SlideShare a Scribd company logo

Security B Sides Puerto Rico - Weaponizing your Drone

Download as PPTX, PDF
Jose L. Quiñones-Borrero
Jose L. Quiñones-Borrero

There is a lot of talk of how drones are bad for privacy, things can get really interesting when you combine your Xcopter with WiFi, air traffic control, video cameras and can actually become a remote controlled turret. Interesting or scary, you decide.

Technology
1 of 23
Drone Wars How to weaponize your drone Jose L. Quiñones, BS MCSA, RHCSA, CEHv8, GPEN, GCIH
About me • UPR School of Medicine – IT Director • Obsidis Consortia, Inc. – President • Security BSides Puerto Rico – Organizer • Init6 - InfoSecurity User Group – Founder & Mentor • Technical Instructor - “The Cleaner” • Information Security Council - “Jedi Master”
What’s a UAV, UAS, MAVS …“Drone”? • Unmanned aerial vehicles (UAVS), also known as drones, are aircraft either controlled by ‘pilots’ from the ground or increasingly, autonomously following a pre-programmed mission. • While there are dozens of different types of drones, they basically fall into categories like: • those that are used for reconnaissance and surveillance purposes • those that are armed with missiles and bombs. • those created by the model aircraft community just for fun • those used for commercial, experimental or special purposes https://www.faa.gov/uas/
These are not the drones your are looking for …
Yep, this is it!
Parts of a Drone • Frame • Flight Controller • Power Distribution • Electronic Speed Controllers (ESC) • Motors • Propellers • FPV receiver/transmitter • RC receiver/transmitter
Flight Controllers • Multi-Wii • Based on Wii controller electronics, hard to setup but reliable. Configuration software is just a bunch of sketches, and its really cheap. Has wide support for multiple peripherals • APM • 8-bit old architecture, hard to setup but reliable. Open source solid software (ArduCopter), really cheap. Supports bi-copter configuration (Avatar) • CC3D • 32 bit architecture, open source software (open pilot), and cheap. You have to know how to fly. • PixHawk • 32-bit, the evolution of the APM, Open source software (PX4), not for beginners. Numerous options but expensive • Naza m v2 /Lite • 32-bit, proprietary software, easy to set up and super stable. Limited options and expensive
RC Controller (9x) • Models • Turnigy, FlySky, FrySky • Channels • 6-9 minimum • Standard transmitter/receiver • 2.4 Ghz • +/- 1 mile range • Long Range • UHF multi kilometer range
FAA Rules of Engagement • Always fly below 400 feet • If you are 5 miles from an airport notify the tower • Do not intentionally fly over unprotected persons or moving vehicles, and remain at least 25 feet away • Must have clear vision of your aircraft at all times • Do not fly near or over sensitive infrastructure • Follow AMA’s safety guideline and privacy policy
… It will crash
Vulnerabilities • Drone Jacking • 3DR (915Mhz ) radio telemetry can be intercepted and hijacked • http://samy.pl/skyjack/ • Hak5 Hacking Drones • https://www.youtube.com/watch?v=xKfY0PmKDRE • DoS • Parrot AR /Phantom and other Wi-Fi enabled drones can be “pwn-down” • 2.4 Ghz Jamming is possible • Surveillance • 5.8 Ghz video can be intercepted
Digital Video • Cameras • GoPro / SJ4000 • SLR • Accessories • 3D Gimbal • Video Transmitter (5.8 Ghz) • goggles or monitor
Wireless Tech • Wi-Fi hardware • Wi-Fi Pineapple Mark IV, V • Alfa Networks AWUS036XXX • High gain antennas (7, 9, 11, 27dbi) • Blue tooth • Ubertooth One • SENA UD100 Industrial Bluetooth USB Adapter • SDR-RTL • DVB-T TV tuner dongle based on the RTL2832U chipset • Other RF tools • 915Mhz 3DR telemetry receiver • 5.8 Ghz video receiver
ARM Dev board • Raspberry Pi • Cubieboard • Arduino • Neo GPS Dev board comparison: http://codefidelio.org/?p=842
Electronics • DC-to-DC voltage converter • Convert 3s/4s battery voltage to usable level 5V (DevBoard) - 12V (Pineapple) • Power cables • Draw power from power distribution unit directly to Pineapple and DevBoard • DC filter • Motors might introduce noise in the DC current making it unstable for some applications. • Lots of Velcro & Tie wraps • Just keeping things together
Calling back using the cloud • Setup key exchange for SSH auth on all devices • ssh-keygen • ssh-copy-id root@pivot1.codefidelio.org • Use reverse SSH tunnel using 3G modem • ssh –R 8443:localhost:22 root@pivot1.codefidelio.org • Connect to my Linux VPS (Digital Ocean Droplet) • ssh root@pivot1.codefidelio.org • Connect to flying Drone thru the reverse connection to monitor or execute custom attacks • ssh localhost –p 8443
Call back script
Make it a mission
It all about location, location, location • Wigle.net API • Uses ESSID • https://wigle.net/wiki/index.cgi?API • Google Maps API • https://developers.google.com/maps/ • Hubert’s iSniff-GPS • Apple private API uses BSSID • https://github.com/hubert3/iSniff-GPS • Larry Pesce’s loc-nogps • https://github.com/haxorthematrix/loc-nogps
If it fits - it sniffs: Adventures in WarShipping Larry Pesce Derbycon 2014 http://www.irongeek.com/i.php?page=videos/derbycon4/t104-if-it-fits-it-sniffs-adventures-in-warshipping-larry-pesce
Thanks! http://codefidelio.org @josequinones

