Can’t Disable DJI Drone ID? Spoof It With An ESP!

A screenshot of the drone monitoring application, showing spoofed drones and their coordinates

We have been alerted to a fun tool, a DJI DroneID spoofer software for ESP8266/ESP32 and some other popular MCUs. Last year, we’ve told you about DJI DroneID — a technology DJI added to their drones, which broadcasts data including the drone operator’s GPS position, which, in turn, appears to have resulted in Ukrainian casualties in the Ukraine war. The announcement tweet states that DJI has added mechanisms from downgrading firmware. Hence, the spoofer.

There’s no other hardware needed, well other than an ESP8266 or ESP32 devboard, anyway. After the break you can find a video tutorial from [Joshua Bardwell] that shows you how to upload the code using Arduino IDE, and even going through coordinate tweaks. If you ever reminisced about the concept of throwies and were wondering what kind of useful, well, there’s your answer: clone the Git repo, compile it, program some interesting coordinates in, and witness the imaginary drones fly.

All in all, we get a lovely addition to our shenanigan toolkits. Surely, someone could use a neural network to distinguish real drones from fake ones, but it’s nothing that can’t be solved with a bit of code. Looking for a less daring hack? Well, you can always add some automation to your DJI drone by poking at the RGB LED signals.

19 thoughts on “Can’t Disable DJI Drone ID? Spoof It With An ESP!

  1. Better surely to hack your drone so it doesn’t make any broadcasts that could reveal your (or for that matter its) location to the soldiers who’ve invaded your country.

    1. yep, something like that, or better still, stop using those DJI drones and get busy making your own that have all the features you need and are (hopefully) a lot cheaper as well.

    1. The amazing part for me is that these drones are apparently uses with stock firmware.
      Mind boggingly stupid. But also, It’s a war. There are likely to be glitches and all sorts of problems (including logistics) everywhere. And I guess these drones get into Ukraine though a lot of different paths. From big batches to individual donations.

  2. These situations always leave me conflicted.

    If I’m honest I would not want a civilian device I created used for military purposes even by “the good guys”.

    If you want me to make military gear, pay me those big military bucks. (Which I wouldn’t accept because I wouldn’t want it on my conscience).

    In a sense DJI telling them to stop using it’s gear is something I respect. Drones have a sketchy rep as it is.

    Starlink is borderline case as military funds it’s development in effect AFAIK.

    1. But you do know DJI has extensive military contracts with PLA? and civilian DJI drones are just the way for them to fund military research? Same deal with DJI organized University competition where you build driving/flying drone team, code aimbots, and fight in the arena trying to kill your opponents/conquer enemy base.

      1. EVERY civilian company/business and even Chinese nationals anywhere are REQUIRED to cooperate with the State agencies if asked:

        China’s National Intelligence Law

        The Intelligence Law… repeatedly obliges individuals, organizations, and institutions to assist Public Security and State Security officials in carrying out a wide array of “intelligence” work. Article Seven stipulates that “any organization or citizen shall support, assist, and cooperate with state intelligence work according to law.”

  3. You’ve got to fight for your right…to your DATA. I am so sick and tired of being invaded on every single vector. This is why we can’t have nice things anymore.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.