Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hacking WhatsApp

Hacking WhatsApp

GDG Presentation

Enrique López Mañas

December 22, 2012

More Decks by Enrique López Mañas

Other Decks in Programming


  1. Known bugs/ features Changing status (not solved) Communication without encryption

    (solved) Storage encryption (not solved) Authentication (not solved) Samstag, 22. Dezember 12
  2. Changing status Status can be changed remotely Programmer published a

    Website. WhatsApp block the website Windows tool Samstag, 22. Dezember 12
  3. Communication without encryption Communication was sent in plain text Intercepting

    messages WhatsApp Sniffer for Android, Wireshark... Samstag, 22. Dezember 12
  4. Authentication Authentication against their server Usage of WhatsApp API WhatsApp

    sent „Cease and desist“ to WhatsApp API programmers Samstag, 22. Dezember 12
  5. Storage encryption All conversations stored in SD Card ... even

    if you remove them... ...even the GPS coordinates.... ...using the same key for encryption! Samstag, 22. Dezember 12
  6. WhatsApp Conversation stealer Uses two permissions Library integration Silently background

    service Only for scientific purposes :-) Samstag, 22. Dezember 12