Recommended

Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your Business
Jose L. Quiñones-Borrero
 
XG Firewall
XG FirewallXG Firewall
XG Firewall
DeServ - Tecnologia e Servços
 
Spikes Security Isla Isolation
Spikes Security Isla IsolationSpikes Security Isla Isolation
Spikes Security Isla Isolation
Cybryx
 
Avira Antivirus Pro for Android
Avira Antivirus Pro for AndroidAvira Antivirus Pro for Android
Avira Antivirus Pro for Android
Cheer Chain Enterprise Co., Ltd.
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings
Sophos
 
Sophos Utm Presentation 2016
Sophos Utm Presentation 2016Sophos Utm Presentation 2016
Sophos Utm Presentation 2016
InformatikaFortuno
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report Presentation
Sophos
 
Sandboxing
SandboxingSandboxing
Sandboxing
Lan & Wan Solutions
 

Recommended

Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your Business
Jose L. Quiñones-Borrero
 
XG Firewall
XG FirewallXG Firewall
XG Firewall
DeServ - Tecnologia e Servços
 
Spikes Security Isla Isolation
Spikes Security Isla IsolationSpikes Security Isla Isolation
Spikes Security Isla Isolation
Cybryx
 
Avira Antivirus Pro for Android
Avira Antivirus Pro for AndroidAvira Antivirus Pro for Android
Avira Antivirus Pro for Android
Cheer Chain Enterprise Co., Ltd.
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings
Sophos
 
Sophos Utm Presentation 2016
Sophos Utm Presentation 2016Sophos Utm Presentation 2016
Sophos Utm Presentation 2016
InformatikaFortuno
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report Presentation
Sophos
 
Sandboxing
SandboxingSandboxing
Sandboxing
Lan & Wan Solutions
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI Catcher
Shakacon
 
Unauthorized Wireless Network Connections
Unauthorized Wireless Network ConnectionsUnauthorized Wireless Network Connections
Unauthorized Wireless Network Connections
John Rhoton
 
Video IQ in a Nutshell
Video IQ in a NutshellVideo IQ in a Nutshell
Video IQ in a NutshellPieter Cloete
 
Michael jarmark internet security basics
Michael jarmark internet security basicsMichael jarmark internet security basics
Michael jarmark internet security basics
MichaelJarmark_
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
Sophos Benelux
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
Invincea, Inc.
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleDavid Fuchs
 
Watch guard solution
Watch guard solutionWatch guard solution
Watch guard solution
laonap166
 
DC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthDC970 Presents: Defense in Depth
DC970 Presents: Defense in Depth
IceQUICK
 
Mickey pacsec2016_final
Mickey pacsec2016_finalMickey pacsec2016_final
Mickey pacsec2016_final
PacSecJP
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
Quick Heal Technologies Ltd.
 
