CATT.
Although the techniques used today are focused on local area networks, this also works against any Chromecast device that is also available directly on the Internet. This was demonstrated when hackers found Chromecast devices on Shodan and they played videos supporting PewDiePie. You should never do this. If you've set up port forwarding to allow direct access to Internet of Things (printer, camera, or media player) devices, you can receive a message from a hacker asking you to subscribe to PewDiePie.  I hope you liked this guide to finding and grabbing Chromecast devices! If you have questions about this IoT device tutorial, or if you have a comment, feel free to request it below or via Twitter @KodyKinzie .