Whatsapp bug: Identity Theft

As reported by the Oversecurity site, in fact, continuanoo problems involving the popular instant messaging platform gratiuita: while it was just solved the knot tied to the storage of the conversations in the clear, a German researcher was able to identify a new weak point, even much more worrying.

In fact, it is possible to break the authentication of users while receiving or sending messages: in other words, a stranger has the opportunity to get hold of a profile WhatsApp sending messages.

Any user intending to send a message or just to check if there are unread messages must authenticate with a password on the server: password which is generated by the software automatically. This keyword, however, can be traced with ease, since it is based on the IMEI code of the MAC address for those who use Android, and sull'IMEI the WiFi for those who use Apple. Let us not dwell on how to discover the password, the true fans of matter take long to discover what calculate the MD5 :)

The user name, instead, is the number of cell, in front with the international prefix without the double zero. If you are using WhatsApp, simply open the browser to authenticate, simply typing in a specific url(HTTPS://r.whatsapp.net/v1/exist.php?CC = $countrycode&in = $phonenumber&udid = $password) by inserting, instead of phonenumber, your phone number, in place of your password and password instead of your own country code countrycode (that is 39 for Italy). Once you enter the string, the browser will create a string that resembles the positive outcome of the state. In other words, has obtained confirmation that the account access has been obtained. Vice versa, in the event that appears to the Fail, means that the password is wrong.
accesso via browser di WhatsAppIf you are wondering if the instructions contained in the article is true.. iSocial.it wanted to verify the reliability of the news, generating the required password, and testing the authentication browser, This is the result: access works.

Using the same technique, you can send messages to other users of the messaging service, or check for messages received. For other, it is even possible to automate the procedure, thanks to a script called WhatsApi which can be found on the circuit GitHub. This script allows you to test the security of the software making it possible to send and receive messages through the computer instead of using a smartphone. Easy to use, WhatsApi, however, requires the installation of Php, or alternatively a distribution Unix Based. Once you have downloaded the script, need to extract the contents, open the file named whatsapp.app in the folder named test and test with the editor to modify the parameters already seen previously (Country code, password and user name).

In the Nickname field, of course, should specify the nickname, while in the Sender field you must enter the phone number preceded by the country code, without the double zero. Once the file is saved, you can start the script, following the instructions directly from the program: we can, then, send new messages and to start to interactive conversations through the various parameters.

 

Let's see what he thinks a strong community of Italian Hacker:

In conclusion WhatsApp is vulnerable, any person may encroaching in a conversation knowing only our IMEI. You can send and receive answers without the recipient being aware of it and even more weighty either the sender (vulnerable user) well that will have thetrace of what happened, In his chat history not only appear but not those messages sent in response.

Applications Android are able to collect and IMEI numbers of mobile, it is not unlikely that some developers are already collecting this information and the Spammers already beginning to offer moneyto obtain user data.

In the worst when they have the IMEI code of two users who commonly write, through the attack Man in the Middle we could intercept their conversations capturing various sensitive information remaining completely unaware.

A possible solution Vulnerability is the introduction of a Cryptographic Salt within the password making it considerably more difficult the cracking of Md5 Hash.”