2014最新无线hacking目标,树莓派无人机!
本帖最后由 cnhonker 于 2014-1-1 15:26 编辑先上一段国外的黑客所录制的视频:
视频: 极客教你如何劫持无人机
http://v.youku.com/v_show/id_XNjU1MDE4NzI0.html
(PS:权限不够,无法直接引用视频。)
这个项目被作者称为“SkyJack”,需要使用一个Raspberry Pi(树莓派)电路板、一个Parrot AR.Drone四轴飞行器、一块小电池
(可用移动电源)和两个无线传送器(目测一个是8188CUS芯片,另一个应该是我们熟悉的8187L),再辅以他提供的软件,即可轻
松劫持其他无人机。
作者介绍:卡姆卡·萨米(Kamkar Samy)。曾经因为针对MySpace开发萨米蠕虫病毒被捕入狱,2005年10月,当时年仅19岁的Samy Kamkar发起了对MySpace.com的攻击,而他所利用的技术正是Web 2.0网站依赖的AJAX。通过利用MySpace.com中的漏洞,Samy Kamkar的蠕虫在几个小时内就在其作者的好友列表中加入了100万好友,并在每个人的自我简介后边加了一句话:“but most of all, Samy is my hero.”(不过最重要的是,Samy是我的英雄)。
原文:OverviewToday Amazon announced they're planning to use unmanned drones to deliver some packages to customers within five years. Cool! How fun would it be to take over drones, carrying Amazon packages…or take over any other drones, and make them my little zombie drones. Awesome.
Using a Parrot AR.Drone 2, a Raspberry Pi, a USB battery, an Alfa AWUS036H wireless transmitter, aircrack-ng, node-ar-drone, node.js, and my SkyJack software, I developed a drone that flies around, seeks the wireless signal of any other drone in the area, forcefully disconnects the wireless connection of the true owner of the target drone, then authenticates with the target drone pretending to be its owner, then feeds commands to it and all other possessed zombie drones at my will.
SkyJack also works when grounded as well, no drone is necessary on your end for it to work. You can simply run it from your own Linux machine/Raspberry Pi/laptop/etc and jack drones straight out of the sky.
工程环境简介:
SkyJack
SkyJack (available from github) is primarily a perl application which runs off of a Linux machine, runs aircrack-ng in order to get its wifi card into monitor mode, detects all wireless networks and clients around, deactivates any clients connected to Parrot AR.drones, connects to the now free Parrot AR.Drone as its owner, then uses node.js with node-ar-drone to control zombie drones.
I detect drones by seeking out any wireless connections from MAC addresses owned by the Parrot company, which you can find defined in the Registration Authority OUI.
aircrack-ng
I use aircrack-ng to put our wireless device into monitor mode to find our drones and drone owners. I then use aireplay-ng to deauthenticate the true owner of the drone I'm targeting. Once deauthenticated, I can connect as the drone is waiting for its owner to reconnect.
node-ar-drone
I use node-ar-drone to control the newly enslaved drone via Javascript and node.js.
Hardware Parrot AR.Drone 2
The Parrot AR.Drone 2 is the drone that flies around seeking other drones, controlled from an iPhone, iPad or Android, and is also the type of drone SkyJack seeks out in order to control. SkyJack is also capable of seeking out Parrot AR.Drone version 1.
The Parrots actually launch their own wireless network which is how the owner of the drone connects. We take over by deauthenticating the owner, then connecting now that the drone is waiting for its owner to connect back in, exploiting the fact that we destroyed their wireless connection temporarily.
Raspberry Pi
I use a Raspberry Pi to drive the project as it's inexpensive, reasonably light, has USB, and runs Linux.
*Alfa AWUS036H wireless adapter
I use the Alfa AWUS036H wireless card which supports raw packet injection and monitor mode which allow me to deauthenticate users who are legitimately connected to their drones.
Edimax EW-7811Un wireless adapter
I also use the Edimax EW-7811Un wireless USB adapter in order for SkyJack to launch its own network. This allows me to connect to SkyJack from my laptop or iPad and watch all the other drones as they're being controlled.
