Jump to content

Hacking a drone


cooper
 Share

Recommended Posts

According to this article some guy was filming a triathlon event using a drone when, according to the drone operator, it was taken over and flown into the back of the head of one of the athletes.

How viable are such attacks? Is the communication channel between the drone and the ground station as open as is suggested here? I can imagine the cheap ones to be limited in that regard, but if you want to get any kind of flying time out of one it tends to hardly qualify as cheap anymore in my book.

Thoughts?

Link to comment
Share on other sites

Very very unlikely on a large drone. small one you can buy at the store use wifi so these are easy to hack but the large one or even small hobby grade one, not the toy you buy at the store, are very difficult to crack because they all use spread specrum, encoding and pairing handshake that occur only at boot.

Hobby and commercial grade drone don't use wifi, toy grade one does, there's many protocol used other than wifi:

- a common one is DSSS, DSM. like bluetooth its spread spectrum on the 2.4 band so a ubertooth could be able to crack it although its not an easy task.

- UHF are getting increasingly popular due to their long distance capability and opensource parts available, I personally use OpenLRSng which is kick ass btw, fully encrypted, spread spectrum. no way to easily hack that although I came up with a scheme where it would be possible to hijack handshake at boot time but that would mean the pilot would never had control and would have noticed it.

- Synthesized AM, pseudo coded, spread spectrum, require a DX in the 70MHz band to do anything meaningful but it would be possible to hijack this one...

Finally, regardless if a hacker can crack the communication channel, a crash would be likely and unlikely at the same time, large drone have failsafe and autopilot system, it will take over control if the com channel become erratic. small one would fall like a brick if you were to send a value out of range... My drone use custom hardware between the flight controller and receiver which mean a hacker would need to know how the data translate or he would send unrecognized command and the flight controller would enter failsafe or autopilot mode.

I suspect a hacker group would target DJI flight controller as they are the most popular one on both large and small scale hobby and commercial grade platform. I have moved away from these as they are expensive and not open source and there is a conspiracy theory that they release firmware with bug to make you crash so they can sell you parts lol

For a large drone with an auto pilot to fall like a brick it would require a motor or power failure, many operator doesn't know their machine well enough to diagnose early sign of failure, the guy said he never crashed in a year, most part on these drone need frequent replacement. I think the guy is simple trying to find a way to not go to jail and blame a hacker instead of taking responsibility. These thing are very dangerous and should not be flown near crowded area at all. Also lot of people assume because they have ore than 4 motor, they have redundancy which is not exactly true, it depend of your flight controler firmware and how much load you carry.

Source: I'm a drone pilot since 3 years, I have 7 multirotor drone, large and small one

madfpv.com fpvquebec.com basement-rc.com

Link to comment
Share on other sites

Like others have said and even us and Sammy have demonstrated, the consumer grade WiFi stuff is (purposefully) hackable.

On the proprietary side even the toys like the Hubsan X4 series use a very basic 12 bit binding sequence. It's easy to have 1 TX takeover another *at RX boot* but once shes airborne there's it's unlikely to switch to another transmitter without a mid flight reboot.

We're working on an upcoming drone series (ofc including the pineapple) and will be using DSM2. I haven't seen any hacks for this protocol (though would love to).

Link to comment
Share on other sites

I haven't seen any hacks for this protocol (though would love to).

Start reading here

Or here where someone's making his own controller, capable of talking to various drone types - C code is included.

Edited by Cooper
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...