Parrot Bebop: Difference between revisions
Jump to navigation
Jump to search
Content deleted Content added
| Line 77: | Line 77: | ||
=Tools= |
=Tools= |
||
* https://github.com/Zepheus/ardrone3-pcap sniffing protocol |
* https://github.com/Zepheus/ardrone3-pcap sniffing protocol |
||
=Misc data= |
|||
==ps ax== |
|||
<pre> |
|||
PID USER TIME COMMAND |
|||
1 root 0:02 init |
|||
2 root 0:00 [kthreadd] |
|||
3 root 0:00 [ksoftirqd/0] |
|||
4 root 0:00 [kworker/0:0] |
|||
5 root 0:00 [kworker/u:0] |
|||
6 root 0:00 [migration/0] |
|||
7 root 0:00 [watchdog/0] |
|||
8 root 0:00 [migration/1] |
|||
9 root 0:00 [kworker/1:0] |
|||
10 root 0:00 [ksoftirqd/1] |
|||
11 root 0:00 [watchdog/1] |
|||
12 root 0:00 [khelper] |
|||
13 root 0:00 [kdevtmpfs] |
|||
14 root 0:00 [netns] |
|||
15 root 0:00 [irq/1-p7mu] |
|||
16 root 0:00 [sync_supers] |
|||
17 root 0:00 [bdi-default] |
|||
18 root 0:00 [kblockd] |
|||
19 root 0:00 [khubd] |
|||
20 root 0:00 [rpciod] |
|||
21 root 0:00 [kworker/0:1] |
|||
22 root 0:00 [khungtaskd] |
|||
23 root 0:00 [kswapd0] |
|||
24 root 0:00 [fsnotify_mark] |
|||
25 root 0:00 [nfsiod] |
|||
26 root 0:00 [cifsiod] |
|||
27 root 0:00 [crypto] |
|||
37 root 0:00 [ubi_bgt0d] |
|||
38 root 0:00 [ubi_bgt1d] |
|||
39 root 0:00 [ubi_bgt2d] |
|||
40 root 0:00 [ci_otg] |
|||
41 root 0:00 [ci_otg] |
|||
42 root 0:00 [f_mtp] |
|||
43 root 0:00 [file-storage] |
|||
44 root 0:00 [kworker/1:1] |
|||
45 root 0:00 [deferwq] |
|||
46 root 0:00 [kworker/u:1] |
|||
54 root 0:00 [ubifs_bgt1_0] |
|||
80 root 0:00 [flush-ubifs_1_0] |
|||
103 root 0:00 /usr/bin/gpio_monitor /sys/devices/platform/user_gpio/USER_ON_OFF /bin/onoffbutton |
|||
170 root 0:00 [ubifs_bgt0_0] |
|||
171 root 0:00 [ubifs_bgt2_1] |
|||
172 root 0:00 [ubifs_bgt2_0] |
|||
201 root 0:00 udevd --daemon |
|||
210 root 0:00 udevd --daemon |
|||
211 root 0:00 udevd --daemon |
|||
228 root 0:00 [usb-thread] |
|||
232 root 0:00 [wl-thread] |
|||
342 root 0:00 udhcpd /etc/udhcpd.conf.eth0 |
|||
351 root 0:00 {rcS} /bin/sh /etc/init.d/rcS |
|||
353 root 0:00 /usr/bin/ujubaclient |
|||
354 root 0:00 logger -t ujubaclient -p user.info |
|||
394 root 0:00 [irq/44-mmc0] |
|||
395 root 0:00 [kworker/u:2] |
|||
412 root 0:00 [mmcqd/0] |
|||
413 root 0:00 [mmcqd/0boot0] |
|||
414 root 0:00 [mmcqd/0boot1] |
|||
416 root 0:00 [spi1] |
|||
456 root 0:00 [jbd2/mmcblk0-8] |
|||
457 root 0:00 [ext4-dio-unwrit] |
|||
465 root 0:00 [kworker/0:2] |
|||
480 root 0:00 syslogd -s 1024 -b 4 |
|||
493 root 0:00 eRide_aiding /data/ftp/internal_000/gps_data/eRide_data.bin |
