Companion Computer Detection - nicholasaleks/Damn-Vulnerable-Drone GitHub Wiki
Finding companion computers attached to UAVs that provide additional processing capabilities.
Damn Vulnerable Drone > Attack Scenarios > Reconnaissance > Companion Computer Detection
The companion computer is on the 10.13.0.0/24 network if you are running in non-Wi-Fi mode, and 192.168.13.1 in Wi-Fi mode. Typically, companion computers may have common services such as SSH, RTSP, and maybe even an HTTP server running on them—making them prime targets for hacking into drone systems.
None provided for this scenario.
⚠️ Solution Guide (Non-WiFi Mode)
ip addr showEnsure your network interface shows an IP in the 10.13.0.0/24 range.
Scan the Docker bridge network while excluding the attacker and simulator IPs:
nmap -sn 10.13.0.0/24 --exclude 10.13.0.1,10.13.0.5Scan the known companion computer IP directly to enumerate services:
nmap 10.13.0.3Example output:
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-02 19:00 EDT
Nmap scan report for 10.13.0.3
Host is up (0.000066s latency).
Not shown: 997 closed tcp ports (conn-refused)
PORT STATE SERVICE
22/tcp open ssh
554/tcp open rtsp
3000/tcp open ppp
Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds
⚠️ Solution Guide (WiFi Mode)
Use your credentials obtained from Wifi Analysis & Cracking to join the drone network.
Identify active devices while excluding your own machine:
nmap -sn 192.168.13.0/24 --exclude 192.168.13.10Scan the suspected companion computer IP:
nmap 192.168.13.1Example output:
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-02 19:00 EDT
Nmap scan report for 192.168.13.1
Host is up (0.000066s latency).
Not shown: 997 closed tcp ports (conn-refused)
PORT STATE SERVICE
22/tcp open ssh
554/tcp open rtsp
3000/tcp open ppp
Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds