#sniffing

cyfleye@pod.thing.org

A hacker's view at commercial drone security

WTF DJI, UAV CTF?!

We'll take a look at how #DJI - dominating player for commercial and recreational #drones - builds their #software, specifically from a #security angle.

This talk will discuss DJI #drones, most specifically the DJI #Mini-series; looking at the #hardware, discussing attack angles, up to a full #compromise of a current #drone for custom firmware purposes.

Along the way, we'll look at a lot of security WTFs that allow to pwn these devices. The amount and quality of bugs sometimes feel like you're trapped in a very cool hardware CTF.

We'll go from #sniffing hardware busses, making fun of incorrect usage of #SoC security features over to how DJI consistently and knowingly violates the GPL, into executing custom code on the flight controller and Linux system.

https://mirror.eu.oneandone.net/projects/media.ccc.de/events/camp2023/h264-hd/camp2023-57063-eng-WTF_DJI_UAV_CTF_hd.mp4

#uav #fpv #ccc