I remember reading somewhere on this forum that a rooted Chromecast in this condition (looking for a home) can be made to show the SSID and Passphrase of the owner who originally set it up if someone knows where to look. Am I correct in this or am I having a senior moment
Yes, this is true and Team-Eureka has it on their radar - once the web panel is secured, it will be as much of an issue as it is with other rooted Android devices.
FWIW, you can get the WiFi credentials in plaintext from the same file on my rooted Android phone, so likely the core problem of the credentials being stored in plaintext is inherent in Android itself.
The trouble with Chromecast is that it
automatically makes itself available as an unsecured WiFi AP for setup.
Which is OK except for the fact that rooted firmware enable ADB/SSH/Telnet by default.
Which is also OK except for the fact that those can be (re)enabled via the Eureka web panel.
Which is OK except for the fact that
anybody can get to the web panel, because
anybody can connect to the Chromecast's unsecure AP.
So any break in the chain would fix things. Functionality-wise securing the web panel is the best solution - it doesn't break any stock functionality and doesn't remove any added functionality.
If the above is true will a stock Chromecast do the same thing (show critical information)?
No, because there isn't ADB, SSH or Telnet access to browse the filesystem.
Even if there was ADB/SSH/Telnet or some other way to browse the filesystem, without root you can't access the supplicant file.
One of my reasons for asking is I am seeing my neighbor's Chromecast and it is apparent he has set it up since it shows his name. Would like to be able to tell him if he is indeed vulnerable.
Your neighbor isn't vulnerable to his/her wireless credentials being let out (unless someone finds another way to hack Chromecast's setup mode). However, someone could easily "hijack" their Chromecast, associate with another network and push random content to it.
If they have HDMI-CEC enabled the hijacker could turn on their and play whatever they wanted to.
It's not really a huge
security risk, but it's an annoyance, as the hijacker would be taking over your neighbor's TV, and they could push undesired content. Overall, the hijacker would probably get bored quickly as they wouldn't see any of the result, unless they're an immediate neighbor or spying on their in some other way.