Software PoC that scans for parrot drones' networks, connect to them, hijack all the connected hosts and pilot the drone away from the "local" position (keep them far)
The pilot.py file contains the routine that pilot the drone, using [this] (https://github.com/venthur/python-ardrone) python library. The routine if fully customizable.
The basic behavior is that the pilot tries to fly the parrot away by using a simple robot algorithm that moves it in a direction and then checks if it is more far or more near with the wifi's signal strength and then decide the next move based on the result of the new signal strength.
This program runs on the python interpreter.
This program uses arpspoof and nmap to find and hijack the hosts connected to the victim parrot.
To install the packets on a Debian based system, type as root:apt-get install nmap dsniff
To use this program you actually need 2 NICs (Network Interface Card). One is used as controller for the parrot; the other is used to scan for wifi networks (and update RSSI values)
This software has been developed on a Debian system and it requires iwconfig, iwlist, dhclient, grep to effectively work.
Configure the gloval_vars.py file with your Network Intefaces (if you have a NIC that is more accurate than another, put it as secondary so it will be used for scanning; improving RSSI sampled values)
Same file contains other parameters to tweak; like power_threshold, after which the drone is taken over the control of the owner.
VERY IMPORTANT: If your secondary_net_interface (as configured in global_vars.py) through iwlist return "Signal level" value in negative dbm it's ok.
If it returns a fraction base 100, you need to apply the 2 patches in the root directory.
patch net.py net.patch
patch pilot.py pilot.patch
To test if your network card is affected, type: iwlist $secondary_net_interface scan | grep "Signal level"
python main.py
It crashes on parsing incomplete results from iwlist (it happened)
Trivial way to fix with a bash script, assuming you've only one instance of python running:
while [ 1=1 ]; do if [[ $(pgrep python) = "" ]]; then python main.py \&; fi; sleep 1; done
#####ENJOY!!