Difference between revisions of "Parrot Bebop"

From YobiWiki
Jump to navigation Jump to search
Line 246: Line 246:
 
dev 161.8M 0 161.8M 0% /dev
 
dev 161.8M 0 161.8M 0% /dev
 
tmp 161.9M 48.0K 161.8M 0% /tmp
 
tmp 161.9M 48.0K 161.8M 0% /tmp
  +
</pre>
  +
==netstat -ltun==
  +
<pre>
  +
Active Internet connections (only servers)
  +
Proto Recv-Q Send-Q Local Address Foreign Address State
  +
tcp 0 0 127.0.0.1:23059 0.0.0.0:* LISTEN (dragon-prog?)
  +
tcp 0 0 0.0.0.0:51 0.0.0.0:* LISTEN inetd -> ftp /update
  +
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN inetd -> ftp /data/ftp
  +
tcp 0 0 0.0.0.0:44444 0.0.0.0:* LISTEN dragon-prog
  +
tcp 0 0 :::23 :::* LISTEN telnet
  +
udp 0 0 0.0.0.0:5353 0.0.0.0:* mDNS / avahi
  +
udp 0 0 0.0.0.0:67 0.0.0.0:* udhcpd
  +
udp 0 0 :::5353 :::* mDNS / avahi
 
</pre>
 
</pre>

Revision as of 00:05, 17 October 2015

Weight

Bebop            275g
bat 1200         117g
bat 1600         135g
bat 2500         189g
hull/carene       24g
cache-cam          6g

Links

Officials

ARDroneSDK 3

Community

Hacks

Paparazzi

Security

Too easy to crash

http://securityaffairs.co/wordpress/39363/hacking/hacking-parrot-drones.html

telnet 192.168.42.1
ps | grep dragon
kill -9 ###

Actually there is even quicker:

telnet 192.168.42.1
kk

WEP?

Apparently possible to setup WEP, or even WPA?

bcmwl addwep 0 1234567890
bcmwl wsec 1

Permanent (! reset wouldn't clean it, maybe flashing from USB?)

vi /sbin/broadcom_setup.sh
At the end of the create_access_point
Before the print out of success
add the two lines:
-------------
bcmwl addwep 0 1234567890
bcmwl wsec 1

Problem is that it may impact link quality and anyway it's incompatible with a SkyController...

telnet password

That's the minimum we can do:

telnet 192.168.42.1
# choose a new password
passwd
# fix bug in /etc/passwd (trailing spaces after /bin/sh)
sed -i 's/ *$//' /etc/passwd
# redirect root home to /home (where there is already a .bashrc)
sed -i 's#/home/root#/home#' /etc/passwd 
# move shell history
mv /.ash_history /home/
# redirect telnet login to /bin/login
sed -i 's/sh -l/login/' /bin/login.sh
# reboot
/bin/ardrone3_shutdown.sh