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security ThreatsBank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Michelle Morgan-Nelsen
 
Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser Protection
Giovanni Giovannelli
 
Ce hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internetCe hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internet
Vi Tính Hoàng Nam
 
Avast Antivirus
Avast AntivirusAvast Antivirus
Avast Antivirus
Mizamk
 
Sandbox
SandboxSandbox
Sandbox
ayush_nitt
 
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
BeyondTrust
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014
Sophos Benelux
 
Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar
Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar
Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar
Fpweb
 
Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012dvanwyk30
 
25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud
shira koper
 
SDR Basestation with Raspberry Pi
SDR Basestation with Raspberry PiSDR Basestation with Raspberry Pi
SDR Basestation with Raspberry Pi
Jonathan Singer
 

More Related Content

What's hot

WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI Catcher
Shakacon
 
Unauthorized Wireless Network Connections
Unauthorized Wireless Network ConnectionsUnauthorized Wireless Network Connections
Unauthorized Wireless Network Connections
John Rhoton
 
Video IQ in a Nutshell
Video IQ in a NutshellVideo IQ in a Nutshell
Video IQ in a NutshellPieter Cloete
 
Michael jarmark internet security basics
Michael jarmark internet security basicsMichael jarmark internet security basics
Michael jarmark internet security basics
MichaelJarmark_
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
Sophos Benelux
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
Invincea, Inc.
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleDavid Fuchs
 
Watch guard solution
Watch guard solutionWatch guard solution
Watch guard solution
laonap166
 
DC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthDC970 Presents: Defense in Depth
DC970 Presents: Defense in Depth
IceQUICK
 
Mickey pacsec2016_final
Mickey pacsec2016_finalMickey pacsec2016_final
Mickey pacsec2016_final
PacSecJP
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
Quick Heal Technologies Ltd.
 
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security ThreatsBank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Michelle Morgan-Nelsen
 
Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser Protection
Giovanni Giovannelli
 
Ce hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internetCe hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internet
Vi Tính Hoàng Nam
 
Avast Antivirus
Avast AntivirusAvast Antivirus
Avast Antivirus
Mizamk
 
Sandbox
SandboxSandbox
Sandbox
ayush_nitt
 
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
BeyondTrust
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014
Sophos Benelux
 
Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar
Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar
Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar
Fpweb
 
Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012dvanwyk30
 

What's hot (20)

WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI Catcher
 
Unauthorized Wireless Network Connections
Unauthorized Wireless Network ConnectionsUnauthorized Wireless Network Connections
Unauthorized Wireless Network Connections
 
Video IQ in a Nutshell
Video IQ in a NutshellVideo IQ in a Nutshell
Video IQ in a Nutshell
 
Michael jarmark internet security basics
Michael jarmark internet security basicsMichael jarmark internet security basics
Michael jarmark internet security basics
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made Simple
 
Watch guard solution
Watch guard solutionWatch guard solution
Watch guard solution
 
DC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthDC970 Presents: Defense in Depth
DC970 Presents: Defense in Depth
 
Mickey pacsec2016_final
Mickey pacsec2016_finalMickey pacsec2016_final
Mickey pacsec2016_final
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
 
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security ThreatsBank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
 
Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser Protection
 
Ce hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internetCe hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internet
 
Avast Antivirus
Avast AntivirusAvast Antivirus
Avast Antivirus
 
Sandbox
SandboxSandbox
Sandbox
 
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014
 
Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar
Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar
Protect Your Infrastructure: Basics of Cloud Security | Fpwebinar
 
Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012
 

Similar to Security B Sides Puerto Rico - Weaponizing your Drone

25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud
shira koper
 
SDR Basestation with Raspberry Pi
SDR Basestation with Raspberry PiSDR Basestation with Raspberry Pi
SDR Basestation with Raspberry Pi
Jonathan Singer
 
