Packet Sniffing - nicholasaleks/Damn-Vulnerable-Drone GitHub Wiki

Capturing MAVLink packets transmitted over the air to analyze drone communications.

Damn Vulnerable Drone > Attack Scenarios > Reconnaissance > Packet Sniffing

Description

MAVLink packet sniffing involves intercepting the MAVLink messages exchanged between UAVs (Unmanned Aerial Vehicles) and ground control stations or between UAVs in a network.

By analyzing the captured packets, you can gain insights into the drone's operational status, commands being sent or received, and how the system handles various data types.

Resources

⚠️ Solution Guide (Non-WiFi Mode)

Step 1. Install Wireshark

We will be using Wireshark to analyze the real-time MAVLink traffic. This should already be installed with your Kali Linux distribution. If not, you can install it from:

https://www.wireshark.org/download.html

Step 2. Install MAVLink on Kali

Install MAVLink following the official guide:

https://mavlink.io/en/getting_started/installation.html

sudo apt install python3 python3-pip
git clone https://github.com/mavlink/mavlink.git --recursive
cd mavlink
python3 -m pip install -r pymavlink/requirements.txt

Step 3. Build MAVLink Libraries

Generate the MAVLink WLua libraries:

python3 -m pymavlink.tools.mavgen --lang=WLua --wire-protocol=2.0 --output=mavlink_2_common message_definitions/v1.0/ardupilotmega.xml

Step 4. Update Wireshark Plugin

Update the plugin to specify MAVLink UDP ports:

local udp_dissector_table = DissectorTable.get("udp.port")
udp_dissector_table:add(14550, mavlink_proto)
udp_dissector_table:add(14580, mavlink_proto)
udp_dissector_table:add(18570, mavlink_proto)

Step 5. Import Plugin into Wireshark

Copy mavlink_2_common.lua to the Wireshark plugin directory. Possible paths include:

/usr/lib/x86_64-linux-gnu/wireshark
/usr/lib/aarch64-linux-gnu/wireshark
~/.local/lib/wireshark/plugins
~/.wireshark/plugins

Then open Wireshark and go to:
Help β†’ About Wireshark β†’ Plugins to verify it’s loaded.

Step 6. Start Wireshark

Launch Wireshark and select the appropriate interface. You should begin seeing MAVLink packets in real-time.

⚠️ Solution Guide (WiFi Mode)

Step 1. Obtain WEP Password

Use the output of Wireless Analysis & Cracking to obtain the WEP key.

Step 2. Install Wireshark

Follow the same instructions as above.

Step 3. Install MAVLink on Kali

sudo apt install python3 python3-pip
git clone https://github.com/mavlink/mavlink.git --recursive
cd mavlink
python3 -m pip install -r pymavlink/requirements.txt

Step 4. Build MAVLink Libraries

python3 -m pymavlink.tools.mavgen --lang=WLua --wire-protocol=2.0 --output=mavlink_2_common message_definitions/v1.0/ardupilotmega.xml

Step 5. Update Wireshark Plugin

local udp_dissector_table = DissectorTable.get("udp.port")
udp_dissector_table:add(14550, mavlink_proto)
udp_dissector_table:add(14580, mavlink_proto)
udp_dissector_table:add(18570, mavlink_proto)

Step 6. Import Plugin into Wireshark

/usr/lib/x86_64-linux-gnu/wireshark
/usr/lib/aarch64-linux-gnu/wireshark
~/.local/lib/wireshark/plugins
~/.wireshark/plugins

Confirm plugin is listed in
Help β†’ About Wireshark β†’ Plugins.

Step 7. Start Wireshark

Select your connected interface and begin capturing. MAVLink packets will appear in the stream.

Step 8. Apply Decryption Settings

Use the WEP key (1234567890) to decrypt packets:

  1. Open Wireshark
  2. Go to Edit β†’ Preferences
  3. Expand Protocols β†’ Select IEEE 802.11
  4. Click the Decryption Keys tab
  5. Edit Key #1 and enter: 1234567890
  6. Click OK
  7. Begin capturing β€” Wireshark will decrypt packets automatically
⚠️ **GitHub.com Fallback** ⚠️