Analyse sécu de l'application android des drones DJI (PPP, Nice...)... Abusé
-
Vous trouverez les résumés et rapport ici et ici et ici.
En gros, l'appli android des DJI, utilisés par les FDO:
- permet l'execution de code arbitraire via la possible installation d'applications non vérifiées (en gros ils font ce qu'ils veulent)
- leak des tonnes et des tonnes de data sur le telephone/user (non nécessaires au fonctionnement du drone)
"In the worst case, these features can be used to target specific users with malicious updates or applications that could be used to exploit the user's phone. Given the amount of user’s information retrieved from their device, DJI or Weibo would easily be able to identify specific targets of interest. The next step in exploiting these targets would be to suggest a new application (via the Weibo SDK) or update the DJI application with a customized version built specifically to exploit their device. Once their device has been exploited, it could be used to gather additional information from the phone, track the user via the phone’s various sensors, or be used as a springboard to attack other devices on the phone’s WiFi network. This targeting system would allow an attacker to be much stealthier with their exploitation, rather than much noisier techniques, such as exploiting all devices visiting a website."