funkylicious
-
Posts
4 -
Joined
-
Last visited
Posts posted by funkylicious
-
-
They found a password for the NFZ-Database encyption....
https://github.com/MAVProxyUser/dji.nfzdb/commit/6aa4f34eb5ec835ebfd0cbacff86f29d482c5adb
-
I have the "leaked" decrypted 01.02. firmware with the readable .sh-Scripts but it doesn´t help me much :P
Tried to find out something about the "FTP-path traversal" with the "DotDotPwn"-tool in Kali linux. This would be the key - you can scan the directorys for specific filenames, find out the secret hostname/MAC-Adress in the whitelist-file and boot the mavic in ADB/root-mode....
But this FTP-exploit was patched in the 01.03.0000-Firmware. My bird was already on 01.03.0200. I downgraded to 01.03.0000, but sadly can´t downgrade to anything below this to find out more :( -
Any news on this? Sadly I can´t find any FTP-path traversal vulnerabilitys on android kitkat systems :/
I analyzed the leaked firmware-files, there are "whitelist" hosts (in /data/wm330_debug_whitelist.xml.sig but no access on this)
DJI Configs parser, for FCC and 32 channel and other stuff
in Community Projects
Posted
the location of original „.DJI.configs“-file on jailbroken IOS is here: /var/containers/Bundle/Application/.......(find the folder which contains „DJI GO 4.app) .... / DJIPilotResources.bundle/plist/