|||
504 root 0:00 /usr/bin/usb_mode /sys/devices/platform/user_gpio/HOST_MODE_3V3 /sys/devices/platform/user_gpio/USB0_OC |
|||
508 root 0:00 {mtp_server.sh} /bin/sh /bin/mtp_server.sh start |
|||
519 root 0:00 inetd |
|||
524 root 0:00 avahi-daemon: running [WifiFonHotspot.local] |
|||
618 root 0:00 {ckcmd_redirect.} /bin/sh /usr/bin/ckcmd_redirect.sh |
|||
619 root 0:00 tail -F /var/log/messages |
|||
620 root 0:00 /usr/bin/awk -f /usr/bin/ckcmd_redirect.awk |
|||
622 root 0:00 /usr/bin/ulogger -t syslog -p I |
|||
623 root 0:00 telnetd -l /bin/login.sh |
|||
631 root 0:00 ulogcat -v ckcm |
|||
664 root 0:00 [flush-ubifs_2_1] |
|||
665 root 0:00 [flush-ubifs_0_0] |
|||
666 root 0:00 [flush-ubifs_2_0] |
|||
667 root 0:00 [flush-179:0] |
|||
675 root 0:00 poll_file -w /sys/devices/platform/ci_hdrc.0/udc/ci_hdrc.0/state |
|||
684 root 0:00 /usr/bin/bcm-watchdog |
|||
687 root 0:00 {DragonStarter.s} /bin/sh - /usr/bin/DragonStarter.sh -out2null |
|||
689 root 0:00 macgyverd -f |
|||
695 root 0:35 //usr/bin/dragon-prog |
|||
703 root 0:00 init |
|||
704 root 0:00 init |
|||
705 root 0:00 /sbin/klogd -n |
|||
</pre> |
|||
==pstree== |
|||
<pre> |
|||
init-+-DragonStarter.s-+-dragon-prog-+-{Behaviour} |
|||
| | |-{CKCM SERVER} |
|||
| | |-{Mario} |
|||
| | |-{MassStorage} |
|||
| | |-{NavdataSend} |
|||
| | |-{NetworkMonitor} |
|||
| | |-{Ntwk msgbox} |
|||
| | |-{NtwkDiscConnec} |
|||
| | |-2*[{ParrotAL_TIMER}] |
|||
| | |-{Photo Capture} |
|||
| | |-{Photo Record} |
|||
| | |-{Thread leds} |
|||
| | |-{Thread ms5607} |
|||
| | |-3*[{VideoMain}] |
|||
| | |-{colibry} |
|||
| | |-2*[{h264_venc}] |
|||
| | |-{hal} |
|||
| | |-{libgps_thread} |
|||
| | |-{thread_dxo} |
|||
| | |-{thread_us} |
|||
| | |-{thread_videoWi} |
|||
| | |-{thread_video_l} |
|||
| | |-3*[{v4l2:/dev/vide}] |
|||
| | |-{video_fix} |
|||
| | `-{video_rec} |
|||
| `-macgyverd |
|||
|-avahi-daemon |
|||
|-bcm-watchdog |
|||
|-ckcmd_redirect.-+-awk |
|||
| |-tail |
|||
| `-ulogger |
|||
|-eRide_aiding |
|||
|-gpio_monitor |
|||
|-inetd |
|||
|-2*[init] |
|||
|-klogd |
|||
|-mtp_server.sh---poll_file |
|||
|-rcS-+-logger |
|||
| `-ujubaclient-+-{Juba monitor} |
|||
| `-{jbd_run} |
|||
|-syslogd |
|||
|-telnetd |
|||
|-udevd---2*[udevd] |
|||
|-udhcpd |
|||
|-ulogcat |
|||
`-usb_mode |
|||
</pre> |
|||
==mount== |
|||
<pre> |
|||
rootfs on / type rootfs (rw) |
|||
proc on /proc type proc (rw,relatime) |
|||
dev on /dev type devtmpfs (rw,relatime,size=165664k,nr_inodes=41416,mode=755) |
|||
tmp on /tmp type tmpfs (rw,relatime) |
|||
