Which brings me to part two, MeshMarauder.
An open source tool demonstrating proof-of-concept exploits against the DEFCON 33 Meshtastic firmware.
MeshMarauder will demostrate:
- Tracking user activity on any mesh regardless of encryption usage
- Hijack all meshtastic user profile metadata
- Change any users public key
- Send messages as any user in channel chats that appear authentic
- MITM direct messages
https://meshmarauder.net
#defcon #meshtastic #meshmarauder #cybersecurity
this is never going to be and was not designed to be a secret spy movie text network anymore than it is an instant messager replacement. the encryption has a ways to go yes but its also come a long way. the benefit of the platform is zero licensing entry with cheap gear. that communities can stand up together and use. or organizers can flash devices between uses and swarm a mesh if needed.
its fun building meshes that can cover a hundred miles but, to function like that you have to drastically shorten the messages. and repeat messages to deal with drops. the encryption overall is fine for what the mesh can do and what the appropriate use cases could be. not great but it’ll do.
this is never going to be and was not designed to be a secret spy movie text network anymore than it is an instant messager replacement. the encryption has a ways to go yes but its also come a long way. the benefit of the platform is zero licensing entry with cheap gear. that communities can stand up together and use. or organizers can flash devices between uses and swarm a mesh if needed.
its fun building meshes that can cover a hundred miles but, to function like that you have to drastically shorten the messages. and repeat messages to deal with drops. the encryption overall is fine for what the mesh can do and what the appropriate use cases could be. not great but it’ll do.