Maldrone: Backdoor for Drones.
Features:
Maldrone will get silently installed on a drone.
Interact with with the device drivers and sensors silently.
Lets the bot master controller the drone remotely .
Escape from the Drone owner to Bot master.
Remote surveillance.
Spread to other drones *.
Demo:
In this we would show infecting a drone with Maldrone and expecting a reverse tcp connection from drone. Once connection is established we can interact with the software as well as drivers/sensors of drone directly. There is an existing AR drone pioloting program. Our backdoors kills the autopilot and takes control. The Backdoor is persistent across resets .
For this research we are using Parrot Ar Drone 2.0 and DJI Phantom .Maldrone is developed for AR drone arm linux .
In this demo we will install the drone with Maldrone. Once its installed. The Maldrone will connect back to botmaster and wait for commands. Maldrone can proxy the device driver and sensor communications. Maldrone could interact with the drone communication and proxy data from the drone sensors .
Maldrone would be a good buddy for http://samy.pl/skyjack/ .
Samy's skyjack is an exploit for parrot ardrone . Maldrone is a payload and not and exploit. So once you hack a drone using skyjack or any drone specific vulnerability. You then install Maldrone as a backdoor.
The idea: AR drone Introduction
Ar drone quad-copter contains a 9 degrees-of-freedom (DOF) .
"Degrees Of Freedom" or "DOF" is a number of axis and sensors combined for balancing a plane, a helicopter or a robot.
ref: http://playground.arduino.cc/Main/Wh...9DOF10DOF11DOF
in-ertial measurements unit (IMU)
a) 6 DOF gyroscope and
b) 3 DOF magnetometer.
c) ul-trasound sensor[ used for low altitude measure-ments
d) a pressure sensor [Altitude measurement at all altitudes.
c) a GPS sensor.
The access to these sensor data are made available via serial ports.
The Ar drone has a binary named program.elf which controls the entire drone using these nav-board data. This little program is smart enough to perform auto landing , flight stability and various other AR drone tricks.
Check out this video: https://www.youtube.com/watch?v=IcxBf-kegKo
Is Maldrone the first malware for drones?
Ar Drone also exposes a high level api , and this is open sourced. This would let you control the drone via AT commands. And could program the drone to do pretty much anything. Lot of previous researches and attempts to backdoor drones used this API . This would make the backdoor concept very generic to AR drone.
Features:
Maldrone will get silently installed on a drone.
Interact with with the device drivers and sensors silently.
Lets the bot master controller the drone remotely .
Escape from the Drone owner to Bot master.
Remote surveillance.
Spread to other drones *.
Demo:
In this we would show infecting a drone with Maldrone and expecting a reverse tcp connection from drone. Once connection is established we can interact with the software as well as drivers/sensors of drone directly. There is an existing AR drone pioloting program. Our backdoors kills the autopilot and takes control. The Backdoor is persistent across resets .
For this research we are using Parrot Ar Drone 2.0 and DJI Phantom .Maldrone is developed for AR drone arm linux .
In this demo we will install the drone with Maldrone. Once its installed. The Maldrone will connect back to botmaster and wait for commands. Maldrone can proxy the device driver and sensor communications. Maldrone could interact with the drone communication and proxy data from the drone sensors .
Maldrone would be a good buddy for http://samy.pl/skyjack/ .
Samy's skyjack is an exploit for parrot ardrone . Maldrone is a payload and not and exploit. So once you hack a drone using skyjack or any drone specific vulnerability. You then install Maldrone as a backdoor.
The idea: AR drone Introduction
Ar drone quad-copter contains a 9 degrees-of-freedom (DOF) .
"Degrees Of Freedom" or "DOF" is a number of axis and sensors combined for balancing a plane, a helicopter or a robot.
ref: http://playground.arduino.cc/Main/Wh...9DOF10DOF11DOF
in-ertial measurements unit (IMU)
a) 6 DOF gyroscope and
b) 3 DOF magnetometer.
c) ul-trasound sensor[ used for low altitude measure-ments
d) a pressure sensor [Altitude measurement at all altitudes.
c) a GPS sensor.
The access to these sensor data are made available via serial ports.
The Ar drone has a binary named program.elf which controls the entire drone using these nav-board data. This little program is smart enough to perform auto landing , flight stability and various other AR drone tricks.
Check out this video: https://www.youtube.com/watch?v=IcxBf-kegKo
Is Maldrone the first malware for drones?
Ar Drone also exposes a high level api , and this is open sourced. This would let you control the drone via AT commands. And could program the drone to do pretty much anything. Lot of previous researches and attempts to backdoor drones used this API . This would make the backdoor concept very generic to AR drone.
