So the challenge is on par with saying "find a particular unsecured box on the internet". Without per-target research, you don't have a whole lot to go on. You can find tons and tons of targets. But the odds of them being the one you wanted, or even of the type you wanted, are pretty low.

Which isn't to say it's less a threat. But, rather, it's a threat that isn't likely to be casually exploited. Anyone who goes through the trouble of per-target research and exploitation of a number of such targets, isn't likely to pull the trigger for the lulz.

Even a "trial run" of an exploit would be a risk. You'd be inviting scrutiny of the trial machine, including logs at the ISP (and NSA) going back cheney-knows-how-far, and if nothing else, have drawn attention to the very problem you're hoping continues to be ignored.