RFID Security Module
RFID Security ModuleRFID Security Module
RFID Security Module
cgvwzq
 
Towards An Open Instrumentation Platform: Getting The Most From MAVLink, Ardu...
Towards An Open Instrumentation Platform: Getting The Most From MAVLink, Ardu...Towards An Open Instrumentation Platform: Getting The Most From MAVLink, Ardu...
Towards An Open Instrumentation Platform: Getting The Most From MAVLink, Ardu...
Steve Arnold
 
2017 - LISA - LinkedIn's Distributed Firewall (DFW)
2017 - LISA - LinkedIn's Distributed Firewall (DFW)2017 - LISA - LinkedIn's Distributed Firewall (DFW)
2017 - LISA - LinkedIn's Distributed Firewall (DFW)
Mike Svoboda
 
Making and breaking security in embedded devices
Making and breaking security in embedded devicesMaking and breaking security in embedded devices
Making and breaking security in embedded devices
Yashin Mehaboobe
 
Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery:...
Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery:...Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery:...
Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery:...
SolarWinds
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
LF Events
 
Presentation VigilSiteSafe_2015_Final_v1
Presentation VigilSiteSafe_2015_Final_v1Presentation VigilSiteSafe_2015_Final_v1
Presentation VigilSiteSafe_2015_Final_v1Nabeel Khan
 
NEXUS 800 LiDAR UAV powered by HYPACK
NEXUS 800 LiDAR UAV powered by HYPACKNEXUS 800 LiDAR UAV powered by HYPACK
NEXUS 800 LiDAR UAV powered by HYPACK
Vitad Pradith
 
"Click here" to build your UAV
"Click here" to build your UAV"Click here" to build your UAV
"Click here" to build your UAV
Dirk Gorissen
 
DEF CON 27 - XIAOHUIHUI - all the 4g modules could be hacked
DEF CON 27 - XIAOHUIHUI - all the 4g modules could be hackedDEF CON 27 - XIAOHUIHUI - all the 4g modules could be hacked
DEF CON 27 - XIAOHUIHUI - all the 4g modules could be hacked
Felipe Prado
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014Brian Knopf
 
Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
DefCamp
 
Demystifying Wireless Security Using Open Source Options
Demystifying Wireless Security Using Open Source OptionsDemystifying Wireless Security Using Open Source Options
Demystifying Wireless Security Using Open Source Options
Michele Chubirka
 
CODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONG
CODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONGCODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONG
CODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONG
CODE BLUE
 
SigfoxMakersDay Total
SigfoxMakersDay TotalSigfoxMakersDay Total
SigfoxMakersDay Total
Aurelien Lequertier
 
HiPEAC 2019 Workshop - Hardware Starter Kit Agri
HiPEAC 2019 Workshop - Hardware Starter Kit Agri HiPEAC 2019 Workshop - Hardware Starter Kit Agri
HiPEAC 2019 Workshop - Hardware Starter Kit Agri
Tulipp. Eu
 
Emerging tech track kovar-david-forensics-kovar
Emerging tech track kovar-david-forensics-kovarEmerging tech track kovar-david-forensics-kovar
Emerging tech track kovar-david-forensics-kovar
ISSA LA
 
Track 2 session 4 - st dev con 2016 - opensoftwarex
Track 2 session 4 - st dev con 2016 - opensoftwarexTrack 2 session 4 - st dev con 2016 - opensoftwarex
Track 2 session 4 - st dev con 2016 - opensoftwarex
ST_World
 

Similar to Security B Sides Puerto Rico - Weaponizing your Drone (20)

25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud25 years of firewalls and network filtering - From antiquity to the cloud
25 years of firewalls and network filtering - From antiquity to the cloud
 
SDR Basestation with Raspberry Pi
SDR Basestation with Raspberry PiSDR Basestation with Raspberry Pi
SDR Basestation with Raspberry Pi
 
RFID Security Module
RFID Security ModuleRFID Security Module
RFID Security Module
 
Towards An Open Instrumentation Platform: Getting The Most From MAVLink, Ardu...
Towards An Open Instrumentation Platform: Getting The Most From MAVLink, Ardu...Towards An Open Instrumentation Platform: Getting The Most From MAVLink, Ardu...
Towards An Open Instrumentation Platform: Getting The Most From MAVLink, Ardu...
 
