Hijacking Quadcopters With A MAVLink Exploit

Not many people would like a quadcopter with an HD camera hovering above their property, and until now there’s no technical resource to tell drone pilots to buzz off. That would require actually talking to a person. Horrors. Why be reasonable when you can use a Raspberry Pi to hijack a drone? It’s the only reasonable thing to do, really.

The folks at shellIntel have been messing around with quads for a while, and have recently stumbled upon a vulnerability in the Pixhawk flight controller and every other quadcopter that uses the MAVLink protocol. This includes the Parrot AR.drone, ArduPilot, PX4FMU, pxIMU, SmartAP, MatrixPilot, Armazila 10dM3UOP88, Hexo+, TauLabs and AutoQuad. Right now, the only requirement to make a drone fall out of the sky is a simple radio module and a computer. A Raspberry Pi was used in shellIntel’s demo.

The exploit is a consequence of the MAVLink sending the channel or NetID used to send commands from the transmitter to the quadcopter in each radio frame. This NetID number is used so multiple transmitters don’t interfere with each other; if two transmitters use the same NetID, there will be a conflict and two very confused pilots. Unfortunately, this also means anyone with a MAVLink radio using the same NetID can disarm a quadcopter remotely, and anyone with a MAVLink radio can tell a quad to turn off, or even emulate the DJI Phantom’s ‘Return to China’ function.

The only required hardware for this exploit is a $100 radio and three lines of code. It is certainly possible to build a Raspberry Pi-based box that would shut down any Pixhawk-equipped quadcopter within radio range, although the folks at shellIntel didn’t go that far just yet. Now it’s just a proof of concept to demonstrate that there’s always a technical solution to your privacy concerns. Video below.

61 thoughts on “Hijacking Quadcopters With A MAVLink Exploit

      1. I think the good old garden hose would be available for most people with backyards. What about those in apartment blocks… maybe a little net like they have on ‘how to tame your dragon” could also do the trick….

    1. ardupilot and pixhawk drones do not work with wifi, instead they use their build in flight program , user input via rc radio or via the telemetry radio used to send commands to adjust missions and assign waypoint on the fly. your rc radio will override these commands. but you wont be able to re arm(start the drone which takes about 3 seconds) if someone manged to disarm it mid air (normally not possible, since you would have to throttle down which will cause it to land anyway)
      the disarm command will disable the input to the motors from the flight controller and wont activated any gps actions such as return to launch.

    2. MAVLink Radios are normally 433/915mhz (depending on regulations in your area), not wifi band, but other than that small discrepancy, no, this is disarming the quadcopter, not jamming the radio or anything that would normally cause an RTH condition. It actually disables the quadcopter by deactivating the motors (not sending signals to the controller.) The only way to make this attack not work, is to either not use the MAVLink protocol, or roll your own radio system and hope that ‘security’ through obscurity will at least help to some extent.

  1. This is not a MAVLink explot per se. You just send commands over an unencrypted and unauthenticated radio. This would not work if for example the telemetry is ran over an XBee with encryption. It is an exploit in the SiK radio.

        1. You’d be surprised. Some countries have banned Blackberries, RPis and a bunch of other stuff that uses encryption and manufacturers don’t provide a way (master key, list of keys or whatever) for decrypting it by a 3rd party (homeland security)

          1. We have the same situation up here in Canada, but I believe that in both countries, the use of the phrase “for the purpose of obscuring their meaning” has been interpreted such that encryption over the ham bands is allowed in certain circumstances. For example, the use of WiFi with boosted power (since to do so requires a ham license) in a disaster recovery operation, and then using something like WPA to secure the messages, particularly when they contain personal information (such as medical information). The whole question of “what is encryption” gets murky when you deal with controller protocols (from a legal interpretation, I mean).

          2. Have a look at 97.215 – RC aircraft are different. “…signals transmitted by an amateur station to control a model craft are not considered codes or ciphers intended to obscure the meaning of the communication when the transmitter power does not exceed one watt…”

          1. That’s the case with most amateur licenses (not necessarily the bands themselves, which are occasionally shared with other licensed users without such restrictions.) It’s because amateur licenses exist for a specific purpose (to encourage the development of skilled radio operators/technicians) and not to give people an open broadcasting license. So secret communications, business discussions and public entertainment broadcasting are explicitly disallowed.

