3 Likes
#sniffing
A hacker's view at commercial drone security
WTF DJI, UAV CTF?!
We'll take a look at how #DJI - dominating player for commercial and recreational #drones - builds their #software, specifically from a #security angle.
This talk will discuss DJI #drones, most specifically the DJI #Mini-series; looking at the #hardware, discussing attack angles, up to a full #compromise of a current #drone for custom firmware purposes.
Along the way, we'll look at a lot of security WTFs that allow to pwn these devices. The amount and quality of bugs sometimes feel like you're trapped in a very cool hardware CTF.
We'll go from #sniffing hardware busses, making fun of incorrect usage of #SoC security features over to how DJI consistently and knowingly violates the GPL, into executing custom code on the flight controller and Linux system.
One person like that
1 Shares
3 Likes
2 Likes
One person like that
#ThisWeekInSecurity: #Fail2RCE, #TPM #Sniffing, #Fishy #Leaks, and #Decompiling
Fail2ban is a great tool for dynamically blocking IP addresses that show bad behavior, like making repeated login attempts. It was just announced that a vulnerability could allow an attacker to tak…
https://hackaday.com/2021/07/30/this-week-in-security-fail2rce-tpm-sniffing-fishy-leaks-and-decompiling/ #ThisWeekInSecurity
1 Shares