back to article Parrot drone pwned (and possibly killed) with Wi-Fi log-in

Lack of security in the Wi-Fi link to the Parrot AR drone allows it to be blown out of the sky by telnetting in and killing the process. Ryan Satterfield, who describes himself as an ethical hacker and runs consultancy Planetzuda.com, explains on his YouTube channel that the Parrot drone hack was demonstrated at DEF CON 23. …

  1. Wommit

    And the problem with killing a drone is?

    1. Anonymous Coward
      Facepalm

      Re : And the problem with killing a drone is?

      Depends on who or whats underneath it when it comes crashing down...

    2. Anonymous Coward
      Anonymous Coward

      Well the person who spent £300 on it might be a bit miffed. They may even go so far as to claim criminal damage, you never know.

      1. Fred Flintstone Gold badge

        Well the person who spent £300 on it might be a bit miffed. They may even go so far as to claim criminal damage, you never know.

        I'd like to see them try - how are you going to prove that it was a hack that killed the thing and not a malfunction? Read the bash log? If you have THAT deep an access you can cook up all sorts of mischief that could be made to zap itself on reboot. You could even make it an intermittent problem so it'll drive you mad trying to fix the hardware.

        How ANYONE in the 21st century can wilfully avoid, no, REMOVE, the most basic access control facilities to use on an unsecured link is a bit beyond me. That is simply irresponsible.

        1. Anonymous Coward
          Anonymous Coward

          "I'd like to see them try"

          Didn't say they could, was answering why someone would care about a drone being killed.

      2. JakeMS

        If you're sneaky enough, they'll never know who done it...

    3. TitterYeNot
      Coat

      "And the problem with killing a drone is?"

      The drone isn't killed. It's just pwning for the sward...

      <Groans>

      1. AbelSoul

        Re: Pwning for the sward...

        Pwning for the sward, what kind of talk is that?

        HELLO POLLY!

        1. Chika

          Re: Pwning for the sward...

          Look, it's not pwned, it's idling.

  2. kmac499

    Should have called it Pigeon not Parrot. Everyone knows they home automatically...

  3. JakeMS
    Coat

    I bet parrot was spitting feathers when they heard about this!

    Get it? Spitting feathers? parrot? yeah? no.. okay I'll get my coat.

    1. Ian Michael Gumby
      Angel

      Robin Williams?

      Sorry, but maybe I'm showing my age, but why do I keep thinking about Robin Williams when he did 'Mork and Mindy' ... "Fly be Free!" ?

      Now there was a comic who could do 45 minutes non stop on this topic without repeating himself.

      RIP

  4. Mint Sauce
  5. lawndart

    says:

    Typing KILL 1 and knocking the drone out is bad enough.

    Whatever you do, don't type KILL THE HUMANS

    1. DropBear
      Trollface

      Re: says:

      Are you sure KILL -9 would be better? What if it goes on to revive nine dead people and it brings on the zombie apocalypse?!?

      1. This post has been deleted by its author

      2. Ian Michael Gumby
        Devil

        Re: says:

        Uhm...

        Don't you mean kill -9 1 ?

        kill 1 kills the process with the PID of 1. Very polite.

        -9 means that you really want to kill it.... as in "DIE YOU MUTHA-FSCKING RAT PIG ..." well you know how it goes.

        Now going from memory because I'm too fscking lazy to google it... but isn't kill -13 <pid> used to not only kill the process, but all of those evil children the process spawned from Satan?

        Didn't you know the BSD devil imp is really meant as a warning!!!

      3. BlartVersenwaldIII
        Joke

        Re: says:

        > Are you sure KILL -9 would be better?

        Doesn't work in Germany sadly :(

    2. Florida1920

      Re: lawndart says:

      don't type KILL THE HUMANS

      That might explain why The Reg hasn't heard back from the company.

      1. Chris G

        Re: lawndart says:

        The Register has contacted Parrot for comment but no-one was immediately available.

        Clearly they are all 'just resting' due to being shagged out after a long squawk!

  6. SimD

    I'm waiting for someone to write a system that auto connects to their WiFi setup and kills any unprotected drones in range...

    1. BlartVersenwaldIII

      Why bother with being limited by range? Just fit your wifi transmitter to a drone of your own* put the script on a loop and go flying off on a pwn-by.

      * Preferably not of the Parrot brand

  7. Rob Crawford

    See time travel does exist

    Is it me or is this repeating what was already known 18 months ago?

    There have been scripts for this kicking about for ages

    1. Christopher W

      Re: See time travel does exist

      I could have sworn the same thing. These drones are fundamentally useless unless you don't mind them crashing out the sky mid flight. I thought all these vulns were being discussed not long after they came out...

      1. Little Mouse

        Re: See time travel does exist

        It's like Groundhog Day, but with hacking and drones and stuff.

  8. Fraggle850

    Well it's a more elegant solution to privacy invasions than a shotgun

    Nice to see that, between this and recent car, skateboard and IOT security SNAFUs, whilst we are building Skynet we are leaving plenty of backdoors for when the machines do rise. Should make John Connor's job a little easier.

  9. ukgnome

    Beautiful plumage

    1. AndyS
    2. Chika

      The plumage don't enter into it. The only reason why it was up in the first place is cause it was nailed there.

  10. Anonymous Coward
    Anonymous Coward

    RFLMAO

    as title

  11. Stevie

    Bah!

    Clean miss by the whitehats there. Should've taken control of one in the wild, used it to "attack" the owner repeatedly and then sat back and watched Twitter light up with hashtag skynet tweets.

    1. Little Mouse
      Terminator

      Re: Bah!

      How about some self-replicating code that spreads to other parrots? With a whole army of them at my command, I could RULE THE WORLD!!!!!!*

      *If they weren't so easy to defeat, that is.

      1. Robert Helpmann??

        Re: Bah!

        The drone runs on Busybox which has had a few vulnerabilities and has been targeted in the past. You could indeed create a squad of possessed killer parrots!

  12. David Roberts
    Coat

    You missed out

    All your drones are belong to us...

  13. x 7

    so thats how the Iranians did it

  14. LINCARD1000
    Coat

    Yarrrrrr...

    RAWK! POLLY WANTS A HACKER! POLLY WANTS A HACKER! RAWK!

    *runs for the hills screaming like a loon*

  15. Hiding_In_The_Shadows

    Deja Vu - Hak5

    Excuse me, Miss? For those who thought they had seen it before - https://hak5.org/episodes/hak5-1518 or https://www.youtube.com/watch?v=UJhN4FTVlm4

    Darren Kitchen used the WiFi Pineapple attached to another drone to kill the parrot.

    I'm sorry I have a cold...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like