Metasploit for drones? Best of luck with that, muses veteran tinkerer

Been down this path and it ain't that easy, says man who knows

Black Hat Europe A veteran drone hacker reckons the recent release of the Dronesploit framework won't go down quite as its inventors hope.

Alexandre D'Hondt and Yannick Pasquazzo gave a quick talk about Dronesploit during Black Hat Europe, held in London last week.

The duo aim to produce a Metasploit-style CLI framework tailored for tinkering with everybody's favourite unmanned flying objects. At the moment, they say their framework is able to sniff comms for "Wi-Fi controlled light commercial drones", with plans to include radio-controlled drones and eventually "more complex" craft.

Although their presentation included a DJI-branded Tello drone, these are actually white-label products made by Chinese startup Ryze Robotics with a dollop of DJI branding, as the larger company's online store makes clear.

During their Black Hat presentation, the Dronesploit devs gave a live demonstration of sniffing and deauthenticating WPA2-PSK credentials protecting the command-'n'-control stream for a couple of quadcopters. These were of a type originally marketed by US-based Hobbico, which entered bankruptcy and was liquidated in 2018 – meaning there's no obvious point of contact for reporting discovered vulnerabilities.

Most meaningfully, this means they don't have any immediately actionable exploits for drones made by DJI, which will be what the market wants given DJI's near-total dominance of the worldwide small drone market.

Veteran drone hacker Kevin Finisterre, having taken a poke around the Dronesploit GitHub, told The Register: "If it were me, I'd demo my hot sauce, not my weak sauce. They don't appear to have any actual head busters writing exploits."

This is a wonderful concept as a whole but it needs talent to support it being effective. Not saying these folks lack talent, but they need quite a bit of man muscle to make this viable.

Finisterre added that in his own drone-hacking research, including efforts to build a community around drone hacking, he had seen that it is "difficult to harness the drone community for free/open-source work" and said he'd be surprised if anyone were to donate "any valuable drone exploits that can be monetised".

Clearly it's early days for the Dronesploit devs.

Drone hacking focused on DJI products has a bit of a history. The company uses GitHub and fell foul of the classic "oops that shouldn't be on there" mistake that we've seen penty of times before. It also rolled out a bug bounty programme in 2017, following numerous public vuln disclosures.

While the academic interest in drone hacking is high, the real-world consequences of drone misuse is becoming increasingly hard to ignore. ®

Similar topics

Narrower topics

Other stories you might like

  • Behold this drone-dropping rifle with two-mile range
    Confuses rather than destroys unmanned aerials to better bring back intel, says Ukrainian designer

    What's said to be a Ukrainian-made long-range anti-drone rifle is one of the latest weapons to emerge from Russia's ongoing invasion of its neighbor.

    The Antidron KVS G-6 is manufactured by Kvertus Technology, in the western Ukraine region of Ivano-Frankivsk, whose capital of the same name has twice been subjected to Russian bombings during the war. Like other drone-dropping equipment, we're told it uses radio signals to interrupt control, remotely disabling them, and it reportedly has an impressive 3.5 km (2.17 miles) range.

    "We are not damaging the drone. With communication lost, it just loses coordination and doesn't know where to go. The drone lands where it is jammed, or can be carried away by the wind because it's uncontrollable,"  Kvertus' director of technology Yaroslav Filimonov said. Because the downed drones are unharmed, they give Ukrainian soldiers recovering them a wealth of potential intelligence, he added.  

    Continue reading
  • Nothing says 2022 quite like this remote-controlled machine gun drone
    GNOM is small, but packs a mighty 7.62mm punch

    The latest drone headed to Ukraine's front lines isn't getting there by air. This one powers over rough terrain, armed with a 7.62mm tank machine gun.

    The GNOM (pronounced gnome), designed and built by a company called Temerland, based in Zaporizhzhia, won't be going far either. Next week it's scheduled to begin combat trials in its home city, which sits in southeastern Ukraine and has faced periods of rocket attacks and more since the beginning of the war.

    Measuring just under two feet in length, a couple inches less in width (57cm L х 60cm W x 38cm H), and weighing around 110lbs (50kg), GNOM is small like its namesake. It's also designed to operate quietly, with an all-electric motor that drives its 4x4 wheels. This particular model forgoes stealth in favor of a machine gun, but Temerland said it's quiet enough to "conduct covert surveillance using a circular survey camera on a telescopic mast."

    Continue reading
  • DARPA wants to refuel drones in flight – wirelessly
    Boffin agency seeks help to shoot 100kW through the air with lasers, but contributors don't have long to deliver

    US military researchers are trying to turn in-flight refueling tankers into laser-shooting "airborne energy wells" for charging drones, and they want the public's help to figure out how.

    The Defense Advanced Research Projects Agency (DARPA) published a request for information (RFI) from anyone willing and able to contribute their tech, with a few caveats. It needs to fit on existing in-flight refueling tankers (the newer KC-46 and Cold War-era KC-135, specifically) and be able to deliver 100kW of power.

    Militaries around the world have been using in-flight refueling for decades to extend aircraft patrols and long-range missions. With a history of development stretching back to the 1920s, the practice has since developed into a standard part of operating an air fleet powered by aviation fuel.

    Continue reading

Biting the hand that feeds IT © 1998–2022