Tools

Misc data

ps ax

PID   USER     TIME   COMMAND
    1 root       0:02 init
    2 root       0:00 [kthreadd]
    3 root       0:00 [ksoftirqd/0]
    4 root       0:00 [kworker/0:0]
    5 root       0:00 [kworker/u:0]
    6 root       0:00 [migration/0]
    7 root       0:00 [watchdog/0]
    8 root       0:00 [migration/1]
    9 root       0:00 [kworker/1:0]
   10 root       0:00 [ksoftirqd/1]
   11 root       0:00 [watchdog/1]
   12 root       0:00 [khelper]
   13 root       0:00 [kdevtmpfs]
   14 root       0:00 [netns]
   15 root       0:00 [irq/1-p7mu]
   16 root       0:00 [sync_supers]
   17 root       0:00 [bdi-default]
   18 root       0:00 [kblockd]
   19 root       0:00 [khubd]
   20 root       0:00 [rpciod]
   21 root       0:00 [kworker/0:1]
   22 root       0:00 [khungtaskd]
   23 root       0:00 [kswapd0]
   24 root       0:00 [fsnotify_mark]
   25 root       0:00 [nfsiod]
   26 root       0:00 [cifsiod]
   27 root       0:00 [crypto]
   37 root       0:00 [ubi_bgt0d]
   38 root       0:00 [ubi_bgt1d]
   39 root       0:00 [ubi_bgt2d]
   40 root       0:00 [ci_otg]
   41 root       0:00 [ci_otg]
   42 root       0:00 [f_mtp]
   43 root       0:00 [file-storage]
   44 root       0:00 [kworker/1:1]
   45 root       0:00 [deferwq]
   46 root       0:00 [kworker/u:1]
   54 root       0:00 [ubifs_bgt1_0]
   80 root       0:00 [flush-ubifs_1_0]
  103 root       0:00 /usr/bin/gpio_monitor /sys/devices/platform/user_gpio/USER_ON_OFF /bin/onoffbutton
  170 root       0:00 [ubifs_bgt0_0]
  171 root       0:00 [ubifs_bgt2_1]
  172 root       0:00 [ubifs_bgt2_0]
  201 root       0:00 udevd --daemon
  210 root       0:00 udevd --daemon
  211 root       0:00 udevd --daemon
  228 root       0:00 [usb-thread]
  232 root       0:00 [wl-thread]
  342 root       0:00 udhcpd /etc/udhcpd.conf.eth0
  351 root       0:00 {rcS} /bin/sh /etc/init.d/rcS
  353 root       0:00 /usr/bin/ujubaclient
  354 root       0:00 logger -t ujubaclient -p user.info
  394 root       0:00 [irq/44-mmc0]
  395 root       0:00 [kworker/u:2]
  412 root       0:00 [mmcqd/0]
  413 root       0:00 [mmcqd/0boot0]
  414 root       0:00 [mmcqd/0boot1]
  416 root       0:00 [spi1]
  456 root       0:00 [jbd2/mmcblk0-8]
  457 root       0:00 [ext4-dio-unwrit]
  465 root       0:00 [kworker/0:2]
  480 root       0:00 syslogd -s 1024 -b 4
  493 root       0:00 eRide_aiding /data/ftp/internal_000/gps_data/eRide_data.bin
  504 root       0:00 /usr/bin/usb_mode /sys/devices/platform/user_gpio/HOST_MODE_3V3 /sys/devices/platform/user_gpio/USB0_OC
  508 root       0:00 {mtp_server.sh} /bin/sh /bin/mtp_server.sh start
  519 root       0:00 inetd
  524 root       0:00 avahi-daemon: running [WifiFonHotspot.local]
  618 root       0:00 {ckcmd_redirect.} /bin/sh /usr/bin/ckcmd_redirect.sh
  619 root       0:00 tail -F /var/log/messages
  620 root       0:00 /usr/bin/awk -f /usr/bin/ckcmd_redirect.awk
  622 root       0:00 /usr/bin/ulogger -t syslog -p I
  623 root       0:00 telnetd -l /bin/login.sh
  631 root       0:00 ulogcat -v ckcm
  664 root       0:00 [flush-ubifs_2_1]
  665 root       0:00 [flush-ubifs_0_0]
  666 root       0:00 [flush-ubifs_2_0]
  667 root       0:00 [flush-179:0]
  675 root       0:00 poll_file -w /sys/devices/platform/ci_hdrc.0/udc/ci_hdrc.0/state
  684 root       0:00 /usr/bin/bcm-watchdog
  687 root       0:00 {DragonStarter.s} /bin/sh - /usr/bin/DragonStarter.sh -out2null
  689 root       0:00 macgyverd -f
  695 root       0:35 //usr/bin/dragon-prog
  703 root       0:00 init
  704 root       0:00 init
  705 root       0:00 /sbin/klogd -n

