HITB LAB: Build Your Own Drone Attacking Device


August 25, 2023





This is a two hrs intensive workshop about building a device to attack consumer drones.  It includes the common attack vectors from internal to external and modules on understanding drone signals.

Attack Vectors (common methods for drone hacking)

  • Firmware – modify or obfuscate the firmware
  • Applications – hijacking of the mobile devices or mal-application
  • Radio Frequency – focus on RF connection between the UAS and the operator, the best and most effective to terminate the control of drone

Radio Frequency and Video Transmission

This session will introduce the common signal transmission use for the remote controller and video broadcast in the drone market.

  • Common Frequencies: 433MHz, 915MHz, 2.4GHz & 5.8Ghz
  • Protocols: Lightbridge, OcuSync, ACCESS, ELRS, LoRa
  • Analog and Digital VTX system

Software Defined Radios

Will introduce the concept of the RF signals and how to generate them.

  • SDR device as correspondent with the GNURadio and GQRX.  It can be used as a small jammer for testing and easy to understand the concept.
  • Exercise: Use of SDR devices and GNURadio Companion for the signal generation

Real world attacks / Using your newly created device

Here will illustrate how to build your own the device with step-by-step instructions including a demonstration of using your own-built device against the common small drones in the market. (e.g. Custom/Programmed waypoint drone and DJI drones.). Students will build a portable signal generator to hit the drones (a custom-made FPV drone ball with RF remote controller and video transmission system).

Technical requirements

  • Modern Windows / OS X laptop with admin privileges
  • 20 sets of SDR devices (including Cloned HackRF and signal generators) will be provided for use during this lab

Researcher / Hardware Ninja

Undisclosed Co

Captain Kelvin (a.k.a. Forensics and Hardware Ninja) is an independent security researcher. He is specialist in hardware analysis and digital forensics. He focus on the drone security and forensics researches. He was the first and the only one Asian who leaded a group of white-hat hackers to held an in-depth, hands-on drone and hardware hacking village in BLACK HAT and DEFCON. He was also a frequent speaker and trainer in different top-notch security and forensics conferences including SANS, HTCIA, DFRWS, HITB, SINCON and HITCON.