16Nov-18

A Drone Tale

During the previous months I've been a speaker for various international conferences: Hackinbo (Italy, 26-27 May), Sec-T (Stockholm, 13-14 September) and Hacktivity (Budapest, 12-13 October) with a talk named: "A Drone Tale: All Your Drones Belongs To Us". A talk where I detailed analysed the DJI Phantom 3 model’s architecture , its attack vectors, reverse-engineered the SDK and the network protocol. I also had a specific focus section on Drones Forensics Artefacts Analysis and Methodology. Here you can find and download all...
Posted By
13Jan-17

Hacking the DJI Phantom 3

Finally, during Christmas time, I had some spare time to play with my flying beast; I’m speaking about trying to hack my DJI Phantom 3. It was my first time that I operate with drones or similar embedded system and at the beginning I didn’t have any clue about how I could interact with it. The Phantom 3 comes with an aircraft, controller and an Android/iOS app. Let’s start from the beginning: As a first step, I have analysed the protocols, the connection between...
Posted By
22Dec-15

Aethra Botnet

What do an old log file, Wordpress, “some” routers and some Italian ISP have in common? Apparently nothing but let me explain from the beginning and you will notice how interesting elements can be discovered, starting from an insignificant event. Friday, February 13, 2015: I was performing ordinary maintenance on my personal website and, while I was analyzing the statistics and logs, I noticed a "strange" recurring pattern: Anyone who has ever run a WordPress can recognize in this extract of log,...
Posted By
22Dec-15

Aethra Botnet

Che cosa hanno in comune un vecchio file di log, Wordpress, una “manciata” di router e degli ISP italiani? All’apparenza nulla ma lasciatemi spiegare tutto dall’inizio e vedrete come, partendo da un evento poco significativo si possano scoprire elementi quantomeno interessanti. You can read this article in English here. Venerdì 13 Febbraio 2015: stavo effettuando ordinaria manutenzione sul mio sito personale quando analizzando le statistiche e I log mi accorsi di un pattern ricorrente e quantomeno “strano”: Chiunque abbia mai gestito un sito Wordpress...
Posted By