You knew this was coming: Hacker figures out how to skyjack drones

It had to happen. A noted hacker now claims he can highjack simple drones and get control of them. Samy Kamkar, a privacy and security researcher perhaps best known for creating the Evercookie, a nearly-impossible-to-delete web browser cookie, says he uses a Parrot AR.Drone 2 to fly in the vicinity of the drone target. This quadcopter, widely available for about $200, looks for the wireless signal that is used to control the target drone, then disconnects the wireless connection and pretends to be the owner.
Dec. 9, 2013
2 min read
Machinedesign Com Sites Machinedesign com Files Uploads 2013 12 Hacker

It had to happen.

A noted hacker now claims he can highjack simple drones and get control of them. Samy Kamkar, a privacy and security researcher perhaps best known for creating the Evercookie, a nearly-impossible-to-delete web browser cookie, says he uses a Parrot AR.Drone 2 to fly in the vicinity of the drone target. This quadcopter, widely available for about $200, looks for the wireless signal that is used to control the target drone, then disconnects the wireless connection and pretends to be the owner.

Machinedesign Com Sites Machinedesign com Files Uploads 2013 12 Hacker
skyjack youtube video

Other components in Kamkar's highjacking system include a Raspberry Pi, a USB battery, and a wireless transmitter. He also uses some freely available hacker software, including a WEP and WPA-PSK key cracking program that can recover keys once enough data packets have been captured. Also used is a program called SkyJack that Kamkar developed himself.

SkyJack also works when grounded as well, no drone is necessary on your end for it to work. You can simply run it from your own Linux machine/Raspberry Pi/laptop/etc. and jack drones straight out of the sky," says Kamkar on his web site.

Kamkar says he wrote SkyJack primarily in Perl. The key cracking program puts the WiFi card into monitor mode, at which point it detects all wireless networks and clients around, deactivates any clients connected to Parrot AR.drones, connects to the now free Parrot AR.Drone as its owner, then uses freeware control software to control the targeted drones.

Kamkar says he detects drones by seeking out any wireless connections from MAC addresses owned by the Parrot company.

Kamkar's scheme works with Parrot drones because these devices actually launch their own wireless network through which the owner connects to the drone. Kamkar's hack takes over by deauthenticating the owner, then connecting back in and exploiting the fact that the wireless connection temporarily went down. Thus, the idea won't work with drones that don't use the same communication scheme or which use encrypted messaging.

About the Author

Lee Teschler

Editor

Leland was Editor-in-Chief of Machine Design. He has 34 years of Service and holds a B.S. Engineering from the University of Michigan, a B.S. Electrical Engineering from the University of Michigan;, and a MBA from Cleveland State University. Prior to joining Penton, Lee worked as a Communications design engineer for the U.S. Government.

Sign up for Machine Design eNewsletters
Get the latest news and updates.

Related

How Hybrid Manufacturing Combines CNC and 3D Printing for Accelerated Product Development
How Thermoset and Thermoplastic Composites Improve Structural Performance
Customizations to Get Standard Motors to Mars
Sponsored
No Access for Bacteria: An Inside Look at maxon's Cleanroom
Sponsored

Voice Your Opinion!

To join the conversation, and become an exclusive member of Machine Design, create an account today!