Defcon 21 – Phantom Network Surveillance UAV / Drone
Description: DARPA, 2011, sponsored a contest named UAVForge which challenged teams to build a prototype unmanned aerial vehicle (UAV). Mission: “UAV must be small enough to fit in a soldier’s rucksack and able to fly to, perch & stare from useful locations for several hours near targets of interest to provide real-time (visual) persistent surveillance.” Long story short: 140 teams participated, no one won. Crashes, remote piloting, & electronics problems all took their toll.
Flash forward to 2013 – Technology has improved significantly. Reading the UAVForge story, I was fascinated by the concept of “perch and stare” surveillance. I wondered if this technique could be extended from visual to wireless network discovery & exploitation?
Jan. 2013, DJI Innovations introduced a quadcopter known as the Phantom. Phantom quickly gained a reputation as the most stable platform for use in aerial photography and other, small electronics. Phantom uses a GPS autopilot and a “return to home” capability in case the flight goes wrong. So, I decided to become a proud Phantom owner. I built and now fly wireless missions using 2 payloads: [1] Wispy spectrum analyzers, and [2] an Internet-accessible WiFi Pineapple (Hak5).
In this presentation you will learn how to successfully outfit & fly a quadcopter equipped with tiny computers, plus utilize wireless survey & exploitation tools. Three missions will be covered: site survey, in-flight wifi discovery, plus extended roof-top wifi pineapple operation.
Ricky HIll is a principal consultant at Tenacity Solutions, a security firm located in Reston, VA. Mr. Hill’s research interests include wireless hacking and SCADA security. Both areas where he’s performed challenging and novel work for the last 10 years on various defense contracts in the Washington D.C. area. When not occupied with the daytime job, he can be found outdoors flying R/C helicopters, balloons and other toys, (or just relaxing by the lake). A 3x DEF CON speaker and 13 yr. attendee, heís been to every DEF CON since 2000