sys on /sys type sysfs (rw,relatime) |
|||
debug on /sys/kernel/debug type debugfs (rw,relatime) |
|||
devpts on /dev/pts type devpts (rw,relatime,mode=600) |
|||
none on /dev/cpuctl type cgroup (rw,relatime,cpu) |
|||
ubi0:factory on /factory type ubifs (rw,relatime) |
|||
ubi1:system on / type ubifs (rw,relatime) |
|||
ubi2:data on /data type ubifs (rw,relatime) |
|||
ubi2:update on /update type ubifs (rw,sync,relatime) |
|||
/dev/mmcblk0 on /data/ftp/internal_000 type ext4 (rw,noatime,discard,nobarrier,data=writeback) |
|||
</mount> |
|||
==df -h== |
|||
<pre> |
|||
Filesystem Size Used Available Use% Mounted on |
|||
ubi1:system 42.2M 29.4M 10.7M 73% / |
|||
ubi0:factory 4.8M 100.0K 4.4M 2% /factory |
|||
ubi2:data 9.0M 96.0K 8.4M 1% /data |
|||
ubi2:update 28.0M 32.0K 26.5M 0% /update |
|||
/dev/mmcblk0 7.2G 2.2G 5.0G 30% /data/ftp/internal_000 |
|||
dev 161.8M 0 161.8M 0% /dev |
|||
tmp 161.9M 48.0K 161.8M 0% /tmp |
|||
</pre> |
|||
Revision as of 23:03, 16 October 2015
Weight
Bebop 275g bat 1200 117g bat 1600 135g bat 2500 189g hull/carene 24g cache-cam 6g
Links
Officials
ARDroneSDK 3
- http://blog.parrot.com/2014/11/28/ardronesdk3-for-bebop-drone-and-minidrones-has-been-released/
- https://github.com/Parrot-Developers/ARSDKBuildUtils
- https://github.com/Parrot-Developers/Samples
- https://github.com/Parrot-Developers/bybop in python
Community
- http://www.bebopdrone.org/
- http://forum.parrot.com/usa/viewtopic.php?id=29088
- http://bebob.wikia.com/wiki/Bebob_Community_Drone_Hacking_Wiki
Hacks
- https://github.com/matthewlloyd/bebop Code repo disappeared but clones here:
- http://robotika.cz/robots/katarina/en
- https://github.com/hybridgroup/node-bebop control in node.js
Paparazzi
- http://wiki.paparazziuav.org/wiki/Main_Page
- http://wiki.paparazziuav.org/wiki/Bebop
- https://github.com/paparazzi/paparazzi
- https://github.com/paparazzi/paparazzi/tree/master/sw/airborne/boards/bebop
Security
Too easy to crash
http://securityaffairs.co/wordpress/39363/hacking/hacking-parrot-drones.html
telnet 192.168.42.1 ps | grep dragon kill -9 ###
Actually there is even quicker:
telnet 192.168.42.1 kk
WEP?
Apparently possible to setup WEP, or even WPA?
bcmwl addwep 0 1234567890 bcmwl wsec 1
Permanent (! reset wouldn't clean it, maybe flashing from USB?)
vi /sbin/broadcom_setup.sh At the end of the create_access_point Before the print out of success add the two lines: ------------- bcmwl addwep 0 1234567890 bcmwl wsec 1
Problem is that it may impact link quality and anyway it's incompatible with a SkyController...