      1. As Alphatek says: prove it. Unlike cell/mobile jammers that need to be on all the time to be effective, a drone jammer will tend to have a low probability of intercept by either an owner or (more to the point) Johnny Law.

      2. The problem isn’t *over* the house but a quadcopter low enough to look in the windows. I have a tall fence and plants that prevents peeping toms. Dogs keep the assholes out of the yard. One day I saw a QC buzzing around my backyard “looking” in the windows with the camera when I was home sick one day. It spent quite a bit of time focused on the girls rooms for some reason.

        OK fine. Thinking quickly, I went to the second floor window and caught the QC with a fishnet.

        I kept the QC “alive” by tearing off the blades, presenting each busted blade to the camera. Then I wrote on cards describing what I would do to the asshole when I catch him then set the QC and camera under my car, lense facing the tire, and ran it over.

        Whoever owns it hasn’t been by to claim it yet.

        The article you reference is correct but large aircraft is registered and the owners can be tracked, QC’s are not. You can file legal action against someone photographing you from a large plane, how do you propose the same for someone flying a QC you can’t track back to the owner?

        1. Good story, I don’t believe most of it, but good..

          A nanoquad may be small enough to get close to your house, sure, However they are not stable enough nor have the range to be too anonymous. The video is almost good enough the determine that the brown pile moving in the yard is indeed a dog.

          The miniquad I have has acceptable video, but can not hover too well to ‘spy’ and sounds like an angry pack of bees. Ofcourse you can fly these from a mile away and send the video back to the operator, but again, they are not designed to just hover and also have a short flight time of usually 5 minutes or less.

          Getting up into the 450 class quad, This is where you may have an issue, They can hover in the sky just fine. But once you get close to the ground and say, a house. the prop wash make them difficult to hover. They also are usually fairly expensive. Again, a large pack of bees swarming around your window. I can hear my 550 just fine at 300+ meters away.

          Even more realistically, Take your cell phone, go pro or point and click camera outside, stand 20 or so feet away from your window and take a photo, What excatly is it your seeing? Not a whole bunch. Better luck would be had hitting up reddit for some high quality skin pics.

          Sure, there is a chance that this MAY of happened, you found a multirotor in your yard, The poor operator, wherever they were was freaking out as it more than likely got away from them. I hear 1000’s of ‘spy drone’ stories but don’t see the spot drone pics.. Why? The cameras on consumer grade multirotors can not zoom, are designed with fixed lenses, designed for wide angle shots.

          1. I was hesitant to use the term “looking” as I wasn’t sure what the QC was actually doing, hence the quotes. I couldn’t really tell if the camera was functioning at the time. The girls rooms are on the lee of the house and would’ve been in shadow at that time of the day. Could’ve been sitting low to get out of the wind for all I know… or cared.

            The QC is gone. It’s a done deal.

    1. Was it actually ever proven that it was rebels who shot down the airplane in Ukraine? I know there has being lots of accusations in the media(and US government), but it doesn’t make it so. Recent report by the Netherlands investigators, concluded that the plane was shot down by a Russian-made rocket, except everyone is conveniently forgetting the fact that ALL(!) rockets in Ukraine were manufactured either by Russia or USSR.

      1. Nonsense! There’s nothing ominous or illegal about keeping a hawk to control nuisance species on your property. No one needs to Google “train a hawk to take down drones”–all you need is a hawk, a cheap toy drone of your own, and a little patience.

        1. Except you need to be a licensed Falconer which takes years of study, Passing a federal exam, Find a sponsor, build a new and then have it and all your equipment and food supply inspected, then you need to capture and train the hawk and protect its legs from the propellers with kevlar leg guards! Then you need to train it to attack drones! Israel is using Eagles – which are very difficult do get here in the US and you must be a master Falconer to even think of getting one and you must have 2000 hours with an Eagle or Great Horned Owl, then get a Govenor to give you permission to catch a Eagle and it must be killing livestock.
          There’s a reason there are less than 2000 Licensed Falconers left in the entire world!!!

      1. Generally, the blades are enclosed radially, and so are relatively safe. My clever hawk can be trained to, say, rip out wires, jam a stick into a rotor, or perform various other bits of mischief depending on the construction of the drone.

  2. This is a really poorly informed article. This is an exploit for unencrypted two-way telemetry modem, really has nothing to do with Pixhawk, arducopter, etc. Telemetry, the term, as such, means *downlink* but some people will connect those radios if they get them in a kit and run two-way communication because that is the default (some will use never use either uplink or downlink), but that can not be generalised. I never connected a radio of this type to my ArduCopter or Pixhawk because I get telemetry overlaid on the video.

    This is sort of like making a FLASH NEWS of the fact you can use an IR remote of your TV to turn off somebody else’s TV.

    And these telemetry radios can be had for $20 and less, generally less than $100 including the RPi.

  3. The Pixhawk is an interesting piece of hardware. Even though it prevents the DroneCode software from using almost all of the “cool” features of the STM32F4 because of the way the PWM/Counter blocks are used. The neatest single non-flight related feature of the Pixhawk (and DroneCode) is the “offload to companion computer” capability. There’s some work being done by folks on Diydrones to establish redundant ‘silent’ fail-over communications link. But the HAD article is of the quality we have come to expect.

    1. And… I was under the impression that the 3DR-type radios use the NetID _and_ StationID features of the Si chips? Which – if I am reading the Silicon Labs datasheet properly – can also authenticate between TX and RX units?

      1. It’s identification, not authentication, and used to distinguish between cooperating units. Nothing prevents a third party from sniffing those values then spoofing packets with them.

  4. I’d have to agree it isn’t really an exploit, and it certainly wasn’t an oversight. I’m the author of the firmware on the SiK based radios, and the real reason these don’t have any encryption or signing is that the Si1000 modules they are based upon don’t have the horsepower to do any reasonable level of crypto. There are variants of the module that have hardware AES, but the cheap modules in these radios don’t.
    I could have put in a really weak encryption or signing system but it really would have just been a red flag to a bull. I’d then have UAV manufacturers claiming it was secure, when in fact anyone with any reasonable crypto knowledge would crack it in short order. So I decided to not even try to secure it on that hardware. Trying to secure it would also have meant leaving out other important features. The firmware on these radios really pushes the poor little Si1000 to its limits. The current firmware has 3 bytes of memory free.
    before someone asks, yes, I did try things like XTea and the nice 8051 asm version of that protocol that is available. It took so many of the Si1000 cycles that it was no longer practical as a telemetry radio.
    These radios were also designed when the APM2 based on an AVR2560 was state of the art for flight controllers. That is a lot better than the Si1000, but doing decent crypto on that while still flying a multi-rotor would be a real challenge. Since that time we’ve dropped support for the old AVR flight boards, and now have at least a STM32. That means crypto is now well within reach of the flight controller, so we can do end-to-end encryption or signing, using the SiK radio as just a transport.
    If anyone is curious, this is what I am working on now:
    https://docs.google.com/document/d/1ETle6qQRcaNWAmpG2wz0oOpFKSF_bcTmYMQvtTGI8ns/edit?usp=sharing
    that adds signing on the flight board, and should offer enough security for the sorts of uses people put these boards to.
    I may be a bit biased as the author of the firmware being attacked, but I see these types of “exploits” as being akin to declaring that you’ve discovered that most hoses in country areas don’t lock their doors, and then publishing a house breaking guide. Not really all that useful, and quite socially irresponsible.

  5. DJI communication on common commercial drones like the Mavic Pro and Phantom series does not run on the Mavlink protocol. They have their own proprietary protocol, so the “return to china command” on the Mavlink “exploit” referenced in the article is not possible. They would be unaffected by the NetID change because they don’t accept Mavlink messages. Only the Matrice series of DJI is compatible with Mavlink, and there are very few of those flying around.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.