Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 22764

DJI FCC

by mr0mr0 - 18 February, 2023 - 05:40 PM
This post is by a banned member (mr0mr0) - Unhide
mr0mr0  
Registered
21
Posts
3
Threads
1 Year of service
#1
DJI FCC is a mod for DJI drones with RC controller.
It enables FCC wifi signal (more powerful)  on devices locked to CE signal.

The app is a single exe and a dll located here:
https://dji-fcc.com/djifcc.zip

password for the zip file is "dji"

It checks license from a server and according to the server response it works or stops

For a valid license, the pass.txt file should have a valid password.
With a wrong one  it says "prohibited" 
I tried with "pass_111111111111111111111112"
if you use pass_111111111111111111111111 (default one) it does not produce the error.

I would really appreciate if anyone can hack this one.

Btw, it is a 2 phase auth:
1. password in pass.txt should be valid
2. password in pass.txt should be an unused one which would be registered with the serial of the device.

Even if hacking phase 1 would be a good start.

Thanks
This post is by a banned member (sikko_site) - Unhide
2
Posts
0
Threads
1 Year of service
#2
yes , this one would be great !
This post is by a banned member (mr0mr0) - Unhide
mr0mr0  
Registered
21
Posts
3
Threads
1 Year of service
#3
any solutions ?
This post is by a banned member (mr0mr0) - Unhide
mr0mr0  
Registered
21
Posts
3
Threads
1 Year of service
#4
nope ?
This post is by a banned member (mr0mr0) - Unhide
mr0mr0  
Registered
21
Posts
3
Threads
1 Year of service
#5
bump again...
This post is by a banned member (mr0mr0) - Unhide
mr0mr0  
Registered
21
Posts
3
Threads
1 Year of service
Bumped #6
(This post was last modified: 23 March, 2023 - 12:00 AM by mr0mr0.)
bumpbidi bump bump

This is a bump
This post is by a banned member (Chaitanya_22) - Unhide
1
Posts
0
Threads
1 Year of service
#7
(18 February, 2023 - 05:40 PM)mr0mr0 Wrote: Show More
DJI FCC is a mod for DJI drones with RC controller.
It enables FCC wifi signal (more powerful)  on devices locked to CE signal.

The app is a single exe and a dll located here:
https://dji-fcc.com/djifcc.zip

password for the zip file is "dji"

It checks license from a server and according to the server response it works or stops

For a valid license, the pass.txt file should have a valid password.
With a wrong one  it says "prohibited" 
I tried with "pass_111111111111111111111112"
if you use pass_111111111111111111111111 (default one) it does not produce the error.

I would really appreciate if anyone can hack this one.

Btw, it is a 2 phase auth:
1. password in pass.txt should be valid
2. password in pass.txt should be an unused one which would be registered with the serial of the device.

Even if hacking phase 1 would be a good start.

Thanks
Bump again Any body got a lead ?? about thiss
This post is by a banned member (ampersandish) - Unhide
1
Posts
0
Threads
#8
(This post was last modified: 28 February, 2024 - 03:40 PM by ampersandish. Edited 2 times in total.)
that zip has since been moved or auth redirected as the dev has likely noticed the anomaly errors in logging as it's spread among forum's. there's likely a lot of use of it in the cantonese market too which is tasky to infil effectively with machine translation
 
Code:
amper@paradox:~$ curl -I https://dji-fcc.com/djifcc.zip
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 28 Feb 2024 04:22:23 GMT
Content-Type: text/html
Content-Length: 524
Last-Modified: Tue, 27 Feb 2024 21:42:56 GMT
Connection: keep-alive
ETag: "65de5760-20c"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Or/sOiX6CPmuW13VqYwjrMtmhUp9KdbAEzeYWeqxtQL+8azPCs3Ldfjs8Y7OYe1NVAnKVMGHYTPznAzTs8cGSA
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=192.168.11.111;Path=/;Max-Age=86400;
Set-Cookie: country=EU;Path=/;Max-Age=86400;
Set-Cookie: city="Hyperloop";Path=/;Max-Age=86400;
Set-Cookie: lander_type=parkweb-reseller;Path=/;Max-Age=86400;
Set-Cookie: traffic_target=reseller;Path=/;Max-Age=86400;
Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400;
Accept-Ranges: bytes

so to reverse the auth server that the exe in that file connects to, i'll need to trace the, likely json string, that is sent to the remote activation srv after capturing the egress data

if you have that zip, forward it to [email protected] and i'll take a look at it

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 2 Guest(s)