telnet password
That's the minimum we can do:
telnet 192.168.42.1 # choose a new password passwd # fix bug in /etc/passwd (trailing spaces after /bin/sh) sed -i 's/ *$//' /etc/passwd # redirect root home to /home (where there is already a .bashrc) sed -i 's#/home/root#/home#' /etc/passwd # redirect telnet login to /bin/login sed -i 's/sh -l/login/' /bin/login.sh # reboot /bin/ardrone3_shutdown.sh
Tools
- https://github.com/Zepheus/ardrone3-pcap sniffing protocol
Misc data
ps ax
PID USER TIME COMMAND
1 root 0:02 init
2 root 0:00 [kthreadd]
3 root 0:00 [ksoftirqd/0]
4 root 0:00 [kworker/0:0]
5 root 0:00 [kworker/u:0]
6 root 0:00 [migration/0]
7 root 0:00 [watchdog/0]
8 root 0:00 [migration/1]
9 root 0:00 [kworker/1:0]
10 root 0:00 [ksoftirqd/1]
11 root 0:00 [watchdog/1]
12 root 0:00 [khelper]
13 root 0:00 [kdevtmpfs]
14 root 0:00 [netns]
15 root 0:00 [irq/1-p7mu]
16 root 0:00 [sync_supers]
17 root 0:00 [bdi-default]
18 root 0:00 [kblockd]
19 root 0:00 [khubd]
20 root 0:00 [rpciod]
21 root 0:00 [kworker/0:1]
22 root 0:00 [khungtaskd]
23 root 0:00 [kswapd0]
24 root 0:00 [fsnotify_mark]
25 root 0:00 [nfsiod]
26 root 0:00 [cifsiod]
27 root 0:00 [crypto]
37 root 0:00 [ubi_bgt0d]
38 root 0:00 [ubi_bgt1d]
39 root 0:00 [ubi_bgt2d]
40 root 0:00 [ci_otg]
41 root 0:00 [ci_otg]
42 root 0:00 [f_mtp]
43 root 0:00 [file-storage]
44 root 0:00 [kworker/1:1]
45 root 0:00 [deferwq]
46 root 0:00 [kworker/u:1]
54 root 0:00 [ubifs_bgt1_0]
80 root 0:00 [flush-ubifs_1_0]
103 root 0:00 /usr/bin/gpio_monitor /sys/devices/platform/user_gpio/USER_ON_OFF /bin/onoffbutton
170 root 0:00 [ubifs_bgt0_0]
171 root 0:00 [ubifs_bgt2_1]
172 root 0:00 [ubifs_bgt2_0]
201 root 0:00 udevd --daemon
210 root 0:00 udevd --daemon
211 root 0:00 udevd --daemon
228 root 0:00 [usb-thread]
232 root 0:00 [wl-thread]
342 root 0:00 udhcpd /etc/udhcpd.conf.eth0
351 root 0:00 {rcS} /bin/sh /etc/init.d/rcS
353 root 0:00 /usr/bin/ujubaclient
354 root 0:00 logger -t ujubaclient -p user.info
394 root 0:00 [irq/44-mmc0]
395 root 0:00 [kworker/u:2]
412 root 0:00 [mmcqd/0]
413 root 0:00 [mmcqd/0boot0]
414 root 0:00 [mmcqd/0boot1]
416 root 0:00 [spi1]
456 root 0:00 [jbd2/mmcblk0-8]
457 root 0:00 [ext4-dio-unwrit]
465 root 0:00 [kworker/0:2]
480 root 0:00 syslogd -s 1024 -b 4
493 root 0:00 eRide_aiding /data/ftp/internal_000/gps_data/eRide_data.bin
504 root 0:00 /usr/bin/usb_mode /sys/devices/platform/user_gpio/HOST_MODE_3V3 /sys/devices/platform/user_gpio/USB0_OC
508 root 0:00 {mtp_server.sh} /bin/sh /bin/mtp_server.sh start
519 root 0:00 inetd
524 root 0:00 avahi-daemon: running [WifiFonHotspot.local]
