Something for the weekend sir? Do you have an SDR receiver? Well, now you can build your own open-source Occusync sort of. Thanks to the work of a group of researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security
Just head off to Github to find the code, something I will be doing as a Friday night project to sniff out drone operations near my home, #VertiportAfricas own CUAS system!
https://github.com/RUB-SysSec/DroneSecurity
Kevin Finisterre @d0tslash what seems many lifetimes ago first revealed that DJI’s own RID system was unencrypted and these researchers have taken it a little further. To be clear we are not talking about RID, the researchers are decoding the drone and operator positions that DJI was already sending,
This project is a receiver for DJI’s Drone-ID protocol. The receiver works either live with an SDR, or offline on pre-recorded captures.
Our paper from NDSS’23 explains the protocol and receiver design: Drone Security and the Mysterious Case of DJI’s DroneID [pdf]
If you’re looking for the fuzzer, we will upload that shortly :)
The live receiver was tested with:
- Ettus USRP B205-mini
- DJI mini 2, DJI Mavic Air 2
Our software is a proof-of-concept receiver that we used to reverse-engineer an unknown protocol. Hence, it is not optimized for bad RF conditions, performance, or range.
Well done all, super impressed
@inproceedings{schiller2023drone,
title={Drone Security and the Mysterious Case of DJI's DroneID},
author={Schiller, Nico and Chlosta, Merlin and Schloegel, Moritz and Bars, Nils and Eisenhofer, Thorsten and Scharnowski, Tobias and Domke, Felix and Sch{\"o}nherr, Lea and Holz, Thorsten},
booktitle={Network and Distributed System Security Symposium (NDSS)},
year={2023}
}5th March 2023 – Looks like you will have to build your own now, DJI just stopped selling Aeroscope
