back to article Parrot drone pwned (and possibly killed) with Wi-Fi log-in

Lack of security in the Wi-Fi link to the Parrot AR drone allows it to be blown out of the sky by telnetting in and killing the process. Ryan Satterfield, who describes himself as an ethical hacker and runs consultancy Planetzuda.com, explains on his YouTube channel that the Parrot drone hack was demonstrated at DEF CON 23. …

  1. Wommit

    And the problem with killing a drone is?

  2. malle-herbert Silver badge
    Facepalm

    Re : And the problem with killing a drone is?

    Depends on who or whats underneath it when it comes crashing down...

  3. Anonymous Coward
    Anonymous Coward

    Well the person who spent £300 on it might be a bit miffed. They may even go so far as to claim criminal damage, you never know.

  4. Fred Flintstone Gold badge

    Well the person who spent £300 on it might be a bit miffed. They may even go so far as to claim criminal damage, you never know.

    I'd like to see them try - how are you going to prove that it was a hack that killed the thing and not a malfunction? Read the bash log? If you have THAT deep an access you can cook up all sorts of mischief that could be made to zap itself on reboot. You could even make it an intermittent problem so it'll drive you mad trying to fix the hardware.

    How ANYONE in the 21st century can wilfully avoid, no, REMOVE, the most basic access control facilities to use on an unsecured link is a bit beyond me. That is simply irresponsible.

  5. JakeMS Silver badge

    If you're sneaky enough, they'll never know who done it...

  6. TitterYeNot
    Coat

    "And the problem with killing a drone is?"

    The drone isn't killed. It's just pwning for the sward...

    <Groans>

  7. AbelSoul

    Re: Pwning for the sward...

    Pwning for the sward, what kind of talk is that?

    HELLO POLLY!

  8. Anonymous Coward
    Anonymous Coward

    "I'd like to see them try"

    Didn't say they could, was answering why someone would care about a drone being killed.

  9. Chika

    Re: Pwning for the sward...

    Look, it's not pwned, it's idling.

  10. kmac499

    Should have called it Pigeon not Parrot. Everyone knows they home automatically...

  11. JakeMS Silver badge
    Coat

    I bet parrot was spitting feathers when they heard about this!

    Get it? Spitting feathers? parrot? yeah? no.. okay I'll get my coat.

  12. Ian Michael Gumby Silver badge
    Angel

    Robin Williams?

    Sorry, but maybe I'm showing my age, but why do I keep thinking about Robin Williams when he did 'Mork and Mindy' ... "Fly be Free!" ?

    Now there was a comic who could do 45 minutes non stop on this topic without repeating himself.

    RIP

  13. Mint Sauce
  14. lawndart

    says:

    Typing KILL 1 and knocking the drone out is bad enough.

    Whatever you do, don't type KILL THE HUMANS

  15. DropBear Silver badge
    Trollface

    Re: says:

    Are you sure KILL -9 would be better? What if it goes on to revive nine dead people and it brings on the zombie apocalypse?!?

  16. This post has been deleted by its author

  17. Ian Michael Gumby Silver badge
    Devil

    Re: says:

    Uhm...

    Don't you mean kill -9 1 ?

    kill 1 kills the process with the PID of 1. Very polite.

    -9 means that you really want to kill it.... as in "DIE YOU MUTHA-FSCKING RAT PIG ..." well you know how it goes.

    Now going from memory because I'm too fscking lazy to google it... but isn't kill -13 <pid> used to not only kill the process, but all of those evil children the process spawned from Satan?

    Didn't you know the BSD devil imp is really meant as a warning!!!

  18. Florida1920 Silver badge

    Re: lawndart says:

    don't type KILL THE HUMANS

    That might explain why The Reg hasn't heard back from the company.

  19. BlartVersenwaldIII
    Joke

    Re: says:

    > Are you sure KILL -9 would be better?

    Doesn't work in Germany sadly :(

  20. Chris G Silver badge

    Re: lawndart says:

    The Register has contacted Parrot for comment but no-one was immediately available.

    Clearly they are all 'just resting' due to being shagged out after a long squawk!

  21. SimD

    I'm waiting for someone to write a system that auto connects to their WiFi setup and kills any unprotected drones in range...

  22. BlartVersenwaldIII

    Why bother with being limited by range? Just fit your wifi transmitter to a drone of your own* put the script on a loop and go flying off on a pwn-by.

    * Preferably not of the Parrot brand

  23. Rob Crawford

    See time travel does exist

    Is it me or is this repeating what was already known 18 months ago?

    There have been scripts for this kicking about for ages

  24. Christopher W

    Re: See time travel does exist

    I could have sworn the same thing. These drones are fundamentally useless unless you don't mind them crashing out the sky mid flight. I thought all these vulns were being discussed not long after they came out...

  25. Little Mouse

    Re: See time travel does exist

    It's like Groundhog Day, but with hacking and drones and stuff.

  26. Fraggle850

    Well it's a more elegant solution to privacy invasions than a shotgun

    Nice to see that, between this and recent car, skateboard and IOT security SNAFUs, whilst we are building Skynet we are leaving plenty of backdoors for when the machines do rise. Should make John Connor's job a little easier.

  27. ukgnome Silver badge

    Beautiful plumage

  28. AndyS
  29. Chika

    The plumage don't enter into it. The only reason why it was up in the first place is cause it was nailed there.

  30. Anonymous Coward
    Anonymous Coward

    RFLMAO

    as title

  31. Stevie Silver badge

    Bah!

    Clean miss by the whitehats there. Should've taken control of one in the wild, used it to "attack" the owner repeatedly and then sat back and watched Twitter light up with hashtag skynet tweets.

  32. Little Mouse
    Terminator

    Re: Bah!

    How about some self-replicating code that spreads to other parrots? With a whole army of them at my command, I could RULE THE WORLD!!!!!!*

    *If they weren't so easy to defeat, that is.

  33. Robert Helpmann?? Silver badge

    Re: Bah!

    The drone runs on Busybox which has had a few vulnerabilities and has been targeted in the past. You could indeed create a squad of possessed killer parrots!

  34. David Roberts Silver badge
    Coat

    You missed out

    All your drones are belong to us...

  35. x 7 Silver badge

    so thats how the Iranians did it

  36. LINCARD1000
    Coat

    Yarrrrrr...

    RAWK! POLLY WANTS A HACKER! POLLY WANTS A HACKER! RAWK!

    *runs for the hills screaming like a loon*

  37. Hiding_In_The_Shadows

    Deja Vu - Hak5

    Excuse me, Miss? For those who thought they had seen it before - https://hak5.org/episodes/hak5-1518 or https://www.youtube.com/watch?v=UJhN4FTVlm4

    Darren Kitchen used the WiFi Pineapple attached to another drone to kill the parrot.

    I'm sorry I have a cold...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018