pstree

init-+-DragonStarter.s-+-dragon-prog-+-{Behaviour}
     |                 |             |-{CKCM SERVER}
     |                 |             |-{Mario}
     |                 |             |-{MassStorage}
     |                 |             |-{NavdataSend}
     |                 |             |-{NetworkMonitor}
     |                 |             |-{Ntwk msgbox}
     |                 |             |-{NtwkDiscConnec}
     |                 |             |-2*[{ParrotAL_TIMER}]
     |                 |             |-{Photo Capture}
     |                 |             |-{Photo Record}
     |                 |             |-{Thread leds}
     |                 |             |-{Thread ms5607}
     |                 |             |-3*[{VideoMain}]
     |                 |             |-{colibry}
     |                 |             |-2*[{h264_venc}]
     |                 |             |-{hal}
     |                 |             |-{libgps_thread}
     |                 |             |-{thread_dxo}
     |                 |             |-{thread_us}
     |                 |             |-{thread_videoWi}
     |                 |             |-{thread_video_l}
     |                 |             |-3*[{v4l2:/dev/vide}]
     |                 |             |-{video_fix}
     |                 |             `-{video_rec}
     |                 `-macgyverd
     |-avahi-daemon
     |-bcm-watchdog
     |-ckcmd_redirect.-+-awk
     |                 |-tail
     |                 `-ulogger
     |-eRide_aiding
     |-gpio_monitor
     |-inetd
     |-2*[init]
     |-klogd
     |-mtp_server.sh---poll_file
     |-rcS-+-logger
     |     `-ujubaclient-+-{Juba monitor}
     |                   `-{jbd_run}
     |-syslogd
     |-telnetd
     |-udevd---2*[udevd]
     |-udhcpd
     |-ulogcat
     `-usb_mode

mount

rootfs on / type rootfs (rw)
proc on /proc type proc (rw,relatime)
dev on /dev type devtmpfs (rw,relatime,size=165664k,nr_inodes=41416,mode=755)
tmp on /tmp type tmpfs (rw,relatime)
sys on /sys type sysfs (rw,relatime)
debug on /sys/kernel/debug type debugfs (rw,relatime)
devpts on /dev/pts type devpts (rw,relatime,mode=600)
none on /dev/cpuctl type cgroup (rw,relatime,cpu)

ubi0:factory on /factory type ubifs (rw,relatime)
ubi1:system on / type ubifs (rw,relatime)
ubi2:data on /data type ubifs (rw,relatime)
ubi2:update on /update type ubifs (rw,sync,relatime)

/dev/mmcblk0 on /data/ftp/internal_000 type ext4 (rw,noatime,discard,nobarrier,data=writeback)

df -h

Filesystem                Size      Used Available Use% Mounted on
ubi1:system              42.2M     29.4M     10.7M  73% /
ubi0:factory              4.8M    100.0K      4.4M   2% /factory
ubi2:data                 9.0M     96.0K      8.4M   1% /data
ubi2:update              28.0M     32.0K     26.5M   0% /update
/dev/mmcblk0              7.2G      2.2G      5.0G  30% /data/ftp/internal_000
dev                     161.8M         0    161.8M   0% /dev
tmp                     161.9M     48.0K    161.8M   0% /tmp

netstat -ltun

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       
tcp        0      0 127.0.0.1:23059         0.0.0.0:*               LISTEN     (dragon-prog?)
tcp        0      0 0.0.0.0:51              0.0.0.0:*               LISTEN     inetd -> ftp /update
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN     inetd -> ftp /data/ftp
tcp        0      0 0.0.0.0:44444           0.0.0.0:*               LISTEN     dragon-prog
tcp        0      0 :::23                   :::*                    LISTEN     telnet 
udp        0      0 0.0.0.0:5353            0.0.0.0:*                          mDNS / avahi
udp        0      0 0.0.0.0:67              0.0.0.0:*                          udhcpd 
udp        0      0 :::5353                 :::*                               mDNS / avahi