Amazon's Prime Air announcement last week brought concerns about the use of commercial drones to the fore, but one programmer may have just muddied the waters even more. Notable hacker Samy Kamkar recently modified a Parrot AR.Drone 2 with his custom software, called SkyJack, allowing it to seek out the wireless signals of other UAVs and take control of them, even while in flight.
If his name sounds familiar, that's because Kamkar is the same hacker-turned-legit security researcher that released a worm that took down MySpace back in 2005 and later went on to expose security weaknesses in several major credit cards.
For his latest project, Kamkar rigged a Parrot AR.Drone 2.0 with a Raspberry Pi, a USB battery, and two wireless adapters, before uploading his custom programming. The SkyJack software is designed for Linux devices and runs a few supporting programs in sequence to effectively hijack any drones in the area.
Once activated, one of the wireless adapters will detect any nearby wireless connections in range and identify the ones associated with other UAVs. It then automatically disconnects these drones from their owners through raw packet injection, much like a distributed denial-of-service (DDoS) attack. Meanwhile, the other adapter creates a wireless network of its own and connects to the disabled drones as if it were their original owners'.
After that, the Skyjack's controller will have complete access to these "zombie drones" and can issue Javascript commands to them using just a tablet or laptop. The new owner can individually change their course, adjust their speed, and even view their live video feeds. The SkyJack software can also run off of a desktop computer to snatch any drones that fly within range, but its obviously better suited to a mobile platform.
SkyJack does have its limitations, however, since it can only select targets within a pre-defined range of MAC addresses on an unsecured network. For now, the software can only take control of other Parrot drones, because they all use a block of MAC addresses owned by the manufacturer and have no encryption or authentication in place.
Still, it's not hard to imagine an industrious programmer creating a similar device for more insidious purposes, such as commandeering a delivery drone as part of a high-tech robbery, for instance. If anything, Kamkar's project may highlight the importance of having some solid security in place before retailers like Amazon make delivery-by-drone a reality.
If you're interested in creating your own SkyJack drone, Kamkar has detailed instructions on his website along with the source code, which is freely available for download.
Check out the video below to watch a demonstration of how the SkyJack software can take control of another drone in a matter of seconds.
Source: Samy Kamkar