2017 - LISA - LinkedIn's Distributed Firewall (DFW)
2017 - LISA - LinkedIn's Distributed Firewall (DFW)2017 - LISA - LinkedIn's Distributed Firewall (DFW)
2017 - LISA - LinkedIn's Distributed Firewall (DFW)
 
Making and breaking security in embedded devices
Making and breaking security in embedded devicesMaking and breaking security in embedded devices
Making and breaking security in embedded devices
 
Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery:...
Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery:...Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery:...
Q42015 SolarWinds Federal SE Webinar - Best Practices for IT Asset Discovery:...
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
Presentation VigilSiteSafe_2015_Final_v1
Presentation VigilSiteSafe_2015_Final_v1Presentation VigilSiteSafe_2015_Final_v1
Presentation VigilSiteSafe_2015_Final_v1
 
NEXUS 800 LiDAR UAV powered by HYPACK
NEXUS 800 LiDAR UAV powered by HYPACKNEXUS 800 LiDAR UAV powered by HYPACK
NEXUS 800 LiDAR UAV powered by HYPACK
 
"Click here" to build your UAV
"Click here" to build your UAV"Click here" to build your UAV
"Click here" to build your UAV
 
DEF CON 27 - XIAOHUIHUI - all the 4g modules could be hacked
DEF CON 27 - XIAOHUIHUI - all the 4g modules could be hackedDEF CON 27 - XIAOHUIHUI - all the 4g modules could be hacked
DEF CON 27 - XIAOHUIHUI - all the 4g modules could be hacked
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
 
Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
 
Demystifying Wireless Security Using Open Source Options
Demystifying Wireless Security Using Open Source OptionsDemystifying Wireless Security Using Open Source Options
Demystifying Wireless Security Using Open Source Options
 
CODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONG
CODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONGCODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONG
CODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONG
 
SigfoxMakersDay Total
SigfoxMakersDay TotalSigfoxMakersDay Total
SigfoxMakersDay Total
 
HiPEAC 2019 Workshop - Hardware Starter Kit Agri
HiPEAC 2019 Workshop - Hardware Starter Kit Agri HiPEAC 2019 Workshop - Hardware Starter Kit Agri
HiPEAC 2019 Workshop - Hardware Starter Kit Agri
 
Emerging tech track kovar-david-forensics-kovar
Emerging tech track kovar-david-forensics-kovarEmerging tech track kovar-david-forensics-kovar
Emerging tech track kovar-david-forensics-kovar
 
Track 2 session 4 - st dev con 2016 - opensoftwarex
Track 2 session 4 - st dev con 2016 - opensoftwarexTrack 2 session 4 - st dev con 2016 - opensoftwarex
Track 2 session 4 - st dev con 2016 - opensoftwarex
 

More from Jose L. Quiñones-Borrero

Hacking blockchain
Hacking blockchainHacking blockchain
Hacking blockchain
Jose L. Quiñones-Borrero
 
Application Security: What do we need to know?
Application Security: What do we need to know?Application Security: What do we need to know?
Application Security: What do we need to know?
Jose L. Quiñones-Borrero
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
Jose L. Quiñones-Borrero
 
Weaponization of IoT
Weaponization of IoTWeaponization of IoT
Weaponization of IoT
Jose L. Quiñones-Borrero
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and Countermeasures
Jose L. Quiñones-Borrero
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
Jose L. Quiñones-Borrero
 
InfoSec Gamification
InfoSec GamificationInfoSec Gamification
InfoSec Gamification
Jose L. Quiñones-Borrero
 
Privacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August MeetingPrivacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August Meeting
Jose L. Quiñones-Borrero
 
