back

WTF DJI, UAV CTF?!

A hacker's view at commercial drone security

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration: 00:43:14
Language: English
Abstract: We'll take a look at how DJI - dominating player for commercial and recreational drones - builds their software, specifically from a security angle.

This talk will discuss DJI drones, most specifically the DJI Mini-series; looking at the hardware, discussing attack angles, up to a full compromise of a current drone for custom firmware purposes.

Along the way, we'll look at a lot of security WTFs that allow to pwn these devices. The amount and quality of bugs sometimes feel like you're trapped in a very cool hardware CTF.

We'll go from sniffing hardware busses, making fun of incorrect usage of SoC security features over to how DJI consistently and knowingly violates the GPL, into executing custom code on the flight controller and Linux system.

No description available.

Talk ID: camp2023-57063
Event:: camp2023
Day: 4
Room: Milliways
Start: 4 p.m.
Duration: 00:45:00
Track: Milliways
Type of: Talk
Speaker: Felix Domke
Talk Slug & media link: camp2023-57063-wtf_dji_uav_ctf

English

0.0%

100.0%

Work on this video on Amara!

This talk has a pad for the transcript, please use this instead of the amara editor: Etherpad
Shortcut to the video files: CDN Video Link or YouTube Video Link use this with otranscribe.com

WTF DJI, UAV CTF?!

A hacker's view at commercial drone security

Work on this video on Amara!

Please check: