root access password

[cryptoron]

Hi all,

you can ssh to both the drone and the wifi extender as root using passwod 19881209

enjoy and let me know what you find out.

 

[rsauron]

this is huge! oooo the possibilities now!!!!

I can confirm this information

[email protected]'s password:


BusyBox v1.19.4 (2013-04-22 22:41:57 CST) built-in shell (ash)
Enter 'help' for a list of built-in commands.

-----------------------------------------------------
DJI-INNOVATIONS
-----------------------------------------------------
* FC200-Vision+ RE
* [email protected]
* 02/21/2014
* Version 1.01
* ART / DHCP down / ping
-----------------------------------------------------
root@Phantom:~#

root@Phantom:/# cat /etc/shadow
root:$1$7jwZJyj/$qdwVW7zOZLr9H.bGXmWWV1:15807:0:99999:7:::
daemon:*:0:0:99999:7:::
ftp:*:0:0:99999:7:::
network:*:0:0:99999:7:::
nobody:*:0:0:99999:7:::
root@Phantom:/#

-------------------------------------------------------

let the fun begin!

first peice of advice... dont upgrade anytime soon.. i am sure dji will be changing this with future firmware upgrades...
think iphone hacking

 

[Hovtech]

While I have rooted my Galaxy 4S , I'm not sure what you are talking about here. Could you give us a step by step?

 

[Mal_PV2_Ireland]

Im just wondering could this open a way to connect a gopro app on your phone to the wifi repeater and in turn control a gopro on its 2.4ghz wifi connected to a pv2 or pv2+

 

[DKDarkness]

Im just wondering could this open a way to connect a gopro app on your phone to the wifi repeater and in turn control a gopro on its 2.4ghz wifi connected to a pv2 or pv2+

Maybe: http://youtu.be/qIY7M8lD6CM

 

[mfp]

We need to secure the network.

This should be the first task of any P2V+ wifi hack.

I worry about rogue hackers out there trying to commandeer my equipment.

 

[dragonash]

say hello to this

viewtopic.php?f=24&t=15771&hilit=+192.168.1.

 

[Mal_PV2_Ireland]

Im just wondering could this open a way to connect a gopro app on your phone to the wifi repeater and in turn control a gopro on its 2.4ghz wifi connected to a pv2 or pv2+

Maybe: http://youtu.be/qIY7M8lD6CM

Excellent stuff mate! They've already done it, COOL!!!

 

[HunterSK]

Change your root password!

Hi Everyone,

I did some basic tests today and this is a serious security issue.

Using another computer (I used my iPad running a SSH terminal software), I was able to log into the Phantom and WiFi Repeater and do things like shutdown the WiFi connection mid flight. This instantly cuts the connection between the Phantom to your smart device, however the controller link is still fine.

I advise those of you who are concerned about your network security to change your root password immediately. I've done this on both my Phantom and the WiFi repeater and it doesn't affect the operation of the Vision iOS app or the controller link.

What it will affect is that PVFyer's V+ Booster app will not work, as it can't log in. Presumably that app was logging in your Phantom drone over WiFi as Root and making network changes. I have PM PVFlyer to update the app to allow a user-specified root password to be supplied to allow it to log in.

To change your root password:

1. Connect to your Phantom over WiFi using any computer
2. Run your favourite SSH client.
3. Log into either:

- 192.168.1.1 (FC200-Vision+)
- 192.168.1.2 (WiFi repeater)

4. Type 'passwd root'
5. Enter your new password twice
6. Password is now changed.
7. Type 'exit' to disconnect from SSH session
8. Repeat step 3-7 for the other device.

 

[BlackTracer]

Hi all,

you can ssh to both the drone and the wifi extender as root using passwod 19881209

enjoy and let me know what you find out.

So how did you get the root password? dji-leaks.com?

 

[4wd]

Re: Change your root password!

I advise those of you who are concerned about your network security to change your root password immediately. I've done this on both my Phantom and the WiFi repeater and it doesn't affect the operation of the Vision iOS app or the controller link.

Seems rather paranoid, wouldn't they have to hack you between turning it on and your own device locking on since it only allows one connection?
I'd be too worried this would cause other hard to resolve problems sooner or later, apart from immediately blocking the boost app.

I can see interesting developments in third party custom firmware with all manner of useful changes though.

 

[HunterSK]

You're vulnerable whenever your WiFi network is on.

Only one Vision app can connect at the same time, but I found out tonight that multiple computers can join the Phantom WiFi network. I had both my Mac and iPad SSH'ing into my Phantom at the same time.

So someone could hack your drone system with their phone at any time your Phantom is in the air.

 

[rsauron]

just image... your flying your phantom... bad guy with an iphone and issh installed on his phone..
he could
ssh into your phantom while your flying..
then they type the reboot command..
and baammmm your phantom reboots mid air.... which means its gonna come crashing to the ground!
technically could blame all crashs on dji now!! "someone hacked my phantom and crashed it!"
its DJI security negligence that caused the crash!

 

[D_Tshudy]

just image... your flying your phantom... bad guy with an iphone and issh installed on his phone..
he could
ssh into your phantom while your flying..
then they type the reboot command..
and baammmm your phantom reboots mid air.... which means its gonna come crashing to the ground!
technically could blame all crashs on dji now!! "someone hacked my phantom and crashed it!"
its DJI security negligence that caused the crash!

That's not really the case is it? They could reboot your camera or muck with what the camera is sending to the app but I don't think they could make your phantom fall from the sky.

Now if there's a command-able two way path from the camera shell to the running flight control code, which is a real possibility since telemetry is sent over a serial port to the camera, then we should be concerned.

 

[srandall25]

say hello to this

viewtopic.php?f=24&t=15771&hilit=+192.168.1.

wow... can't believe this has been out since May 17th and just now seeing this.. Amazing stuff...

 

[PhantomRock]

say hello to this

viewtopic.php?f=24&t=15771&hilit=+192.168.1.

Thanks dragonash, I too was not aware of this thread.
This is an amazing development, thanks to all that have contributed to this.

 

[dragonash]

Cool right?

I would love for someone to confirm if they can get the fc40 can connected to the extender.I would love to minimize my equipment by getting rid of my Linksys repeater and using the DJI extender

 

[rnrnrn]

hi all,

first of all - I do agree it is a bit paranoid to encrypt the camera connection - the only thing obviously possible is a reboot of the FPV and that's not really a crucial thing for most people.

I'm away from my phantom now so can't check it out but could someone see how the telemetry is hooked up to the camera system? is it both ways tty? other serial solution? this would be good to know - if there's any way to connect to the mainboard via telemetry connection then we have a problem - otherwise a non issue

cheers!

 

[linuxkidd]

...first of all - I do agree it is a bit paranoid to encrypt the camera connection - the only thing obviously possible is a reboot of the FPV and that's not really a crucial thing for most people...

Keep in mind that the config details are in /etc/config. Anyone with access could wipe a config file, put non-sense in your /etc/config/wireless (for example) and wham... No wifi.. EVER.. Until at least DJI releases full firmware for the WiFi control board/camera.. If they do this on the repeater, you're also SOL.. The microUSB port doesn't have a data connection.. So, there's no recovering it by the consumer. A trip to DJI for repair and the long wait associated there-with.

Think this is paranoid? Quads are all over the news recently. Especially with the guy loosing his on-top of the Dallas Cowboy's Stadium. There's a lot of 'paranoid' people who think we're out to do nothing but invade their privacy and take away their guns.. Some of them can play on computers and a thread like this is perfect to teach them how to muck w/ our $1300 investment with complete anonymity.

Whether we're being paranoid or not... an ounce of prevention is worth an 8 week DJI repair cure...

I've got a couple of threads in my signature for enabling encryption.. but at least.. the very least.. change your root password.

LK