Pivoting Networks - CSSIG Presentation
Pivoting Networks - CSSIG PresentationPivoting Networks - CSSIG Presentation
Pivoting Networks - CSSIG Presentation
Jose L. Quiñones-Borrero
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR Chapter
Jose L. Quiñones-Borrero
 
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Jose L. Quiñones-Borrero
 
Security and Compliance Panel at the PR TechSummit 2013
Security and Compliance Panel at the PR TechSummit 2013Security and Compliance Panel at the PR TechSummit 2013
Security and Compliance Panel at the PR TechSummit 2013
Jose L. Quiñones-Borrero
 
InfoSec professional advice to university students
InfoSec professional advice to university students InfoSec professional advice to university students
InfoSec professional advice to university students
Jose L. Quiñones-Borrero
 
BYOD presentation Init 6 + ISSA PR Chapter joint meeting
BYOD presentation Init 6 + ISSA PR Chapter joint meetingBYOD presentation Init 6 + ISSA PR Chapter joint meeting
BYOD presentation Init 6 + ISSA PR Chapter joint meeting
Jose L. Quiñones-Borrero
 

More from Jose L. Quiñones-Borrero (14)

Hacking blockchain
Hacking blockchainHacking blockchain
Hacking blockchain
 
Application Security: What do we need to know?
Application Security: What do we need to know?Application Security: What do we need to know?
Application Security: What do we need to know?
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
 
Weaponization of IoT
Weaponization of IoTWeaponization of IoT
Weaponization of IoT
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and Countermeasures
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
 
InfoSec Gamification
InfoSec GamificationInfoSec Gamification
InfoSec Gamification
 
Privacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August MeetingPrivacy on the Internet - Init6 InfoSec August Meeting
Privacy on the Internet - Init6 InfoSec August Meeting
 
Pivoting Networks - CSSIG Presentation
Pivoting Networks - CSSIG PresentationPivoting Networks - CSSIG Presentation
Pivoting Networks - CSSIG Presentation
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR Chapter
 
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
Linux for Security Professionals (Tips and Tricks) - Init 6 10/2012
 
Security and Compliance Panel at the PR TechSummit 2013
Security and Compliance Panel at the PR TechSummit 2013Security and Compliance Panel at the PR TechSummit 2013
Security and Compliance Panel at the PR TechSummit 2013
 
InfoSec professional advice to university students
InfoSec professional advice to university students InfoSec professional advice to university students
InfoSec professional advice to university students
 
BYOD presentation Init 6 + ISSA PR Chapter joint meeting
BYOD presentation Init 6 + ISSA PR Chapter joint meetingBYOD presentation Init 6 + ISSA PR Chapter joint meeting
BYOD presentation Init 6 + ISSA PR Chapter joint meeting
 

Recently uploaded

Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 

Recently uploaded (20)

Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 

Security B Sides Puerto Rico - Weaponizing your Drone

  • 1. Drone Wars How to weaponize your drone Jose L. Quiñones, BS MCSA, RHCSA, CEHv8, GPEN, GCIH
  • 2. About me • UPR School of Medicine – IT Director • Obsidis Consortia, Inc. – President • Security BSides Puerto Rico – Organizer • Init6 - InfoSecurity User Group – Founder & Mentor • Technical Instructor - “The Cleaner” • Information Security Council - “Jedi Master”
  • 3. What’s a UAV, UAS, MAVS …“Drone”? • Unmanned aerial vehicles (UAVS), also known as drones, are aircraft either controlled by ‘pilots’ from the ground or increasingly, autonomously following a pre-programmed mission. • While there are dozens of different types of drones, they basically fall into categories like: • those that are used for reconnaissance and surveillance purposes • those that are armed with missiles and bombs. • those created by the model aircraft community just for fun • those used for commercial, experimental or special purposes https://www.faa.gov/uas/
  • 4. These are not the drones your are looking for …
  • 6. Parts of a Drone • Frame • Flight Controller • Power Distribution • Electronic Speed Controllers (ESC) • Motors • Propellers • FPV receiver/transmitter • RC receiver/transmitter
  • 7. Flight Controllers • Multi-Wii • Based on Wii controller electronics, hard to setup but reliable. Configuration software is just a bunch of sketches, and its really cheap. Has wide support for multiple peripherals • APM • 8-bit old architecture, hard to setup but reliable. Open source solid software (ArduCopter), really cheap. Supports bi-copter configuration (Avatar) • CC3D • 32 bit architecture, open source software (open pilot), and cheap. You have to know how to fly. • PixHawk • 32-bit, the evolution of the APM, Open source software (PX4), not for beginners. Numerous options but expensive • Naza m v2 /Lite • 32-bit, proprietary software, easy to set up and super stable. Limited options and expensive
  • 8. RC Controller (9x) • Models • Turnigy, FlySky, FrySky • Channels • 6-9 minimum • Standard transmitter/receiver • 2.4 Ghz • +/- 1 mile range • Long Range • UHF multi kilometer range
  • 9. FAA Rules of Engagement • Always fly below 400 feet • If you are 5 miles from an airport notify the tower • Do not intentionally fly over unprotected persons or moving vehicles, and remain at least 25 feet away • Must have clear vision of your aircraft at all times • Do not fly near or over sensitive infrastructure • Follow AMA’s safety guideline and privacy policy
  • 10. … It will crash
  • 11. Vulnerabilities • Drone Jacking • 3DR (915Mhz ) radio telemetry can be intercepted and hijacked • http://samy.pl/skyjack/ • Hak5 Hacking Drones • https://www.youtube.com/watch?v=xKfY0PmKDRE • DoS • Parrot AR /Phantom and other Wi-Fi enabled drones can be “pwn-down” • 2.4 Ghz Jamming is possible • Surveillance • 5.8 Ghz video can be intercepted
  • 12.
  • 13.
  • 14. Digital Video • Cameras • GoPro / SJ4000 • SLR • Accessories • 3D Gimbal • Video Transmitter (5.8 Ghz) • goggles or monitor
  • 15. Wireless Tech • Wi-Fi hardware • Wi-Fi Pineapple Mark IV, V • Alfa Networks AWUS036XXX • High gain antennas (7, 9, 11, 27dbi) • Blue tooth • Ubertooth One • SENA UD100 Industrial Bluetooth USB Adapter • SDR-RTL • DVB-T TV tuner dongle based on the RTL2832U chipset • Other RF tools • 915Mhz 3DR telemetry receiver • 5.8 Ghz video receiver
  • 16. ARM Dev board • Raspberry Pi • Cubieboard • Arduino • Neo GPS Dev board comparison: http://codefidelio.org/?p=842
  • 17. Electronics • DC-to-DC voltage converter • Convert 3s/4s battery voltage to usable level 5V (DevBoard) - 12V (Pineapple) • Power cables • Draw power from power distribution unit directly to Pineapple and DevBoard • DC filter • Motors might introduce noise in the DC current making it unstable for some applications. • Lots of Velcro & Tie wraps • Just keeping things together
  • 18. Calling back using the cloud • Setup key exchange for SSH auth on all devices • ssh-keygen • ssh-copy-id root@pivot1.codefidelio.org • Use reverse SSH tunnel using 3G modem • ssh –R 8443:localhost:22 root@pivot1.codefidelio.org • Connect to my Linux VPS (Digital Ocean Droplet) • ssh root@pivot1.codefidelio.org • Connect to flying Drone thru the reverse connection to monitor or execute custom attacks • ssh localhost –p 8443
  • 20. Make it a mission
  • 21. It all about location, location, location • Wigle.net API • Uses ESSID • https://wigle.net/wiki/index.cgi?API • Google Maps API • https://developers.google.com/maps/ • Hubert’s iSniff-GPS • Apple private API uses BSSID • https://github.com/hubert3/iSniff-GPS • Larry Pesce’s loc-nogps • https://github.com/haxorthematrix/loc-nogps
  • 22. If it fits - it sniffs: Adventures in WarShipping Larry Pesce Derbycon 2014 http://www.irongeek.com/i.php?page=videos/derbycon4/t104-if-it-fits-it-sniffs-adventures-in-warshipping-larry-pesce