618 root 0:00 {ckcmd_redirect.} /bin/sh /usr/bin/ckcmd_redirect.sh
619 root 0:00 tail -F /var/log/messages
620 root 0:00 /usr/bin/awk -f /usr/bin/ckcmd_redirect.awk
622 root 0:00 /usr/bin/ulogger -t syslog -p I
623 root 0:00 telnetd -l /bin/login.sh
631 root 0:00 ulogcat -v ckcm
664 root 0:00 [flush-ubifs_2_1]
665 root 0:00 [flush-ubifs_0_0]
666 root 0:00 [flush-ubifs_2_0]
667 root 0:00 [flush-179:0]
675 root 0:00 poll_file -w /sys/devices/platform/ci_hdrc.0/udc/ci_hdrc.0/state
684 root 0:00 /usr/bin/bcm-watchdog
687 root 0:00 {DragonStarter.s} /bin/sh - /usr/bin/DragonStarter.sh -out2null
689 root 0:00 macgyverd -f
695 root 0:35 //usr/bin/dragon-prog
703 root 0:00 init
704 root 0:00 init
705 root 0:00 /sbin/klogd -n
pstree
init-+-DragonStarter.s-+-dragon-prog-+-{Behaviour}
| | |-{CKCM SERVER}
| | |-{Mario}
| | |-{MassStorage}
| | |-{NavdataSend}
| | |-{NetworkMonitor}
| | |-{Ntwk msgbox}
| | |-{NtwkDiscConnec}
| | |-2*[{ParrotAL_TIMER}]
| | |-{Photo Capture}
| | |-{Photo Record}
| | |-{Thread leds}
| | |-{Thread ms5607}
| | |-3*[{VideoMain}]
| | |-{colibry}
| | |-2*[{h264_venc}]
| | |-{hal}
| | |-{libgps_thread}
| | |-{thread_dxo}
| | |-{thread_us}
| | |-{thread_videoWi}
| | |-{thread_video_l}
| | |-3*[{v4l2:/dev/vide}]
| | |-{video_fix}
| | `-{video_rec}
| `-macgyverd
|-avahi-daemon
|-bcm-watchdog
|-ckcmd_redirect.-+-awk
| |-tail
| `-ulogger
|-eRide_aiding
|-gpio_monitor
|-inetd
|-2*[init]
|-klogd
|-mtp_server.sh---poll_file
|-rcS-+-logger
| `-ujubaclient-+-{Juba monitor}
| `-{jbd_run}
|-syslogd
|-telnetd
|-udevd---2*[udevd]
|-udhcpd
|-ulogcat
`-usb_mode
mount
rootfs on / type rootfs (rw) proc on /proc type proc (rw,relatime) dev on /dev type devtmpfs (rw,relatime,size=165664k,nr_inodes=41416,mode=755) tmp on /tmp type tmpfs (rw,relatime) sys on /sys type sysfs (rw,relatime) debug on /sys/kernel/debug type debugfs (rw,relatime) devpts on /dev/pts type devpts (rw,relatime,mode=600) none on /dev/cpuctl type cgroup (rw,relatime,cpu) ubi0:factory on /factory type ubifs (rw,relatime) ubi1:system on / type ubifs (rw,relatime) ubi2:data on /data type ubifs (rw,relatime) ubi2:update on /update type ubifs (rw,sync,relatime) /dev/mmcblk0 on /data/ftp/internal_000 type ext4 (rw,noatime,discard,nobarrier,data=writeback) </mount> ==df -h== <pre> Filesystem Size Used Available Use% Mounted on ubi1:system 42.2M 29.4M 10.7M 73% / ubi0:factory 4.8M 100.0K 4.4M 2% /factory ubi2:data 9.0M 96.0K 8.4M 1% /data ubi2:update 28.0M 32.0K 26.5M 0% /update /dev/mmcblk0 7.2G 2.2G 5.0G 30% /data/ftp/internal_000 dev 161.8M 0 161.8M 0% /dev tmp 161.9M 48.0K 161.8M 0% /tmp