Flying FTP Server

-

This is Education Purposes Only

 Before coming to the main topic of this article, I would like to introduce a good source of knowledge in the cybersecurity domain. This source may not be new to most of you as you guys were in the field for a long time. But anyway I will keep a little note on this as im a huge fan of this Tech-Talk. The source is non-other than the "DEFCON conference" YouTube channel. ( As in my inner thoughts I would dying to participate to the actual conference one day😍). 

DEFCON


So writing about DEFCON for the new people, DEFCON is one of the world's prime and most outstanding hacker conventions, held yearly in Las Vegas, Nevada. Simply this is a place where all there Hackers (People with exceptional technical knowledge and out of the box thinking pattern) get together and show off their research works and share knowledge. If you follow the below link, you will find the YouTube channel where you can view the tech talks in most of the conference.

 
I am coming back to the main topic, as I have previously said Im a huge fan of DEFCON. One day I was watching DEFCON episode presented by Michael Robinson. That was subject to the exciting topic of "Knocking my neighbor's kids cruddy drone offline. ". You can find the episode y follow this link

In his speech, he explains the process of how he had penetrated a Drone or, in other words, Unmanned aerial vehicles or Quadcopter. By the end of the first quarter through a simple NMAP scan, he discovers that there is an open FTP connection was hosted in the drone.

Flying FTP Server - DEFCON 23

Flying FTP Server


At this point, this idea pop's into my head and automatically mapped with the research area I have talked on my previous article
.
(If you haven't read the WHID article, I have written, please follow this link to read it (WHID))


In that article, I was talking about the research project of WHID done by Luca Bongiorni.

When I tried his finding, I have noticed that if we do a small modification to the payload, then we can transfer the files via FTP to the FTP server in the same LAN.

FTP - WHID


So Simply what attacker need to do is modify the payload to connect the FTP server that he is going to host using a drone and send the required files to it. So with out having any trace can steal data and retrieve it.

Attack Flow
Attack Flow
This is open for debate and i haven't have drone, Pineapple Wifi scanner to other tech to test the scenario. But i would love if some one can try out and get the relevant results or love to participate if some one invited to do a collaborate project on this topic.





As always if you have any suggestions, comments, improvements tips, please let me know. See you all with another Article on next week.Please follow and share if you like and support.



Comments

Post a Comment

Popular posts from this blog

Understanding AiTM Attacks: How Cybercriminals Hijack Your Online Sessions (And How to Stop Them)

-
Image
Introduction Imagine this: You receive an urgent email claiming your account has been locked. You click the link, log in, and even enter your two-factor authentication (2FA) code. Everything seems fine—until days later, you discover your account has been hacked. What just happened? You’ve fallen victim to an Adversary-in-The-Middle (AiTM) attack, one of the most sophisticated and dangerous phishing techniques today.   What makes AiTM attacks even scarier is their commercialization. Cybercriminals can now buy ready-made AiTM phishing kits on the dark web, turning session hijacking into a booming business. In this article, we’ll break down how AiTM attacks work, share real-world examples, and arm you with actionable tips to protect yourself. What is an AiTM Attack?  An AiTM attack is a type of Man-in-The-Middle (MitM) attack where cybercriminals intercept and manipulate communication between you and a legitimate service. Unlike traditional phishing, AiTM attacks don’t just steal...
Read more

Fortifying Your Digital Realm: Unleashing the Power of Microsoft 365 Defender

-
Image
Microsoft 365 Defender stands out from other cybersecurity solutions in several key ways, making it a compelling choice for organizations looking to bolster their security posture. Let's explore how it differs from other solutions: 1. Integrated Ecosystem: One of the primary differentiators of Microsoft 365 Defender is its integration with the broader Microsoft ecosystem. It seamlessly integrates with other Microsoft 365 products, such as Microsoft 365 and Azure Active Directory, creating a unified security platform. This integration allows for better visibility and correlation of security events across different services, enabling more effective threat detection and response. 2. Native to Microsoft 365 : Unlike many third-party security solutions, Microsoft 365 Defender is native to the Microsoft 365 environment. This native integration provides several advantages, such as easier deployment, streamlined management, and automatic updates. It also means that Microsoft 365 Defender c...
Read more