[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Unrevealed Secrets of MAL-Drone

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] Unrevealed Secrets of MAL-Drone
From: jack ana <meeta10x@xxxxxxxxxxxxx>
Date: Fri, 30 Jan 2015 09:38:29 +0000 (UTC)

<body bgcolor="" style=""><pre>MAL-Drone

Some digital-media prints the news &amp; thousands &amp; thousands of 
collectors gathers the news for re-publishing.It seems around 5% of spam can be 
contributed to digital media reprint edition.
Lets examine the Mal-Drone case today from forbes.

http://www.forbes.com/sites/thomasbrewster/2015/01/27/malware-takes-down-drone/ 
 

Google https://www.google.co.in/?gws_rd=ssl#q=Maldrone+rahul+sasi  
About 1,950 results (0.34 seconds) 

In less than 24 hrs around 2k results :) 

Intro:
    
Maldrone: Watch Malware That Wants To Spread Its Wings Kill A Drone Mid-Flight

Hacking is yet again taking to the skies in 2015. An India-based Citrix 
security engineer has just figured out how to hack into a Parrot drone and 
install malware on it. This is, despite what other reports claim, not the first 
time this has been done. But what makes the malware, dubbed Maldrone, different 
is that it is designed to work across drone types.

In his tests, Rahul Sasi tried Maldrone on a Parrot AR, which he knew he could 
exploit thanks to a previously documented attack method. Though he had to be in 
close proximity to the drone, Sasi was able to infect the aircraft with the 
malware, which would act as a link, or proxy, between the flying machine and a 
hacker. Information would then be sent back to the hacker and allow them to 
interact with the drones navigation functions.

In the video below, Sasi hacks the drone, it connects back to his PC giving him 
control over the machines sensors. He then issues a kill command. He could also 
have told the drone to fly wherever he wanted, or use it for remote 
surveillance, Sasi claimed.


SkyJack has done the same thing in 2013 two years back. http://samy.pl/skyjack/ 

Few Questions to Rahul Sasi:

1] Whats basic difference between skyjack &amp; maldrone ? Lets hope maldrone 
is not coded in perl just like skyjack.
2] You are a citrix researcher,whats your &amp; citrix contribution in maldrone 
? Thanks citrix for such stunts.
3] what type of communication protocol does parrot-drone(maldrone) uses like 
C-band data link or a Ku-band satellite ?
4] How did you spoof the Military GPS of the drone or is it civillian GPS.if 
civillian GPS how did you spoof it ?
5] From how much distance can you hijack the drone 1 or 2 yards. will your 
maldrone work beyond 3 yards.
6] Did you use GPU-cuda/rainbow tables to crack encryption.
7] At what frequency Synthetic Aperture Radar Receiver/Transmitter of maldrone 
works ?
8] How did you bypass the following ?
    a] Consistency of navigation inertial measurement unit (IMU) cross-check
    b] Polarization discrimination
    c] Angle-of-arrival discrimination 
9] Apart from toy-drones can you name a single drone where maldrone can be used 
as-is or in modified versions ?
10] Is it possible to convert  maldrone-attack to malcar-attack on remote toy 
cars(RC)?
One last question below
11] IN the adjacent interview[ 
http://www.theregister.co.uk/2015/01/27/malware_backdoor_makes_parrot_ar_drones_squawk/
  ] Rahul sasi said 

 "Sasi spent five months reversing the proprietary AR Drone program.elf and 
developing Maldrone and would over the coming year attempt to hack industrial 
drones." 

How/why did you reverse the program.elf parrot firmware for 5 months if its 
open source,freely to download ??? download link 
https://github.com/ardrone/ardrone

If it took five months to copy/paste open source code then you can guess 
yourself how many decades will it take to reverse-hack closed industrial drones 
firmware.

 Rahul sasi also added: "Once my program kills the actual drone controllers, it 
causes the motors to stop and the drone falls off like a brick," Sasi said.
 "But my backdoor instantly takes control so if the drone is really high in the 
air the motors can start again and Maldrone can prevent it from crashing."
    
See below the hard work of following guys who  have won free fall competition 
in 2011.This free-fall &amp; take auto-control code can be downloaded from 
below. 

At GCER 2011, Dr. David Miller announced that the AR.Drone would be used in a 
fall competition; this became the KIPR Autonomous Aerial Vehicle Contest, in 
which we placed first in December 2011. Our victory was mainly a result of 
custom libraries which we had developed. 
http://files.kipr.org/gcer/2013/proceedings/Rand_Hacking_AR_Drone_1.pdf 

It would be very great of you if you can be little technical in your 
interview.Its very easy to do republish-spam campaign now a days.Its amazing to 
see peoples like sasi can also reverse open-source program.perhaps Citrix 
should start using such rare talent in their products or services.

SkyJack  is primarily a perl application which runs off of a Linux machine, 
runs aircrack-ng in order to get its wifi card into monitor mode, detects all 
wireless networks and clients around, deactivates any clients connected to 
Parrot AR.drones, connects to the now free Parrot AR.Drone as its owner, then 
uses node.js with node-ar-drone to control zombie drones. 

Can we see some great research,someone.



- Guyz Happy Hacking :) We should stop encouraging such script kiddies things 
&amp; should start supporting genuine research.<br /><br /><br /></pre></body>

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] Registration open for Rooted CON 2015
Previous by thread: [FD] Registration open for Rooted CON 2015
Index(es):
- Date
- Thread