USB Battery
I suggest any USB battery which is light (under 100 grams), and can output close to an amp (1000mAh). The Raspberry Pi + wifi will likely use about this much juice. You could also possibly hook up three AAA batteries together to get about 4.5V out which would be a bit lighter, though I'm not sure how much current it will be able to output.
一下摘自谷歌翻译(百度翻译就是一渣渣,不信你去试试):
SKYJACK
SKYJACK (可从github上) ,主要是跑了一台Linux机器的一个perl程序,以获取其无线网卡进入监控模式运行的aircrack -ng的,检测周围的所有无线网络和客户端,断开连接Parrot AR.drones(无人机品牌)任何客户端。无人机,连接到现在免费派诺特AR.Drone的是它的主人,然后使用node.js的node-ar-drone(一个实现Parrot AR Drone 2.0所使用的网络协议的开源程序库)控制僵尸无人驾驶飞机。
我通过寻找从MAC地址的Parrot AR.Drone 2拥有的任何无线连接,您可以在注册机构的OUI找到定义检测无人驾驶飞机。
aircrack -ng
我用的aircrack - ng来把我们的无线设备进入监控模式找到我们的无人驾驶飞机和无人驾驶飞机的所有者。然后我用aireplay - ng来deauthenticate我针对无人机的真正所有者。一旦deauthenticated ,我可以连接作为无人机正在等待它的主人重新连接。
Parrot AR.Drone 2
我使用Parrot AR.Drone 2通过Javascript和node.js中,以控制无人机
硬件
无人机
Parrot AR.Drone 2是飞来飞去寻找其他无人驾驶飞机,从iPhone,iPad或Android的控制的无人机,也是SKYJACK寻求出以控制无人机的类型。 SKYJACK也能够寻求Parrot AR.Drone 版本1 。
鹦鹉居然推出自己的无线网络,这是怎么无人机的所有者连接。我们接管了取消鉴定所有者,然后连接现在的无人机正在等待它的主人来接回来,利用这样的事实,我们摧毁了他们的无线连接暂时的。
Raspberry Pi的
我使用的是Raspberry Pi的带动项目,因为它的价格低廉,合理的光,具有USB接口,并运行Linux操作系统。
阿尔法AWUS036H无线适配器
我用它支持原始数据包注入和监控模式,让我deauthenticate谁是合法连接到他们的无人驾驶飞机用户阿尔法AWUS036H无线网卡。
EDIMAX EW - 7811Un无线适配器
我还使用EDIMAX EW - 7811Un无线USB适配器,以便SKYJACK推出自己的网络。这让我可以从我的笔记本电脑或iPad连接到SKYJACK和观看所有其他无人驾驶飞机,因为它们可以被控制。
USB电池
我建议任何USB电池具有重量轻(小于100克),并可以输出接近一个放大器( 1000毫安) 。该Raspberry Pi的+ WIFI很可能会使用这个多果汁。您还可能可能挂接三节AAA电池合力得到约4.5V出来这将是一个有点轻,但我不知道有多少电流将能够输出。
他的博客:http://samy.pl/
附上源码:
设置一个权限。
其他介绍:
SkyJack使用Alfa适配器的监控模式,通过MAC地址来识别其它无人机(这些地址包含了Parrot的供应商标志),然后让真实拥有者的认证失效。这种方法使用了用于攻击无线网络的开源项目Aircrack-ng,根据Aircrack-ng文件显示,一个让认证失效的攻击会发送一个分离包给一个具有特殊访问点的客户端,一旦真实拥有者在目标飞行器上的认证失效,SkyJack就能连接飞行器,假装成无人机所有者,并利用node-ar-drone(一个实现Parrot AR Drone 2.0所使用的网络协议的开源程序库)发送指令。Kamkar在一篇博客中说,配备Raspberry Pi的Parrot飞行器只用于移动攻击,但SkyJack 则可运行于任何Linux电脑劫持无人机。
还在开发中的东西…… 发表出来了,以后可能失效了,不过感谢分享,很有趣的一篇文章。 支持。。。。。。。。。 基地组织有福了。学好了弄几个美军无人机玩玩。 真是太牛B了 路过挣金币 帮顶 学好了弄几个美军无人机玩玩 逆天的节奏 看了一下,晕了 查水表:victory::victory: 貌似很牛逼的样子啊