The JJRC H68 is a budget-friendly drone with a built-in 720p camera. The code in this repository allows full control of the drone's movement using a joystick and also receives the camera feed (which can be used for image processing). The code was written in Python 3 and tested on Kali Linux 20.02.
To analyze the traffic, I connected my phone to the drone's app and performed a man-in-the-middle attack using airodump-ng along with Wireshark. I discovered that the app uses the UDP protocol to send control commands and the TCP protocol to stream video.
First, update your package list:
sudo apt-get updateThen, install the following dependencies:
- GStreamer
sudo apt-get install gstreamer1.0-tools
sudo apt-get install -y gstreamer1.0-plugins-bad- Pygame
sudo apt-get install python3-pygame- GUI Libraries
sudo apt-get install -y qt5-default libvtk6-dev- Tkinter and other components
sudo apt-get install -y python-dev python-tk pylint python-numpy \
python3-dev python3-tk pylint3 python3-numpy flake8- OpenCV
sudo apt-get install libopencv-dev python3-opencv- Connect to the drone's Wi-Fi network.
- Run the file:
python3 run_me.pyThe code is organized into the following folders:
camera- All camera-related codecontrol- All drone control codegeneral- General-purpose codesniffes- Network traffic captures between the drone and the app
- Intercept wlan0 network:
tcpdump -vv -nn -i wlan0- Check for processes that might interfere with monitoring:
airmon-ng check- Kill conflicting processes:
airmon-ng check kill- Enable monitoring mode:
airmon-ng start wlan0- Intercept network in monitor mode:
tcpdump -vv -nn -i wlan0mon- Set monitor mode to a specific channel:
iwconfig wlan0mon channel 2- View networks detected by the adapter:
airodump-ng wlan0mon- Monitor a specific channel:
airodump-ng -c 2 wlan0mon- Exit monitor mode:
airmon-ng stop wlan0mon- Restart network configurations:
service network-manager restart